Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

AOL Will Not Support Sender-ID

CowboyNeal posted more than 9 years ago | from the yet-another-one dept.

America Online 269

DominoTree writes "America Online said Thursday that it will not support the Microsoft-backed antispam technology called Sender-ID. The online giant cited 'lackluster' industry support and compatibility issues with the anti-spam technology SPF that AOL supports."

cancel ×

269 comments

penis (-1, Offtopic)

Anonymous Coward | more than 9 years ago | (#10274055)

you cocksucker!

AOL gets it? (1, Funny)

Anonymous Coward | more than 9 years ago | (#10274058)

For once...

Re:AOL gets it? (-1, Troll)

numbski (515011) | more than 9 years ago | (#10274151)

Refreshing change.

I mean, really.

In soviet russia, AOL gets you!

*ducks*

Re:AOL gets it? (1, Funny)

nacturation (646836) | more than 9 years ago | (#10274296)

I thought it was: In Soviet trailer parks, you get AOL.

wrong wrong wrong (-1, Troll)

numbski (515011) | more than 9 years ago | (#10274182)

In soviet russia it*** gets AOL.

*** It being any magazine, computer, coaster, box set, etc that can possible have the software bundled with it.

You fail it! (-1, Troll)

numbski (515011) | more than 9 years ago | (#10274191)

AOL gets it all right....in japan!

CowboyNeal gets it? (-1, Troll)

numbski (515011) | more than 9 years ago | (#10274204)

  • All day long
  • All night long
  • All day and all night long
  • Only the money shot
  • CowboyNeal gets that special Rosy Palmer lovin'

Re:CowboyNeal gets it? (-1, Offtopic)

Anonymous Coward | more than 9 years ago | (#10274275)

Are you OK? You've replied to my post four times in a row. Go outside. Perhaps that nice yellow orb we call the sun is overhead.

But really... (-1, Troll)

Three Headed Man (765841) | more than 9 years ago | (#10274060)

Who uses AOL to make this worth it? I wouldn't mind seeing AOL be a spam magnet. Why? I don't use it, morons do. If you won't get a decent ISP or email, I think you bring spam upon yourself.

I am intolerant of people who support restrictive technologies, because they'll aid the lazy.

SFP will not prevent AOL from getting spam. (4, Interesting)

nlinecomputers (602059) | more than 9 years ago | (#10274196)

SPF marks email so that when you get an email that claims it is FROM an AOL member you can tell if it really does or not. It will not prevent AOL from getting Spam but it will prevent you from getting it from AOL or disguised as coming from AOL.

And this doesn't prevent Spam. It prevents job jobs. If a spammer is willing to ID the domain his mail comes from and not spoof he can Spam you all he wants. Course with a legitimate domain name/IP# you can blacklist him too.

Your customer uses AOL (4, Interesting)

bill_mcgonigle (4333) | more than 9 years ago | (#10274327)

Who uses AOL to make this worth it? I wouldn't mind seeing AOL be a spam magnet. Why? I don't use it, morons do. If you won't get a decent ISP or email, I think you bring spam upon yourself.

Lots of those 'morons' are customers so people need to send mail to AOL.

Reading between the lines it's only a matter of time before AOL stops accepting mail from domains that don't publish SPF records. They already reject mail if your reverse DNS doesn't resolve. They're publishing their own too:
host -t txt aol.com
aol.com text "v=spf1 ip4:152.163.225.0/24 ip4:205.188.139.0/24 ip4:205.188.144.0/24 ip4:205.188.156.0/23 ip4:205.188.159.0/24 ip4:64.12.136.0/23 ip4:64.12.138.0/24 ptr:mx.aol.com ?all"
Good for them.

Who Cares (0)

The Islamic Fundamen (728413) | more than 9 years ago | (#10274061)

Honestly, who ever uses AOL should have there geek liscence removed.

AOL does something we like? (5, Funny)

Anonymous Coward | more than 9 years ago | (#10274062)

I'm confused.

Hardly, its business related (1, Insightful)

MMaestro (585010) | more than 9 years ago | (#10274209)

The online giant cited 'lackluster' industry support and compatibility issues with the anti-spam technology SPF that AOL supports."

In this case I'd say the decision was made from the business perspective. AOL could either fall in line and attempt to break away and make billions off their own patent if it succeeds. This so-called 'lackluster' support is probably nothing more than excuse from AOL to prop up their own versions.

first post (-1, Troll)

Anonymous Coward | more than 9 years ago | (#10274065)

snoochie boochies

Fuck AOL

and

fuck

U!

Re:first post (-1)

Anonymous Coward | more than 9 years ago | (#10274258)

Jawohl!

KILL THEM.... (-1, Offtopic)

Anonymous Coward | more than 9 years ago | (#10274066)

...until they DIE from IT!!!!!!!!!!!

ah, props to AOL for once! (4, Funny)

Chuck Bucket (142633) | more than 9 years ago | (#10274068)

It seems this is (almost) universally being voted down, it's time to give up and not implement this. There must be a better way to solve this, and I'm not surprised MS came up with this one!

