As part of an ongoing initiative to give users access to its technology, Microsoft Monday added a format for fighting spoof e-mail to a list of specifications that can be used freely for development.
Sender ID, an e-mail specification for detecting when an e-mail address is being spoofed to send spam, can now be used as a basis for new technology by anyone under Microsoft's Open Specification Promise (OSP), said Jason Matusow, senior director of interoperability for Microsoft
Through the OSP, published in September, Microsoft promised it would not take any patent-enforcement action against people that want to use specifications on a list of Web services technologies for which it has patents. Now Sender ID has been added to the list of specifications that are freely available for use, he said.
Microsoft last week opened access to its virtualization technology, the Virtual Hard Disk specification, in the same way.
Sender ID was developed by Microsoft, SendMail and other companies as a type of Caller ID system for e-mail messages, so recipients of messages could keep track of where the e-mail originated to ensure they are legitimate and not spam. The Internet Engineering Task Force is currently working on the development of the Sender ID specification, the first draft of which was released in June 2004.
Sender ID allows companies to attach information to an Internet domain that tells e-mail recipients what addresses are authorized to send mail from that domain. This allows the system that receives a message whether it is legitimate.
In addition to protecting users against spoofed e-mail, Sender ID also allows message recipients to identify e-mail addresses that send spam and "assign a reputation based on their behavior," said John Scarrow, general manager of antispam efforts at Microsoft.
This reputation information, as well as information about trustworthy e-mail addresses that protect "good brands" can be factored into e-mail filtering technology, he said.