Sender ID e-mail spec submitted to standards body

Microsoft this week announced it has submitted a draft technical specification of the e-mail authentication system Sender ID to the IETF for consideration as an industry-wide standard.

Sender ID combines Microsoft's Caller ID for E-mail (which was submitted to the IETF for consideration in May) with Sender Policy Framework (SPF). SPF, also known as Sender Policy Framework, was authored by Meng Weng Wong, the cofounder and CTO at Pobox.com, a provider of subscription-based e-mail forwarding and mailing list services. Meng submitted SPF to the IETF in February.

Sender ID maintains lists of IP addresses from which sent e-mail can be traced, and if adopted as a standard, could provide a way to close loopholes that allow e-mail senders to spoof or fake the origin of their message. The unified specification, which was the result of discussions between Microsoft and Meng that lasted from January to May, is aimed at simplifying industry adoption of effective e-mail authentication technology, Microsoft said in a statement Wednesday.

The IETF is also considering another mail authentication submission from Yahoo, called DomainKeys. DomainKeys works differently from Sender ID by using encryption to generate a signature based on the e-mail message text that is placed in the message header.

IETF is a large open international community of network designers, operators, vendors and researchers whose work is carried out in working groups that operate mainly through mailing lists. The IETF holds three meetings a year, with the next one scheduled to take place Aug. 1-6 in San Diego.

The push for an e-mail authentication standard has recently been gaining more attention. On Tuesday, the Anti-Spam Technical Alliance's (ASTA), whose members include such high profile e-mail providers as Yahoo, Microsoft, AOL and EarthLink, released its recommendations for stemming the tide of spam, or unsolicited commercial e-mail.

The IDG News Service is a Network World affiliate.