CB--->

Re:ah, props to AOL for once! (5, Insightful)

over_exposed (623791) | more than 9 years ago | (#10274119)

There is always a better way to solve problems like this, but do you really think MS is going to back down? It'll get implemented just like every other bad idea they've ever had (ie. WinME) and then no one will like it or everyone will complain or (more likely) no one will use it and whatever userbase it does have gets nailed with security holes etc.

It's all about the all mighty buck. If they think this concept will make them more money than it cost to research and implement, you can bet your arse they'll implement it. They really don't care about interoperability either. They could care less if no one outside of the msn.com and hotmail.com domains can use it (or care to). That's one helluva userbase right there. Plus, they can just spout it off as another "Security" or "anti-spam" feature to get people to pay for hotmail premium accounts.

Re:ah, props to AOL for once! (5, Insightful)

Alien Being (18488) | more than 9 years ago | (#10274255)

"but do you really think MS is going to back down?"

They thought they could ignore the Internet and TCP/IP, but eventually they realized that some things are even bigger than they are.

Re:ah, props to AOL for once! (-1, Offtopic)

dtfinch (661405) | more than 9 years ago | (#10274121)

So how close are you to that free ipod?

Re:ah, props to AOL for once! (1, Funny)

Feztaa (633745) | more than 9 years ago | (#10274252)

Considering that you paid for a slashdot account, it's not surprising that you're sceptical about getting a free ipod.

Re:ah, props to AOL for once! (5, Funny)

SpeedyG5 (762403) | more than 9 years ago | (#10274444)

Maybe they could commission Apple to come up with an anti-spam idea. Once its nearly a standard, then MS could usurp it as their own, then it will be a great idea that MS came up with.

Hmm, not too fond of Redmond? (5, Interesting)

chrispyman (710460) | more than 9 years ago | (#10274072)

I find it quite amusing on how AOL is sometimes caught sleeping with Microsoft (like IE in AOL) yet other times it pretty much pretends like they want nothing to do with them. You'd think that AOL is big enough to where they can honestly tell Microsoft to "Shove It" without any big consequences.

Re:Hmm, not too fond of Redmond? (4, Interesting)

Three Headed Man (765841) | more than 9 years ago | (#10274108)

They really can't. They're just rejecting one technology. If they were to integrate Mozilla into AOL 10, then I'd start to agree with you more.

Re:Hmm, not too fond of Redmond? (2, Insightful)

mrchaotica (681592) | more than 9 years ago | (#10274188)

Speaking of which, I don't get it. AOL owns Netscape, what possible reason could they have not to use their own product and use a competitor's instead?! It makes absolutely no sense!

Also, what does AOL for Mac OS use?

Re:Hmm, not too fond of Redmond? (4, Insightful)

Atrax (249401) | more than 9 years ago | (#10274211)

> Speaking of which, I don't get it. AOL owns Netscape, what possible reason could they have not to use their own product and use a competitor's instead?! It makes absolutely no sense!

If they use IE, they get an icon on every OEM windows install. that's a LOT of new customers.

Re:Hmm, not too fond of Redmond? (4, Interesting)

dozer (30790) | more than 9 years ago | (#10274232)

Too bad it appears under the icon for MSN...

MSN is tied into the OS in a bunch of other places too ("You're running Outlook for the first time! Would you like to set up a free MSN account?").

Making deals with Microsoft is hard.

Pull Your Head Out Of Your ASS (1, Troll)

Saeed al-Sahaf (665390) | more than 9 years ago | (#10274402)

If they use IE, they get an icon on every OEM windows install. that's a LOT of new customers.

Is it REALLY a lot of new customers these days? What with all those free coasters and all, I really don't think the desktop icon means that much. There must be something else.

Like browser mods and and the fact that as we all know, (at least if you know ANYTHING about Windows API and Windows app development), all things in Windows including the browser and the file navigator, they are all "windows". Even Outlook is a "window". If AOL wants to integrate into Windows (which 99% or more of ALL AOL customers use) seamlessly, they HAVE to use IE.

Re:Hmm, not too fond of Redmond? (4, Informative)

idiotnot (302133) | more than 9 years ago | (#10274267)

AOL for OSX uses a gecko-based thing, as does (or did for awhile) the Win32 Compuserve client.

IE on OSX is pretty much dead.

Never been a mac fan.. but.. (5, Insightful)

cbreaker (561297) | more than 9 years ago | (#10274374)

I've never been a Mac fan, and I'll probably never buy one, but since it's a completely different non-windows OS, and runs different core software like browsers - it's good for the whole.

The more people that use Macs, the more people that will be browsing web sites without IE, and the more websites that won't rely on IE-only functionality.

Truthfully though, it hasn't been a problem running Mozilla for 98% of the sites I visit. And I don't only visit sites like Slashdot - I go to a lot of sites that the masses visit as well. No browser string faking, no activeX plug-ins. Just straight Mozilla, and it works great.

All we need to do is chisel down those last 2% and we'll be living large.

With all the visible security problems in Windows and IE these days - more and more people are getting sick and tired of it. Some people are seeking alternative Browsers, more every day. It's not the obscure security bugs that people care about or even know about it's the ones that allow spyware to be installed causing them to have to call friends, family, support people and generally have a terrible time using their computers.

