As part of an ongoing initiative to give users access to its technology, Microsoft has added a format for fighting spoof email to a list of specifications that can be used freely for development.
Sender ID, an email specification for detecting when an email address is being spoofed to send spam, can now be used as a basis for new technology by anyone under Microsoft's OSP (Open Specification Promise).
Through OSP, Microsoft promises not to take any patent-enforcement action against those that want to use specifications on a list of web service technologies for which it has patents. Now Sender ID has been added to the list of specifications that are freely available for use, he said.
Sender ID was developed by Microsoft, SendMail and other companies as a type of Caller ID system for emails, so recipients of messages could keep track of where the email originated to ensure they're legitimate and not spam. The Internet Engineering Task Force is currently working on the development of the Sender ID specification, the first draft of which was released in June 2004.
Sender ID allows companies to attach information to an internet domain that tells email recipients what addresses are authorised to send mail from that domain. This allows the system that receives a message whether it is legitimate.
In addition to protecting users against spoofed email, Sender ID also allows message recipients to identify email addresses that send spam and "assign a reputation based on their behaviour", said John Scarrow, general manager of antispam efforts at Microsoft.
This reputation information, as well as information about trustworthy email addresses that protect "good brands" can be factored into email filtering technology, he said.