Why Open-Source Community Objects to MS Spam Plans
Sender ID, Microsofts own proposal, has met with widespread resistance in the MARID (MTA Authorization Records in DNS) standards group of the IETF. MARID has been working on defining a standard to use SMTP authentication to block spam.
At times, it appeared as if some compromise might make Sender ID palatable to the open-source community. Indeed, Sendmail Inc., a major open-source mail server company, started a trial program that used Sender ID.
But since then, major ISPs such as America Online Inc. and open-source development groups such as The Apache Software Foundation have rejected Sender ID.
Now that Microsoft has revealed that it owns a patent that potentially covers what had widely been thought of as a patent-free approach, SPF (Sender Policy Framework), the whole approach of stopping spam by sender authentication is being called into question.
Its not that open-source developers object to IP (intellectual property) per se. Its how Microsoft handles its IP licenses that concerns open-source programmers.
Lawrence Rosen, a partner in the law firm Rosenlaw & Einschlag and author of "Open-Source Licensing: Software Freedom and Intellectual Property Law," tried to explain the core problems.
"The last published draft of the Microsoft license (1) does not allow sublicensing and (2) requires separate execution by those who freely decide to distribute open-source software embodying the standard.
"This is not compatible with many open-source licenses, and it is incompatible with the widespread processes of open-source development and distribution," he said. "There are other subtle wording changes that are needed in the draft Microsoft license, but those two are the main problems."
Its not that the open-source attorneys havent tried to work out these differences, according to Rosen.
"Eben Moglen [a law professor at Columbia University and general counsel to the Free Software Foundation] and I have made those arguments to Microsofts attorney. But if Microsoft executives are unwilling to understand these fundamental incompatibilities, then I suppose we wont reach agreement on a compatible license," he said.
Some critics have noted that past IETF standards have included patents with restrictions on them that would make them unacceptable to the open-source community.
"The fact that there are also unacceptable licenses from IBM and Sun is no excuse to let this one from Microsoft get by," Rosen said.
"Point me to specific, other incompatible patent licenses for specific IETF standards, and well talk to those companies, too, if necessary. Perhaps these companies dont realize that non-sublicenseable patent licenses for industry standards are incompatible with their own open-source licenses."
Rosen also said he thinks Microsofts license "will chill open-source implementations of this IETF standard, and we have suggested that it should not be accepted by anyone who intends to distribute implementations under open-source licenses."
But Rosen noted that some open-source developers, notably Sendmail, are working with Sender ID since they seem to have concluded "that the patent will never issue because of prior art, or even if it issues, will never be enforced."
"If you dont think a license from Microsoft will be needed, then perhaps you shouldnt ask for one or sign it," Rosen said. "I have no opinion on that, except to say it might be risky if Microsoft later decides to come after you, your distributors or your customers as patent infringers."