So.. GO MACS! And.. GO IE BUGS!

Re:Never been a mac fan.. but.. (1)

mrchaotica (681592) | more than 9 years ago | (#10274422)

The only site I've had trouble with in recent memory was a class website that had imbedded powerpoint (and of course the class itself used Windows-only CAD software [SolidEdge], so it sucked all around). But no sites on the actual Internet have had that problem recently.

Re:Hmm, not too fond of Redmond? (2, Insightful)

berzerke (319205) | more than 9 years ago | (#10274355)

...AOL owns Netscape, what possible reason could they have not to use their own product and use a competitor's instead?!...

Perhaps the $750 million payoff [userfriendly.org] had something to do with it.

Re:Hmm, not too fond of Redmond? (0)

fafalone (633739) | more than 9 years ago | (#10274433)

Maybe they actually had a reasonable person who spoke up and pointed out that Microsoft code on major email system was a really, really bad idea. It would only be a matter of weeks before someone found a buffer to overflow, take control of the mail server, then spread to more computers than ever possible with normal propagation.

Re:Hmm, not too fond of Redmond? (5, Insightful)

finkployd (12902) | more than 9 years ago | (#10274131)

Without consequences? Microsoft has shown time and time again that they are not above intentionally crippling or outright breaking third party apps in running under their OS simply because they don't like the company or are competing with them.

This isn't tin foil hat stuff, this is computer industry history (Lotus, DR DOS, etc) I'm sure AOL knows it. They will never piss off MS too much.

Finkployd

Re:Hmm, not too fond of Redmond? (1, Funny)

christopherfinke (608750) | more than 9 years ago | (#10274137)

I find it quite amusing on how AOL is sometimes caught sleeping with Microsoft (like IE in AOL) yet other times it pretty much pretends like they want nothing to do with them.
Me too!!!

Re:Hmm, not too fond of Redmond? (1, Funny)

EmperorKagato (689705) | more than 9 years ago | (#10274452)

If that is the case, my EX is AOL and I'm Microsoft.

Spam day (-1, Flamebait)

cujo_1111 (627504) | more than 9 years ago | (#10274073)

Must be Spam day on /. today...

Mmmmm... Spam-burger...

Re:Spam day (-1)

Anonymous Coward | more than 9 years ago | (#10274265)

Make fun of Bill Gates. Make fun of Microsoft. Make fun of Windows. Repeat as necessary.

You forgot AOL.

Re:Spam day (0, Troll)

cujo_1111 (627504) | more than 9 years ago | (#10274294)

You don't need to make fun of AOL, they do it to themselves...

Plus AOL users take it personally and I don't want a crazed redneck chasing me with a shotgun.

This becomes a digital divide issue... (3, Funny)

Osrin (599427) | more than 9 years ago | (#10274077)

With this single decision AOL will disenfranchise a whole underclass of society.

Kindly elaborate (-1, Flamebait)

Anonymous Coward | more than 9 years ago | (#10274134)

'cause i think you're full of shit

Re:link in sig (1)

YetAnotherDave (159442) | more than 9 years ago | (#10274332)

ROFL!!!

the first whiny co-worker tomorrow gets that link set as their homepage :)

Patents have to be clear and public (-1, Redundant)

Anonymous Coward | more than 9 years ago | (#10274082)

This is a diplomactic negotiation.

It's not over for Microsoft's efforts...though it's very close to being over. The important section that points this out -- with highlighted text -- is below;

  1. 3) On the issue of ignoring patent claims, the working group has at least rough consensus that the patent claims should not be ignored. Additionally, there is at least rough consensus that the participants of the working group cannot accurately describe the specific claims of the patent application. This stems from the fact that the patent application is not publicly available. Given this, it is the opinion of the co-chairs that MARID should not undertake work on alternate algorithms reasonably thought to be covered by the patent application. We do feel that future changes regarding the patent claim or its associated license could significantly change the consensus of the working group, and at such a time it would be appropriate to consider new work of this type.

They aren't saying that the Microsoft patent (or any patent) is bad...they are saying that it can't be publically reviewed or is not clear enough to make a decision.

This does give Microsoft some wiggle room if they want to 'clarify' what they mean...and in the course of that, possibly elminate the problems they originally introduced.

Microsoft has a choice to either correct the mistakes (by 'clarifying' them) or what they contributed with patent encumberences will not be accepted.

Swiped my post! "Patents have to be clear and pub. (5, Informative)

Spoing (152917) | more than 9 years ago | (#10274141)

Hmmm...looks familiar... [slashdot.org]

Well, I'm glad that people like it the second time around. Would be good if I got credit up front!

Re:Swiped my post! "Patents have to be clear and p (4, Informative)

Spoing (152917) | more than 9 years ago | (#10274160)

Redundant????

IT was MY POST that was STOLEN! [slashdot.org]

Re:Swiped my post! "Patents have to be clear and p (-1, Flamebait)

Barnoid (263111) | more than 9 years ago | (#10274418)

yeah, yeah, your right. It is your post.
Now stop whining.

