Slashdot Mirror
Hotmail To Junk Non-Sender-ID Mail
William Robinson writes "If your e-mail does not have a Sender ID, Microsoft wants to junk your message. Somewhere after November, MSN and Hotmail will consider it as spam. Sender ID is a specification for verifying the authenticity of e-mail by ensuring the validity of the server from which the e-mail came. Some experts feel that 'Sender ID' is not an accepted standard and has many shortcomings. Some also feel that Microsoft is trying to strong-arm the industry into the adoption of an incomplete and not accepted standard."
2. Microsoft fights SPAM. Slashdot equally outraged.
Conclusion: Microsoft is always evil no matter what they do.
Nope, Microsoft isn't fighting SPAM - if they were they'd be cooperating with the "rest of the Internet", instead of promoting their own proprietary scheme - SenderID - that's so un-open as to provoke this comment from the Apache Software Foundation:
Various other disparate organisations have raised similar concerns, eventually resulting in the IETF ditching Microsoft's proposal.
Microsoft, at least in this case, weren't interested in a working solution; they were interested in a Microsoft-friendly, FLOSS-hostile solution. Which is daft, given the open-source nature of most Internet technologies.
This is where the serious fun begins.
Nope, you were clear. Unfortunately, what is also clear is that MS doesn't have our collective environment at heart.
They tried to get a standard in place that could not be implemented with open source. There's restrictive liscensing and I think a patent as well. This is a move to benefit their Server bussiness to the detriment of Open Source Mail servers everywhere.
Since they wouldn't drop the resreictions against open source, the initiative was refused. So now they are going to use their marketing muscle to force it down our throughts as a defacto standard anyways.
Microsofts gesture could be characterized more as a middle finger than an olive branch.
GMail will integrate with a fat client over POP3. Check here: http://mail.google.com/support/bin/answer.py?answe r=12103&topic=194
/. zen: Imagine a Beowulf cluster of Beowulf clusters...
In this case, you have your employee connect to your mail server over ssl, usually port 589. Require SMTP auth. Require SSL
Been there, done that. I had to drop this because 90% of my employees use Outlook 2002. And SSL support is broken in Office XP. You need to install office service pack 3 or 4 to actually have it working. That of course is a 20+ MB download, which requires you to have a Office CD on you. My users usually have laptops, and they work in the field where they often only have dialup access. And we don't give them Office CD's - laptops get serviced in the office.
Needless to say, once we switched SSL on no one could send out emails anymore, we had to send every single person a copy of Office XP cd, and istruct them how to do the upgrade.
And that's just the tip of the icebearg. Most of my users use Norton Antivirus which by default scans outgoing emails. It does it by proxying them. So if you have outgoing email scanning enabled, you won't be able to send emails with Outlook with SSL enabled - it's as simple as that.
Consequently, we decided to drop the whole SSL idea. It was just to much hassle for our technologically challanged employees.
I'm teminally incoherent
While both SPF and SenderID break on many forwarded emails, SenderID breaks on many mailing lists also. Moreover, one of the most promising solutions to the SPF forwarding problem (a specialized DNS server, as outlined in section 9.3.1.2 in the SPF spec) breaks when SenderID uses it.
So, SenderID is a patented system that is incompatible with many of the F/OSS mail servers that currently dominate the internet, it doesn't work as well as other technologies, it damages the use of SPF, and outside of MS, it is being used by almost no one.
If this was just a matter of hotmail and MSN hurting themselves, then I wouldn't have any problems with it. However, this appears to be a case of Microsoft working hard to hurt the entire internet email environment.
SPF support for most open source mail servers can be found at libspf2.
Hotmail people will have to check their spam folder so regularly for for things that aren't actually spam that Sender-ID will just annoy them so much that they'll abandon Hotmail.
That's not how SenderID works. The emails that fail validation will be refused. They will not be forwarded to a user's spam folder.
Microsoft can push SenderId all that they want. All that they will accomplish is excluding their domains from useful communication. This will be rolled back in under 60 days, if it is implemented at all.
I can't think of any companies that are going to make considerable modifications to their email systems just to please Microsoft (or any other for that matter). Furthermore, the use of SenderId/SPF breaks some email delivery features (such as forwarding).
I think that it's great that a company like pobox.com is financing the implemntation of SPF on the OSS side, but I don't expect a wide-spread adoption given the administration costs. Also, I feel compelled to ask, is Microsoft truly doing this to combat spam or do they want to force people to upgrade to Exchange 2006? And SenderId itself will never become a standard protocol as long as M$ owns it. There is too much concern that they would try to lock out OSS from implementing a protocol that they own the rights to.
It's a valid cause but the implementation is flawed and doomed for failure.
Ryosen
One man's "Troll, +1" is another man's "Insightful, +1".