Antispam standard body disbanded

The IETF (Internet Engineering Task Force) has disbanded its antispam working group, Marid (MTA Authorization Records In DNS)...

The IETF (Internet Engineering Task Force) has disbanded its antispam working group, Marid (MTA Authorization Records In DNS) working group, because of an intellectual-property row surrounding Microsoft's Sender ID proposal.

The decision, announced by co-area director Ted Hardie, means the end for the IETF's original plan to back a single standard for authenticating the senders of e-mail messages, a way of stemming the address forgery commonly exploited by junk e-mailers and other scam artists.

Those participating in the effort are to put their various antispam proposals into practice, gathering information that could lead to another IETF standardisation effort. Other options include the creation of a standard by an industry organisation or the co-existence of several standards.

"Concluding a group without it having achieved its goals is never a pleasant prospect, and it is always tempting to believe that just a small amount of additional time and energy will cause consensus to emerge," Hardie said.

"After careful consideration, however, the working group chairs and area advisor have concluded that such energy would be better spent on gathering deployment experience."

Marid was originally created in the expectation that engineers could produce a standard fairly quickly but the IETF did not count on the lack of deployment experience in the real world and intellectual property conflicts.

"Technical discussion of the merits of these mechanisms has not swayed their proponents and what data is available on existing deployments has not made one choice obviously superior," Hardie said.

Opinions finally began to coalesce around Microsoft's Sender ID proposal, a combination of the company's own Caller ID for E-mail and a separate technology called SPF. But many open-source groups criticised Microsoft's licensing terms and the company's vagueness about pending patents that could have given Microsoft a claim on Sender ID technology.

In its current form, critics said, the proposal could have given Microsoft patent control over part of the Internet's basic infrastructure. Shortly after America Online announced it would not be supporting Sender ID, Marid finally rejected the proposal.

"Assessments have been difficult in part because they have been moved out of the realm of pure engineering by the need to evaluate [intellectual property rights] and licensing related to at least one proposal," Hardie said.

With a 4 August milestone long past, and no immediate prospect of achieving it, project leaders decided to disband the working group and instead try to gather real-world data that could help make one of the proposals stand out as the obvious choice.

Hardie asked the editors of the various working group drafts to submit their proposals for Experimental RFC status, to be reviewed by a specially formed directorate. When the directorate is formed it will be publicised on the IETF's website.

Industry pressure is growing for a standardised sender-authentication system, with technologies such as SPF already in use.

In a June report by the US Federal Trade Commission (FTC), the FTC suggested the US government could mandate such a system if it decides to create a national registry of users who have requested not to receive junk e-mail. The US has already created such a registry for blocking advertising phone calls.

Matthew Broersma writes for

Read more on PC hardware