Re: Micorsoft's Sender ID Authentication......?

[Daniel Golding <dgolding () burtongroup com>]

Yes, there was lots of teeth gnashing and screams of agony allegedly because
MS refused to license the technology on the terms that folks wanted. MS was
more than willing to let folks have it at no cost, they just weren't willing
to give the naysayer everything they wanted, so everyone went home.

(that is, of course, a biased assessment, but not an unfair one)

I'm not MS's biggest fan, but they are on the side of good, here.

In the mean time, nothing stops MS (and everyone else) from building
Sender-ID into their MTAs. SPF is a standard and Sender-ID utilized SPF
records to perform inbound phishing control based on PRA.

Presumably, SPF and Sender-ID checking on inbound mail would be enabled via
a checkbox of some sort.

I'd also like to see DomainKeys support in Exchange.

Ok, will all those who believe that MS, SPF, Sender-ID and/or DomainKeys are
the work of the devil, please commence flaming.

- Dan

On 6/7/05 1:58 PM, "Fergie (Paul Ferguson)" <fergdawg () netzero net> wrote:

> Wasn't there a lot of turmoil within the IETF last year
> on sender authentication because Microsoft was trying to
> push it's own sender ID authetication mechasnisms as a
> draft standard?
>
> Or maybe I'm confused...
>
> Microsoft Adds Sender ID Anti-Spoofing Protocol To Exchange 2003 SP2
> http://www.techweb.com/wire/security/164301084
>
> - ferg
> --
> "Fergie", a.k.a. Paul Ferguson
>  Engineering Architecture for the Internet
>  fergdawg () netzero net or fergdawg () sbcglobal net
>  ferg's tech blog: http://fergdawg.blogspot.com/