Microsoft Corp. on Tuesday claimed rapid adoption of its Sender ID framework for email authentication to fight spam, but at least one analyst firm said the software maker is waging an uphill battle in the industry.
On the eve of the second annual Email Authentication Summit in Chicago, Microsoft got the market machine humming for Sender ID, claiming its adoption has increased in March to 21 percent of Fortune 500 companies, compared with 7 percent the same month a year ago.
Sender ID uses Microsoft's proprietary Purported Responsible Address method for checking the headers with a message body to verify the legitimacy of the domain name from which an email is sent. Sender ID also supports the Sender Policy Framework Classic method, which looks only at envelope headers outside the message body; but the authentication system generally implies the PRA method.
The connection to Microsoft's proprietary technology has left email and Internet service providers reluctant to adopt Sender ID. As a result, Sender ID has had a "more limited pickup" in the industry then rival email-authentication technologies, such as DomainKeys Identified Mail, which is favored by Yahoo Inc. (Nasdaq:YHOO - news), the largest email provider; and network supplier Cisco Systems Inc., analyst Arabella Hallawell of Gartner Inc. said
"We think that DKIM has the most potential," Hallawell said, adding, however, that DKIM is the most difficult to implement and is a ways from getting approval by the Internet Engineering Task Force.
As expected, one place Sender ID has seen an increase in use is on Microsoft's Hotmail, the Web mail service provided by the company's MSN portal. Since January, MSN has seen an increase in Sender ID-compliant email to nearly 32 percent from 20 percent, Microsoft says.
That's no surprise to Hallawell, since companies and marketers sending bulk email through MSN would find it easier to get Sender ID-compliant messages through Microsoft's spam filters.
"MSN hasn't make it mandatory for you to send email using Sender ID, but one would say it might weigh in your favor," Hallawell said.
Indeed, Microsoft says Sender ID email sent over MSN show an 80 percent reduction in getting snared by filters, compared with other non-spam email.
Despite that success rate, Yahoo remains uninterested in Sender ID.
"Yahoo is continuing to focus on DomainKeys and DKIM," a spokeswoman said. "We feel confident that there is widespread industry agreement that a cryptographic solution is the best long-term solution for the mail-authentication issue."
DomainKeys is an email authentication method that computes a digital signature, which is added to the message header. The receiving mail server obtains the sender's public key from the domain name system to validate the signature. Yahoo has used DomainKeys since 2004.
Microsoft declined to speculate on whether Sender ID would someday play a leading role in the email-authentication market or end up a supporting actor.
"I don't have a crystal ball," Craig Spiezle, director of the Technology Care and Safety Group at Microsoft, said.
One authentication method would certainly be easier for companies and marketers, but it's too early to say how the market will evolve, Hallawell said.
"That's obviously the bigger picture," she said. "One standard would be better, but that obviously hasn't been the case. Each provider is trying to mark off their own territory."
In addition to pushing Sender ID, Microsoft took advantage of the upcoming summit to unveil a new batch of MSN Postmaster Services, which provides tools and best practices that help email senders work within the portal's email filtering technologies.
The tools include a reporting program that lets organizations see the email messages from their networks that were sent to a junk mail folder. In addition, MSN provides reports on how email filters are processing messages, and guidelines for improving deliverability through Hotmail and Windows Live Mail.
Comments