Re:Patents have to be clear and public (3, Interesting)

miley (782806) | more than 9 years ago | (#10274404)

IETF really screwed themselves with this post. The patents were posted today by the patent office. http://www.imc.org/ietf-mxcomp/mail-archive/msg048 44.html and http://appft1.uspto.gov/netahtml/PTO/search-bool.h tml and type 684020 for Application Serial Number in field1. Now the IETF engineers have to pretend they are patent lawyers. Of course they couldn't have said that they were rejecting it because people didn't like the license -- the license does all the things that the IETF requires.

Sender ID Framework info (5, Informative)

ScArE2100 (663201) | more than 9 years ago | (#10274087)

Sender ID Framework [microsoft.com]

What? (4, Interesting)

dtfinch (661405) | more than 9 years ago | (#10274090)

I thought AOL loved blackholing everyone's email from the outside. It already happens over half the time that I reply to an email tech support request from an AOL member. They say I'm not in their address book, so I can't respond despite them having contacted me first.

Re:What? (4, Insightful)

LoadWB (592248) | more than 9 years ago | (#10274394)

Any time I get a C/R when replying to an email which solicited me in the first place, be it support or otherwise, I immediately delete the email and consider the case closed.

It comes down to knowing the system which you are using. If someone uses a C/R anti-spam system and cannot even be bother to use it correctly, then that person gets nothing in return. I am not spending my time chasing these people down. If and when said person calls, I just explain that I was not able to respond, and he or she needs to contact the ISP to determine the problem.

You cannot always blame these people, either. There are a number of cases where people refuse to become informed -- they just think it should work with no expendature of effort. But in many cases it is the fault of the ISP which provides whiz-bang services and not a drop of intelligent support, information, guidance, or some combination thereof.

I have read many times over that C/R systems are broken, brain-dead, and a Band-Aid approach to the problem. The more I encounter these systems and the people using them, the more I agree.

as a sys admin (5, Insightful)

Exter-C (310390) | more than 9 years ago | (#10274093)

As a sys admin for a large hosting provider aols anti spam policy has been great at reducing the amount of crap email being sent through thier servers. Over the years its dropped a massive amount so anything that AOL does to fight spam is a bonus to the world as they are such a large part of the "internet".

Unfortunatly there are thousands of ISPs that dont take SPAM as seriously as what AOL does. Realistically this is something that doesnt come as a suprise to many people that have been following the anti-spam developments closly. You cant blame AOL for having a service that is computer illiterate friendly despite your own experiences.

Everyone has the freedom to choose thier provider. Personally Im never going to use them.. but hey the option is there if you ever do want it. and if you do sign up you can live with less spam ;)

Re:as a sys admin (4, Interesting)

Anonymous Coward | more than 9 years ago | (#10274286)

Speaking as a sys admin myself, I've been on the flip side. They can be real bitches when you get tagged as a spammer by their system.

It took me about a month to get myself straight after I'd been blacklisted. They also "removed" the blacklist, and said it was IP-based, but intermittent errors would pop up for weeks afterwards. joeluser@myhost could send to AOL, but janeluser@myhost could not.

BTW, google for "Jason Smathers" if you want to see how effective they've been.

Re:as a sys admin (2, Interesting)

Exter-C (310390) | more than 9 years ago | (#10274303)

Ive been on both sides of the issue as well. We changed the names and IPs of our servers. It was the only fast way around it at that time.

Its not always AOL as a company or as sys admins as its also the users hitting the "this is spam" button... even when its clearly not.

Re:as a sys admin (3, Informative)

LoadWB (592248) | more than 9 years ago | (#10274411)

postmaster.aol.com offers the "feedback loop" which will inform you of any reports of spam from your system. I have never had the chance to benefit from this, so I cannot personally comment on its usefulness. However, this is supposedly a pro-active way to ensure that such problems do not affect you.

Admitedly, I am normally not a big fan of such systems... why should I have to take the time to inform an ISP of my existence, intent to send email, etc., right? Well, in this case it makes sense since they are 1) giving me the benefit of the doubt at first, and 2) giving me a way to make sure that doubt never enters into our relationship. Quite useful, I think.

As an admin myself, I believe this is a useful tool to help find problems in your userbase before they become bigger problems.

Looks like it was a domino effect... (4, Interesting)

Chuck Bucket (142633) | more than 9 years ago | (#10274096)

From reasons of lack of support and lack of backward compatibility. Wow, AOL was (is?) paying attention:

"The online giant cited "lackluster" industry support and compatibility issues with the antispam technology SPF, or Sender Policy Framework, that AOL supports.

AOL's moves come days after the Internet Engineering Task Force standards body voted down the Sender ID proposal. The IETF said Microsoft's decision to keep secret a patent proposal for the technology was unacceptable. Open-source groups also pulled their support of Sender ID, claiming its licensing restrictions were too strict. AOL agreed with the IETF fallout and added its own reasoning.

"AOL has serious technical concerns that Sender ID appears not to be fully, backwardly-compatible with the original SPF specification--a result of recent changes to the protocol and a wholesale change from what was first envisioned in the original Sender ID plan," AOL spokesman Nicholas Graham wrote in an e-mail."

