Anti-spam proposals get the nod

An internet standards group approved two "experimental" anti-spam proposals, sidestepping a controversy dividing Microsoft and its email competitors.

The Internet Engineering Steering Group (IESG), a division of the Internet Engineering Task Force (IETF), said it would publish two competing and overlapping sets of documents that define ways of confirming email senders are who they say they are.

The experimental Requests for Comment (RFCs) - Sender Policy Framework (SPF) for Authorizing Use of Domains in E-Mail and Sender ID: Authenticating E-Mail - have been the subject of intense jockeying by AOL, Microsoft and others.

Critics have accused Microsoft of trying to strong-arm the industry into accepting Sender ID. Concerns over Microsoft's Sender ID-related patents have alarmed some involved in setting standards, and last year the IETF let a Sender ID working group expire.

The IESG said in a statement: "While many proposals for domain-based authorisation have been under consideration, no consensus has yet been reached concerning a single technical approach. The IESG does not endorse either of the two mechanisms documented in the experimental RFCs - their publication is intended to encourage further discussion and experimentation in order to gain experience that can be used to write future standards in this space."

Microsoft said that despite the expiration of the Sender ID working group in September, the approval of the experimental RFCs showed that its technology is alive and well in the standards-setting process.

Samantha McManus, business strategy manager for Microsoft's technology care and safety group, said: "We think this is great. We're glad to see Sender ID's experimental status, and we think email authentication is very important for addressing spam and phishing. That said, we definitely have more to do."

Sender ID "embraces and extends" SPF, according to McManus, introducing more complex ways of tracking data about email servers and senders.

Other anti-spam authentication technologies in use include Yahoo!'s DomainKeys, which Cisco recently said it will support.

The IESG said that while email providers have already implemented Sender ID and SPF, an experimental period was key to the standards-setting process.

"Given the importance of the worldwide email and DNS [Domain Name System] systems, it is critical that future standards support their continued stability and smooth operation," the IESG wrote.

Paul Festa writes for CNET News.com