News Stay informed about the latest enterprise technology news and product updates.

Microsoft completes merger of e-mail authentication specs

Details have been hashed out to unify competing technologies to combat e-mail spoofing and phishing. There's just one more stop for the proposed Sender ID specification before it can start protecting inboxes everywhere.

Microsoft said it has completed the convergence of two specifications that are designed to help fight spam. The company has submitted the unified specification to the IETF standards body for consideration as an industry-wide means of e-mail authentication.

The specification, now called Sender ID, is a combination of Microsoft's Caller ID for E-Mail technology and the Sender Policy Framework (SPF) developed by Meng Weng Wong, co-founder and CTO of The technology will be built into Exchange Edge Services, which is due out

For more information

See how Microsoft plans to beef up the SMTP relay for Exchange


Read Microsoft's newest firewall and spam filter plans

sometime in 2005, according to Microsoft.

"Given that the Can Spam Act doesn't seem to have any teeth, any partnership in the industry intent on making standards that we can all use is great," said Lee Benjamin, an independent consultant and chairman of the Boston Area Exchange Server Users Group.

If adopted by the Internet Engineering Task Force (IETF), the specification will provide one way to verify the source of e-mail to help cut down on domain spoofing, and to provide more protection against phishing schemes, according to Microsoft.

Microsoft said the specification will let receiving systems test for spoofing at the SMTP level, as originally proposed in SPF, as well as the message body headers, as originally proposed by Caller ID.

Dig Deeper on Exchange Server setup and troubleshooting

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.