CB_===__-8a90fuds76

Good (5, Informative)

afidel (530433) | more than 9 years ago | (#10274098)

SPF is just as effective as Sender-ID for the general internet and is MUCH easier to implement. I am a consultant for quite a few small non-profits and so far I haven't charged any of them for setting up SPF records since it's generally a 2 minute process to create the record (at the most), and an email or a 2 minute phone call to their DNS provider. Sender-ID would force me to do some actual work which would in turn cost my customers money.

SPF issues (2, Insightful)

markv242 (622209) | more than 9 years ago | (#10274125)

Okay, so setting up SPF records aside, have you actually modified their mail servers to do anything with incoming SPF data? As someone who hosts a few domains on a box, I'm very very hesitant to modify Mimedefang to drop messages that fail SPF, because a few people have .forward files on other boxes that point at me. Has anyone solved the .forward problem with SPF yet?

Re:SPF issues (2, Informative)

afidel (530433) | more than 9 years ago | (#10274167)

Well if they controll the DNS for the origional sending domain it is extremely easy to allow the forwarding server to be authenticated for the origional domain. If not then they are doing something which due to spammers is unfortunatly no longer acceptable to most users. As far as changing recieving behavior, no. But I expect that tools like I Hate Spam and Barricuda which many of my clients use will soon support SPF. The best way to use SPF is to just give messages without an SPF record a high starting score on your spam scoring. The main reason I have setup SPF for my clients is that AOL and Yahoo will probably start dropping all email without a valid SPF record soon.

A little OT... (1)

Veridium (752431) | more than 9 years ago | (#10274192)

This is a little OT... I'd actually like to hear a proponent of SPF deal with the complaints made about it here. [tesco.net]

I myself have no opinion. I haven't admined a mail server in over 2 years and I am woefully not up on this subject.

Re:A little OT... (4, Informative)

afidel (530433) | more than 9 years ago | (#10274230)

His first major premise is pure BS.

Ironically: SPF is also a good counter to one objection to IM2000 Internet mail, namely that it involves changing the structure of the mail system. If people sending mail and mail hosting companies are clearly willing to accept the massive structural changes that SPF will entail, they will be willing to accept the smaller structural changes that IM2000 Internet mail will entail.

For the VAST majority of sites there is NO structural change to the way they do email. For small companies (those most likely to have problems implmenting a new system) SPF is as simple as entering "v=spf1 mx -all" in a TXT record for their domain, that's IT! Even for a mid sized companie with multiple divisions with a couple mail servers and a couple domains implementing SPF was a 10 minute endevor, hell getting proper reverse DNS setup usually takes me several times that long due to the necessity of beating it into yet another ISP's head that yes the customer should get a valid reverse DNS entry and reverse DNS is MUCH less usefull for fighting spam and viruses.

FYI - Sender ID Framework from MS (-1, Redundant)

Chuck Bucket (142633) | more than 9 years ago | (#10274111)

Sender ID Framework [microsoft.com] - it looks like it's all for naught, unless they want to go a less open, proprietary way...do you think they might? ;0)

CB^%&%*^078------>>

Gates: "Oh they will, they WILL! Muaallllla hahah" (0)

Anonymous Coward | more than 9 years ago | (#10274123)

Especially when I bundle it with Longhorn/IE and no one can recieve a email from a AOL person without it.

Mualllllaaa!!!!! I win!!!!

Gates

From the article... (2, Informative)

Ayanami Rei (621112) | more than 9 years ago | (#10274169)


Graham added that while AOL will not check Sender ID for inbound messages, it will still publish records for outbound e-mail.

Good. Why is this surprising? (4, Insightful)

Ayanami Rei (621112) | more than 9 years ago | (#10274158)

Publishing SPF records does exactly what AOL needs. Specifically it reduces the number of joe-jobs directed at its clients. As more mail servers are set up to check these records, the better it gets for them.

What does implementing Microsoft's Caller-ID have to offer in addition to AOL's subscribers?

Responsible ISP (2, Interesting)

kn64 (471853) | more than 9 years ago | (#10274161)

I think ISP's should take more responsability for their users.

Obviously the spammers, and DoSers have an ISP, and if their ISP were punished by upstream providers for allowing their network to emit this kind of crap, by blocking them until the problems are solved, maybe they'd use some initiative to solve these problems.

I do understand that most DoSers are not the fault of the user, but surely the ISP could notify the user, and force them to do something about it.

Re:Responsible ISP (3, Informative)

Exter-C (310390) | more than 9 years ago | (#10274210)

Over time there has been a serious increase in the amount of liability an ISP can take for thier user base. This works both ways unfortunatly being an ISP is alreaddy a full time job for most companies with thier support staff over worked and thier system administrators working overtime to fullfill often unreasonable expectations of themselves.

So adding additional work to ISPs will / could often be the straw that broke the camels back. But at the same time I believe the best way to get ISPs working FOR everyone else. Is if they are being the source of an abnormally high percentage of spam then thier IPS or something need to be threatened. In a world where the most part of IPv4 space is taken this would be more than catastrophic. and having IP space isnt a right its a priviliedge.

