Microsoft Moves Ahead with Anti-Spam Tool. You Should, Too.

Network News Break: Microsoft's putting its anti-spam money where its mouth is and putting SPF to work. You should, too. Also: IPv6 is here! Awful neologisms for domain names are staying! ICANN settles on a budget to some dismay, Samba patches a security hole, and Apple has new toys to try out over the weekend.

By Michael Hall | Posted Jul 23, 2004
Print ArticleEmail Article
  • Share on Facebook
  • Share on Twitter
  • Share on LinkedIn

Main     Elsewhere     The Week in CrossNodes    

We're pleased to note that not long after announcing its work on the specification, Microsoft is moving ahead with actually implementing Sender Policy Framework (SPF) at several of its domains, including hotmail.com and msn.com. We've been over SPF before, and applauded Microsoft for getting behind a means to battle identity-spoofing spammers. SPF won't cure all the world's spam woes, but it will do a lot to push spammers into narrower and narrower boxes where they can be more easily isolated and protected against.

Microsoft isn't the only company or organization behind SPF: AOL, Earthlink, Google, and Ticketmaster have already put it to use.

There's also libspf2, a portable implementation of SPF for a variety of MTA's including postfix, exim, and sendmail that not only provides support for SPF, but key functionality designed to conserve bandwidth, spare servers the burden of excessive DNS lookups in the face of a widespread spamming from a spoof host, and more.

It's a rare moment when something like consensus seems to come around these days, and we're just as quick as anyone to look askance at Microsoft's enthusiasm. In this case, though, there's an overwhelming body of support for this approach to battling spam and fraudulent e-mail, and it's definitely time to be figuring out how you're going to implement it on your own servers.

Elsewhere:

» As reported here, ICANN has moved ahead with adding IPv6 support to the root DSN system. There's some confusion among early reports about the difference between a "Web address" like "www.joegrudd.com" and an IP address, so we'll point out that IPv6 hasn't added any words to any languages, it's just adding numbers to the potential addresses a host on the 'net can have. Bizarre neologisms for startups still have a bright future despite the best efforts of our engineers.

» Speaking of ICANN, it has a budget for next year, now, but that doesn't mean people like it:

"This year, ICANN went with a new budgeting model for registrar dues that significantly increases their burden and has drawn plenty of criticism from smaller registrars. This year, under the proposed budget mechanism, registrars will pay a flat fee of $4,000 each annually for the right to be an accredited registrar within ICANN. Every transaction they conduct (buy, sell or edit domain name information) will cost 25 cents, up from 12-18 cents last year. On top of that, each pays an equal portion of the $3.8 million ICANN officials say are costs incurred by registrars regardless of size."

ICANN is putting a positive spin on the dissatisfaction in the ranks, noting that it's got more people on board than it did this time last year.

» Oracle and Novell have both unveiled new identity management products. Novell's is especially interesting because it leverages the Liberty specification, originally launched as a "stop Microsoft" move against Passport's dominance:

"While current Liberty-enabled federated identity projects focus on sharing identity information and require that users have accounts on each federated system, Odyssey goes a step further by managing and provisioning user accounts across each partner system," the Provo, Utah, company said in a statement.

"When a user accesses a partner site where he does not have an account, he will have the option to automatically provision a new account based on information in the corporate directory that the administrator has deemed relevant to that partner."

Odyssey will provide proxy functionality so that when it is set up in front of another server, it will provide Liberty or SAML (define) support for almost any application or service. As soon as the two servers exchange agreed upon metadata, identity information can be federated between systems. Odyssey is expected to ship in early 2005.

» If you're using Samba to hold your Unix and Windows machines together, you'll want to note the latest release, which patches some buffer overflows, which could lead to compromised servers.

» New iPods are out! What's it have to do with networking? Not a lot, but it's the weekend.

The Week in CrossNodes

» A Spoonful Of CIDR Helps the Routing Tables Go Down

In 1990, things looked grim for the Internet as routers sagged under the weight of an exploding address space. Learn how CIDR saved the day, and how it can help you deal with your own growing network.

» ICANN Adds IPv6 to Root DNS

The move promises to solve the possible shortage of IP addresses.

»Proprietary Wi-Fi Speeds Get Scrutiny

The Wi-Fi Alliance says that products with high-speed extensions that aren't part of the 802.11 specifications could mean no more Wi-Fi Certification sticker if the options cause interference.

Network News Break is CrossNodes' daily summary of networking news and opinion, served up fresh daily. Please send your comments and suggestions to the editor.

Comment and Contribute
(Maximum characters: 1200). You have
characters left.
Get the Latest Scoop with Enterprise Networking Planet Newsletter