REDMOND, Wash. — Oct. 23, 2006 — Microsoft Corp. today announced that its Sender ID Framework specification for e-mail authentication is now available under the company’s Open Specification Promise (OSP), an irrevocable promise to every individual in the world that they can make use of the covered Microsoft® technology easily and for free. This is another step forward in the company’s commitment to delivering interoperability by design.
Microsoft is committed to working with the IT industry to help protect users and businesses from the blight of online threats. Sender ID, the leading e-mail authentication protocol, aims to help stop the spread of spam, phishing scams, malware and other online exploits in e-mail by helping address domain spoofing, a tactic used in over 95 percent of all exploits where the name in the “To:” line of the e-mail is forged.* Approved by the Internet Engineering Task Force (IETF) as an experimental Request for Comment (RFC) this past April, Sender ID gives customers greater certainty about the origin of an e-mail message and enables legitimate senders to more clearly distinguish themselves from spammers and online criminals.
After nearly two years of worldwide deployment to more than 600 million users, Sender ID already enjoys broad industry support. The application of the OSP will promote further industry interoperability by making the e-mail authentication framework more clearly available to the entire Internet ecosystem, including customers, partners, Internet service providers, registrars and the developer community, no matter what model they use — commercial, open source or academic.
“Great progress has already been made on e-mail authentication worldwide, with more than 5 million** domain holders adopting Sender ID as a best practice today to help protect brands and counter spam and e-mail exploits,” said Brian Arbogast, corporate vice president of the Windows Live Platform Development Group at Microsoft. “There have been lingering questions from some members of the development community about the licensing terms from Microsoft and how those terms may affect their ability to implement Sender ID. By putting Sender ID under the Open Specification Promise, our goal is to put those questions to rest and advance interoperable efforts for online safety worldwide.”
Helping developers build innovative and interoperable solutions regardless of the development or licensing model, Sender ID is the third area of technology now available under the OSP. Microsoft first announced the availability of an OSP for Web services specifications in September 2006 and extended the OSP to Virtual Hard Disk (VHD) Image Format specifications earlier in October 2006. Industry and business leaders recognize the critical importance and business value of Sender ID, and are supportive of Microsoft’s move to make the OSP applicable to Sender ID:
“E-mail security is critical to safeguarding consumer confidence online,” said Ramesh Lakshmi Ratan, executive vice president and chief operating officer at the Direct Marketing Association (DMA). “It’s important that the entire community adopt interoperable, easy-to-implement and low-cost platforms to encourage broad adoption of tools to combat e-mail spoofing and phishing scams. We commend Microsoft in its effort to foster improved industry cooperation.”
“The ESPC members have long recognized the need for strong spam solutions that help ensure the delivery of legitimate e-mail, and we welcome Microsoft’s announcement today as another positive step for the delivery of safe and authentic e-mails,” said Trevor Hughes, executive director of the Email Sender & Provider Coalition (ESPC).
“As a leading Internet gateway security provider, we are interested in seeing the best anti-spam products get to market to improve trust and confidence in e-mail,” said Patrick Peterson, vice president technology at IronPort Systems Inc. “Moving the Sender ID specification under the OSP is an important move by Microsoft, and we hope it will result in widespread adoption across the industry.”
“Sender authentication technologies like Sender ID are important tools that help ensure e-mail security, and by making Sender ID available under the OSP, Microsoft is addressing the interoperability needs of heterogeneous e-mail infrastructures,” said Eric Allman, chief science officer at Sendmail Inc. “We’re pleased to see this development and believe it’s a positive step in the fight against spoofing, phishing and other categories of unwanted messaging.”
Microsoft continues to work with others in the industry to deliver products that are interoperable by design and provide access to its technologies through such avenues as the open source project for the development of Microsoft Office Open XML and OpenDocument file format translators, technical collaborations with AOL and Yahoo! Inc. for instant messaging interoperability, and the CodePlex community development portal. The OSP continues Microsoft’s commitment to interoperability by helping ensure that partners and competitors alike have the opportunity to build compelling software solutions that interact with Microsoft’s own technologies.
More information about Microsoft’s commitment to interoperability and the list of specifications covered by the OSP today can be found at http://www.microsoft.com/interop/osp. Information about deploying Sender ID, as well as Sender ID resources and third-party solutions, can be found online at http://www.microsoft.com/senderid.
Founded in 1975, Microsoft (Nasdaq “MSFT”) is the worldwide leader in software, services and solutions that help people and businesses realize their full potential.
Note to editors: If you are interested in viewing additional information on Microsoft, please visit the Microsoft Web page at http://www.microsoft.com/presspass on Microsoft’s corporate information pages. Web links, telephone numbers and titles were correct at time of publication, but may since have changed. For additional assistance, journalists and analysts may contact Microsoft’s Rapid Response Team or other appropriate contacts listed at http://www.microsoft.com/presspass/contactpr.mspx.