But having said that its very very difficult for ISPs to fully lock down thier services. We implemented a system where outbound port 25 was blocked to all clients. And our internal SMTP servers where rate limited on a per IP basis for clients. this killed spam for the most part. Then customers would find open proxies etc so the problem then went up again. Its hard to really combat and its a full time job in itself fighting spam from users of your own ISP. Thats even with disconnecting customers etc for spamming. (they often just sign up with a different false name and pay cash or similar).

Its good in theory difficult and costly in practise.

Re:Responsible ISP (1)

einhverfr (238914) | more than 9 years ago | (#10274397)

This already happens to some extent already. Real time blacklists have driven several badly run ISP's out of business in my area.

One issue though is that if you push too hard, it will become *impossible* to make it so that an ISP can accept the risk involved in allowing businesses to run servers on their networks.

There has to be a balance.

I run my own email servers which are *extremely* secure. Viruses and spam do *not* eminate from my network. But I am lucky enough to find an ISP which is friendly towards my uses. If ISP's were the ones held liable if my systems were compromised, I don't think that would be possible.

Don't use email in the office anymore (3, Interesting)

deathcloset (626704) | more than 9 years ago | (#10274166)

All these differing approaches to the same problem. It seems to me like trying to shove oatmeal into a sprung leak.

Maybe it's time to simplify.

dump email all together in the corporate environment and opt instead for a more secure solution based on PKI or kerberos or any other host of security structure.

If some contact absolutely needs to receive something via email, no problem. "We will gladly send you an email, but you just can't send us one. Unless, of course, you wish to send it to an employee's private email adress; we don't accept email internally anymore."

"Sorry mr. corporate contact, you must log in to our site www.dmail.company.com and submit messages that way. We have had too many problems with spam and viruses.

there is a nice, lightweight client you can install if you don't wish to log in every time."

It seems to me it wouldn't be that difficult to use a non-email solution for your corporate mailing needs (like the aforementined dmail which i've been hearing so much about), and if another company's IT department can't handle that light technical strain, then it would seem that IT department needs a wake up call.

where are the flaws in this reasoning?

Re:Don't use email in the office anymore (4, Interesting)

Sycraft-fu (314770) | more than 9 years ago | (#10274311)

The response will be "Ok thanks, we'll find another vendor".

Seriously, for the most part in the corperate world, you need to take all reasonable steps to accomadate those you do bussiness with. If you make it a nightmare, people will up and dump you.

This even applies to the big guys. Friend of mine works for Rainbird sprinklers. They are by far the biggest name in irrigaton equipment and basically anywhere that does home improvement sells Rainbird.... Except for Walmart.

The reason isn't because Walmart dumped Rainbird but because Rainbird dumped Walmart. Walmart made it very difficiult for Rainbird to do bussiness with them, demanding sacraficies Rainbird didn't want to make so Rainbird finally just refused to sell to them.

Well if you are a small company, this is even more true. If Altera told Cisco they'd no longer accept e-mail for anything, I imagine all Cisco routers would start including Xylinx FCPGAs instead.

Re:Don't use email in the office anymore (2, Insightful)

tftp (111690) | more than 9 years ago | (#10274436)

where are the flaws in this reasoning?

You can't talk like this to your business partners (who pay you). When you fight for contracts and sales you can't just tell the customer "contact me only my way, or go away", because the customer will go away.

I may hate AOL... (2, Insightful)

Conspiracy_Of_Doves (236787) | more than 9 years ago | (#10274181)

I may hate AOL, but I have to admit that if they aren't going to support it, then Sender-ID is dead.

Spam... (1)

IvanD (719006) | more than 9 years ago | (#10274183)

Maybe AOL wants to avoid that USPS follows the MS steps and cut the AOL spam with those "free internet" CDs. Being a widely known spamers, why would they support something against them? God! I'm tired of throwing AOL CDs, what a waste of... trash bags.

Re:Spam... (1)

stickystyle (799509) | more than 9 years ago | (#10274426)

No silly, they send them to you so you can put them in the microwave not the trash.
duh!
:-)

Interop, Just Easier? (3, Insightful)

aaron240 (618080) | more than 9 years ago | (#10274184)

When will Microsoft just say, "Oh look, honest interoperability is easier than wrestling for control all the time"? Could that happen? It just makes sooo much sense.

AOL reads between the lines.... (-1, Flamebait)

Mulletproof (513805) | more than 9 years ago | (#10274197)

"America Online said Thursday that it will not support the Microsoft-backed antispam technology called Sender-ID. The online giant cited (huge) 'lackluster' industry support (profits) and compatibility issues with the anti-spam (by spamming) technology SPF that AOL supports (their own customers)."

Why would AOHELL need MS anti spam (0, Offtopic)

wifitek (675392) | more than 9 years ago | (#10274208)

They block all email anyway. Every mesage I'V sent to some poor sap with AOL Mail it gets bounced afer about a week.

The Problem? (-1, Troll)

Lies of Society (811253) | more than 9 years ago | (#10274224)

Every day you guys bitch and moan about how horrible and awful spam is, then Microsoft comes along with the perfect solution, and you all put it down like it's a bad infection or something.

