Faced with criticism over licensing requirements, Microsoft has decided to release the Sender ID Framework under its Open Specification Promise.

This makes a lot of sense. Sender ID has long been the subject of controversy, and since a sizable portion of email servers are already open source, this may just lead to some adoption. We all just want some standards, and regardless of whether Sender ID and SPF are the answer, this is a step in that [right] direction.

A marketing trade group starts requiring its members to use authentication, but Techdirt says its a joke that only leads to more problems.

I don’t have much of an opinion on it either way, as the whole authentication battle seems like a bunch of monkeys in a barrel. But I seem to have been effected by Microsoft’s moves with Sender ID.

I am a Comcast SMTP user, and I can’t get any mail through to Hotmail or MSN addresses anymore. The secure help section at Comcast says they and MS are “working on the issue.” Is this problem a result of Microsoft requiring Sender ID compliance with Hotmail/MSN, or am I missing something big here?

Sender ID has been the subject of controversy for some time. It started with a bunch of promises, and since then Microsoft has attempted to force everyone’s hand.

All the while, its originator, Meng Wong, sitting in the middle.

Email Battles recently interviewed Wong, creator of SPF (the precursor to Sender ID), and it seems he is none too happy about the situation.

I don’t really get this, so I am looking for a little input.

Microsoft is cramming Sender ID down everyone’s throat by making it a requirement for legitimate messages in Hotmail; meanwhile better than 80% of spam already uses some authentication scheme (including, in cases, Sender ID).

Please help me here. What is Microsoft thinking?

The Washington Post produced this story about Meng Wong, the inventor of Sender ID which is well worth a read, particularly for those of you watching the anti-spam goings on over at Microsoft.

Meng Wong originally aligned his technology with Microsoft upon their promise that the it would remain royalty free. It wasn’t long before Microsoft was filing patents. New anti-spam standards still haven’t been agreed on, and everyone has their hand out.

And inboxes everywhere keep filling up with junk.

***UPDATE***

Meanwhile, here is a decent explanation of why Sender ID is not going to stop spam. In summary, Sender ID is an authentication technology - meaning it can check an email address against the originating server’s IP address to see if an email header has been manipulated. Unfortunately, any server (and associated domain) not reporting its information in this way could still be used by spammers. In other words, Sender ID COULD be used to stop spam, but only if every single email server on the planet used it. Hence, Microsoft’s attempt at cramming down everyone’s throat by making it mandatory in Hotmail. Now only Hotmail users won’t get any spam (or any legitimate mail either).

No sooner (or should I say “at the same time”) that Microsoft decides it is going to try cramming its authentication protocol, Sender ID, down everyone’s throat through its Hotmail offering, then the other side of the coin drops.

Ironport, makers of email security appliances, has announced that they have integrated Domain Keys into their offerings. Domain Keys is the competitor to Sender ID being pushed by Yahoo!.

I am anxious to see how this all falls out.

On one hand you have MS dropping any non-Sender ID email into the junk mail folder in their Hotmail offering, which will either force email security companies to adopt the concept, or force Hotmail subscribers to simply go someplace else. If Microsoft pulls the same trick with Office 12 (?) somehow, then every either has a problem or Microsoft wins after all.

On the other hand you have Yahoo!, who has gotten someone to offer their standard, but there is no telling whether or not they will adopt the same tactics Microsoft has. If they don’t force Domain Keys on their email subscribers (and I don’t think they will), I suspect Microsoft is going to wind up with a black eye. Hotmail has no discernable competitive advantage over Yahoo! Mail, and switching costs for users is as simple as a few hours time to notify their address book of the change.

Microsoft has been talking about Sender-ID for some time. Now they are making headlines in pushing the technology into their mainstream applications. But one major publisher cannot tell the whole story (they never do).

Word has it that as of yesterday, Microsoft’s Hotmail service now requires incoming email to be Sender-ID compliant. Some email marketing firms can jump on the bandwagon for their clients, and get emails through Hotmail without much trouble. But what about the little guy?

You can bet that a lot of emails are going to get bounced, or wind up in the junk mail folder. While MIcrosoft might think this is a good move, as floods of people will now move to their camp, many others will not, and the only ones who will suffer are Hotmail users.

On a separate note, Microsoft is set to release an update of its anti-spyware beta software. I wonder if this update will block all functionality of the Google Toolbar?

In Solutions from PC Magazine: The Spam Stoppers, it is suggested that Sender ID actually enables spam.

I am not following, so someone please explain it to me.

Isn’t Sender ID is an authentication mechanism? If the email does not come from who it says it is from (i.e. forged), then the email is processed in an alternative fashion (discarded, flagged, returned, etc.).

So how does that enable spammers. If they can fool sender authentication, then they probably have very sophisticated forging techiques to work with. Sender ID is not aiding and abetting - it just isn’t working.

I am not for or against Sender ID per say, I’m just sitting on the fence. When I understand how originating IP addresses are going to be efficiently validated against domain information (in a logical fashion, considering our increasingly mobile, multi-device world), then maybe I will take a stand.

But what I won’t do is poo poo the idea, just for the sake of it.