FSF & OSI Speak out Against Sender-ID License

NW writes "As a followup to yesterday story, Eben Moglen of FSF and Larry Rosen of OSI have publically spoken out against Microsoft's Sender-ID license calling it incompatible with the GPL and Open Source. A related eWeek story also covers this and includes the following quote from Eric Allman, the author of Sendmail: "It's pretty clear that it's going to take an act of whatever deity Microsoft worships in order to get them to back down on the sublicensing issue. They made it absolutely clear to us that they were not even going to consider changing this, and the legal folks made it further clear that they would rather see Sender ID die than back down.""

Fine by me.

the legal folks made it further clear that they would rather see Sender ID die than back down.

So be it.

Re:Fine by me.

Second that... Either they release an RFC implimentable by OSS, or it doesn't get used.

Didn't MS learn this lesson back in '95 with Blackbird?

Re:Fine by me.

There should be a "No, Seriously" mod to counteract "Funny".

It isn't a joke.

Die.

Re:Fine by me.

That's what I was thinking. I wasn't intending to be funny. I was very serious. Oh well.

Re:Fine by me.

Sender-ID can incorporate SPF. It isn't a one or the other battle.

I've read through the ietf archives, and the big issues are that the license seems OK on the surface, but the details of exactly what is patented is very unclear AND The requirement that implementors and distributers get a license, even if it's free, is a huge burden. Imagine if this kind of thing happened with all the standards? A company like redhat would need to get thousands of licenses from thousands of companies. Debian would be impossible. Open source would die.

The end result is that SenderID will be mostly useless because it will not get critical mass adoption. ISP's rely heavily on opensource software. If opensource mail software does not support SenderID, only a small fraction of the world will adopt it.

Familiar dialogue?

the legal folks made it further clear that they would rather see Sender ID die than back down.

Sith lawyer: "As you can see, my sublicensing powers are far beyond yours; now back down."
Eben-Wan Kenobi: "I don't think so."

OK, so the "back down" is directed the other direction, but it sounds so right, doesn't it?

Uh...

Someone actually want to link to a reference where this statement was made?

Open Letter to Bill Gates and Minions

Dear Bill,

Regarding mandatory Sender-ID licensing.

Get bent!!!

Yours Sincerly,
jo42 (on behalf of the rest of the world)

Act of...

"going to take an act of whatever deity Microsoft worships in order to get them to back down"

That would be an act of Dollar, the almighty god of commerce. Worshiped by by corporations and monopolists around the world.

Get used to it...

It's quite clear that this is the best strategy that Microsoft has against Free Software. MS _may_ not get to point where they directly sue over patents and copyrights but be assured that they will work very hard to create useful and popular things that are legally incompatible with Free Software.

Re:Fight back

"No Microsoft" is still "Not Free".

This is one of those moments where you have to reflect on what TRULY free TRULY means.

For example, Free Speech means you can say something that I absolutely, 100% disagree with, or even despise you as a person for, yet you are acting within the law (whether I is joe citizen or the US government).

Or, as has been mis-attributed to Voltaire a few times, "I disapprove of what you say, but I will defend to the death your right to say it".

If you truly believe your software, or ALL software should be free, that means ANYONE, including Microsoft, MUST be allowed to use it (within the terms of the particular "Free-compatible" license, of course).

I wouldn't expect to see MS modifying and sharing any GPL code anytime soon, but they have used BSD code in the past, and I have no doubt they do use binaries of GPL'd projects (but would naturally avoid tainting themselves by looking, let along modifying, sources).

You can't pick and choose and still call it 'Free'.

I recognize your knee-jerk tag - so just consider this the second part of a knee-jerk chain reaction :)

Xentax

Who cares...

As long as Microsoft is incorporating SPF [pobox.com] into their solution, then it doesn't really matter if few providers use SenderID (as long SPF is widely adopted).

SPF provides the means to eliminate the most egregious spammers by eliminating all emails with forged headers and providing a means to ensure that the sender is complying with the rules set by their ISP. It is simple to implement because it uses already existing features of SMTP and DNS to operate, and it does not need to be adopted "all at once" by every ISP, as it does not interupt mail being sent to/from non-participating ISPs until the provider using it makes that decision themselves. It is also possible for a user (of a participating ISP) to incorporate SPF response into their filters in such a way that it would not eliminate any legitimate mails, and it would still be effective at helping the user to identify spam.

It will help ISPs verify that their users are violating policy by sending spam. It will help make blacklists more accurate by identifying ISPs that permit or encourage spammers to use their services.

Read the FAQ [pobox.com].

As long there is progress toward wide adoption of SPF, there is little reason to argue over Microsoft's SenderID licensing scheme. If their protocol cannot be used with qmail, sendmail, and other high reliability/security servers, it will not be adopted. As long as Microsoft has followed its stated intention to adopt SPF as part of SenderID, then SPF will work for everyone, including those using SenderID.

Hotmail

Sender ID has already gained market support. Both ISPs, such as AOL, and mail software and support companies, such as Cloudmark Inc. and Tumbleweed Communications Corp., have announced support for it. Microsoft has also announced that it will start using Sender ID for inbound e-mail to its hotmail.com, msn.com and microsoft.com domains in October.

Practically speaking, what does this mean? That we won't be able to send emails to hotmail.com, msn.com and microsoft.com unless we use Sender ID enabled mail servers? What exactly does Sender ID do that will cause a problem of incompatibility for the open source community? I understand that Sendmail and others won't be able to implement it as is, but what does not being able to implement it mean?

That really sucks

Its incredible. I feel just an other time f... by M$. We small/tiny vendors leave modules Freeware like we do in our Aloaha because we believe in the Idea of SPF and so on and the big ones just focus on how to gain control. It would be interesting how it would legally look if we would silently support SPF2/SenderID. Anyway - I always prefered SPF1 and I hope that people are now even more motivated to push it... Thanks Frank

Just the beginning

I suspect the future will be fraught with Microsoft "innovations" in use of patent/copyright/trademark law.

How can I implement Sender ID in a freeware module

Since SPF in our Aloaha is Freeware of course we are not implementing PRA - even though we support SPF2 records.....