Can Microsoft ever win here? Are they always evil no matter what they do?

Sender-ID would work. So what if they patented it? MS has tons of patens and they've never used any of them to the detriment of the community at large, so why the fear they'll start doing so now? Do you honestly believe thay'd start charging royalties on every email sent or something crazy like that? Get real.

It's unfortunate that because of a bunch immature people with an ideology, a great piece of technology like this will get passed up and the spam will continue to flow unabated.

Let me be the first to say ... (-1)

Anonymous Coward | more than 9 years ago | (#10274299)

HA! HA! HA!!!

seriously ... must ... stop ... laughing ... too ... funny ...

Re:The Problem? (5, Informative)

DMNT (754837) | more than 9 years ago | (#10274308)

Every day you guys bitch and moan about how horrible and awful spam is, then Microsoft comes along with the perfect solution, and you all put it down like it's a bad infection or something.

It's not that it is from MicroSoft, not that it's patented, but that it's patented with a special license and it has unclear specification. The current license does not allow the transfer of the rights to a third party - therefore making it unimplementable on GNU Public Licensed programs. GPL requires that any modifications must be passed on for free (if ever want to pass it on), and MS license doesn't allow copying the source code and the license. Therefore, you can't implement Sender-ID for anyone else but for yourself.

Also that wiggle room around the specification is an alarming thing. MS - with many other companies - have shown that any gaps in the specification can and will be used by companies in competition. Given a chance, suppliers will make their product incompatible with other suppliers' products if they have the market share - thus increasing their market share further.

If we give them the power to choose what programs can deliver mail in the Internet, who are we going to blame but ourselves if they want to (ab)use that power? Instead, if they break an existing standard we can point our finger at them and say that their product does not meet the standard and therefore it's their fault that interoperability fails.

Re:The Problem? (4, Informative)

devilspgd (652955) | more than 9 years ago | (#10274312)

Part of the issue is that Sender-ID doesn't offer a whole lot that we don't already have with SPF.

However, the license is incompatible with the licenses used on virtually every mail server out there, and the implementation is significantly more complex.

Re:The Problem? (2, Interesting)

caseih (160668) | more than 9 years ago | (#10274329)

The problem is that MS's terms for licensing their patents to specification implementors specifically forbids any use by GPL or similarly free licenses. See the GPL is MS's biggest enemy and they are trying to kill it on every front. For example, it is against the licensing conditions of Visual Studio 7 to produce GPL'd software with it. How did they manage this? By introducing a new standard C runtime library, MSVCR71.dll, which can only be distributed under MS' terms. Oh. And it won't be distributed with the OS anymore, so anyone using VC7 is forced to comply with the licensing terms of the runtime itself.

So the problem with patents is that MS *is* starting to mobilize them as offensive weapons against open source in general, and the GPL specifically.

Re:The Problem? (5, Insightful)

tftp (111690) | more than 9 years ago | (#10274462)

Do you honestly believe thay'd start charging royalties on every email sent or something crazy like that? Get real.

I'm afraid it's someone else who must get real. MS, as any other company, is required to extract as much profit as possible from any and all assets it owns, or else shareholders will file a lawsuit. This happens.

Besides, why MS would not do that? They can do it in a smart way - provide Windows users with a free license, and everyone else has to pay $1000 per license. Where will Linux or BSD be there? Who will be using these OSes for mail transfer? Hardly anyone, that's who.

You must look beyond your nose to see the danger, and it must be said "no" while it is still possible.

Whatever Spam Solutions (4, Insightful)

Exter-C (310390) | more than 9 years ago | (#10274236)

In the end no single solution will work unless the vast majority of servers implement and maintain the solution. There is no use if only AOL or MSN implement a solution for spam. they "may" be 40million users or so but i know personally I dont email anyone @aol.com or @hotmail.com because im a geek and I have geek friends with thier own servers. There needs to be a mass adoption of a good standard to make any difference to the spam problem.

I mean seriously... (5, Insightful)

maxdamage (615250) | more than 9 years ago | (#10274341)

Iv never understood the general anti-aol viewpoint of the slashdot community. Think about it, aol allows computer dumb people to use computers. When computer dumb people use the computers two things happen. They break the computers (which gives you a way to get some extra cash) and they eventualy get better at computers, which makes new slashdoters. Im not ashamed to admit that I at one point I used aol, thankfully those times are over...

Re:I mean seriously... (3, Insightful)

maxdamage (615250) | more than 9 years ago | (#10274365)

Should have finished my sudorant in the first post... Where is all the antiaolism coming from? I mean AOL is an ISP, nothing more. The big difference is it actualy gives its subscribers more bang for its buck. It allows all those computer dumb people a way to easly get what they want done in a computer dumb way. Is it the same thing as the whole mac bashing phenominon? They do their best to give computer dumb people a way to use computers, comon. Im hoping its not that. Is it the whole aol chat room stigma of bad grammer and very poor spelling because much of the discussion on slashdot is no better (well, at least some of it :D) ... well... im done for now...

