Microsoft: Your Spam is Our Competitive Advantage

Ever since Bill Gates said the spam problem would be solved by the start of 2006 (a prediction I pooh-poohed in this very column at the time), Microsoft has been making moves in the anti-spam space. One of the ideas near and dear to their heart is that you can cut down on the amount of spam if you can somehow prevent mail with forged return addresses from getting through, since a lot of spam these days comes from hijacked machines. After a suitable amount of time, the Redmond folks churned out a spec that they called Caller ID.

Of course, they're not the only ones with this idea. By the time that Caller ID was on the scene, an open source alternative named Sender Policy Framework was already on the scene. You can implement SPF today, and pretty soon major e-mail providers like AOL will be using it to whitelist incoming mail. As far as I've been able to find out, the SPF specification is free and anyone can implement it without worrying about licensing issues.

Microsoft's response has been to work with the folks behind SPF, as well as some of the Internet protocol wonks, to come up with a merged combination of Caller ID and SPF that's called Sender ID. And herein lies the problem. Microsoft has offered up a license for Sender ID that they claim is royalty-free, reasonable, and non-discriminatory. It may be all of those things, but it's also incompatible with some major free software licenses - including the General Public License (GPL).

At issue is a section of the Microsoft license that doesn't allow sublicensing. Everyone who wants to use the patent-pending technologies that Microsoft proposes to license royalty-free in to Sender ID must execute their own separate license with Microsoft. The GPL, on the other hand, says that any code you distribute can be used by the people you distribute it to.

So, here's where things end up: Microsoft can implement both SPF and Sender ID in their products such as Exchange and Outlook. Open source alternatives can implement SPF, but not Sender ID (unless they engage in jumping-through-hoops, such as producing a separate Sender ID add-on that's not distributed alongside GPL software). Thus, the Microsoft products should be able to do a better job of blocking spam than the open-source alternatives. One can't help thinking that this is the deliberate purpose of the license, rather than a side-effect of the licensing decisions taken for other reasons.

Is there an alternative? Sure. Microsoft could take out their patent and then put the technology into the public domain, so anyone could implement it in any product. That would help cut down on spam, but it would also eliminate the competitive advantage. Or we could just abolish the whole silly system of software patents. But I'm not holding my breath waiting for either one of those things to happen.



Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.

Upcoming Events