Re:I mean seriously... (1)

nlawalker (804108) | more than 9 years ago | (#10274458)

I think the "antiaolism" (I like that word by the way) is because AOL so heavily supports the excessive dumbing-down of computing. A lot of people here see it as a steady pace moving in exactly the wrong direction. By "dumbing down" computing, AOL is not truly making it easier to use. They are removing functionality and tying all the functionality they do have to an enormous resource hog of a client and network.

True, some people like it this way, and would prefer to have their computers be "AOL boxes." But to the rest of us, it doesn't seem fair. It deprives inexperienced users of so many things.

Re:I mean seriously... (0)

Anonymous Coward | more than 9 years ago | (#10274398)

The dumb people also get online and start polluting our usenet fourms and online discussion forums [slashdot.org] with mindless BS, all-caps idiocy, and general stupidity. The internet has gotten worse, not better, as a result.

Re:I mean seriously... (-1)

Anonymous Coward | more than 9 years ago | (#10274451)

that was a troll? off topic maybe, but troll? Someone needs to learn how to use their mod points...

The final nail in Microsoft's Patented Sender-ID (4, Insightful)

erroneus (253617) | more than 9 years ago | (#10274347)

Well for better or for worse, if AOL rejects it, that's pretty-much it in my opinion. AOL is probably the most well-known email service on the planet. I wouldn't know who is the biggest or best, but AOL has GOT to be the most famous. Microsoft would have done well to court AOL first... oh well. :)

PRA - Purposefully Regressive Algorithm (0, Flamebait)

nileshch (194481) | more than 9 years ago | (#10274351)

So which future standard do you want to quash [nilesh.org] today?

Better Solution (1, Flamebait)

Dante Shamest (813622) | more than 9 years ago | (#10274366)

Update SMTP for the new millenium.

Re:Better Solution (4, Interesting)

LoadWB (592248) | more than 9 years ago | (#10274455)

I have seen this comment pop up many times, but no one has yet to submit an operable recommendation on how SMTP could be updated to remain a user-to-server and server-to-server protocol without tossing the entire system and saying "nuts" to any semblence of remaining compatible. Therefore, this arguments seems completely flat.

The only partially useful modification is some form of authentication which would certify the origin of the SMTP connection. Just as I can telnet to a POP3 server and make it think I am a real POP3 client, an end user can make an SMTP server believe it is another server.

SPF offers a sleek way of authorizing what machines may deliver mail on behalf of a domain. I could trivialize it by comparing it to a domain owner-controlled authentication system for emails without requiring a central authentication repository or authority.

What is wrong with this implementation? Can you suggest a modification to SMTP that will acheive similar or better results? If not, then drop your argument, that stick, and step back from the dead horse.

Links (0)

Anonymous Coward | more than 9 years ago | (#10274379)

Thanks AOL (2, Interesting)

King_of_Crunk (763543) | more than 9 years ago | (#10274400)

All I can say is thank God myself as a small webhost is being backed by such an Internet access giant as AOL is.

I suddenly dont feel so bad for installing AIM to talk to strange women :)

I feel that what microsoft is looking to punish the witness for what the criminal has done with, although I may be wrong, the intention of profiting off the witness while making the victim feel they, being MS, are trying to helping them out.

How about something BETTER!!! (2, Informative)

ZuperDee (161571) | more than 9 years ago | (#10274428)

Why not use AMTP [bw.org] instead of all these kludgy SMTP extensions/workarounds?

Neither Sender ID nor SPF stop forgery (5, Interesting)

miley (782806) | more than 9 years ago | (#10274432)

Sender ID and SPF can positively prove that a message came from a domain, but can't prove it didn't come from a domain -- they don't stop forgery. The technologies ignored the fundamental architecture of email (store and forward instead of point to point), and in the process left a glaring hole for spammmers to use. How do you forge an email in the Sender ID/SPF world? You pretend that you forwarded it legitimately. In Sender ID with PRA, the spammer simply adds a Resent-From header. In SPF, the spammer makes the Envelope-From something different than the body From:. Both SPF and Sender ID leave these cases for the spam filters to figure out. If the spam filters can't figure it out today, there is no reason to believe they will figure it out tomorrow. We need a crypto solution to solve this correctly. How is domainkeys doing?

Check out Yahoo's inaccurate paraphrasing... (4, Interesting)

necro2607 (771790) | more than 9 years ago | (#10274441)

"America Online Inc. on Thursday shunned a Microsoft Corp. proposal to help weed out unwanted "spam" e-mail because Internet engineers are reluctant to adopt technology owned by the dominant software company."

What? Since when did AOL reject it just because it's owned by Microsoft?

Link to the article [yahoo.com] ...

For once AOL does something the media should be praising it for, yet they're practically insulting AOL publically...

"...would not adopt Microsoft's SenderID protocol because it has failed to win over experts leery of Microsoft's business practices."

I wonder if I'm the only one getting painfully tired of the way the news media paraphrases and misrepresents peoples'/groups' positions...

Oh yeah? (0)

rampant mac (561036) | more than 9 years ago | (#10274442)

"America Online said Thursday that it will not support the Microsoft-backed antispam technology called Sender-ID."

[aol mail voice] "OMGWTF L4m3r! W4||h4ck f4gz!" [aol mail voice]

Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...