PRA - Purposefully Regressive Algorithm
Microsoft had released the algorithm under a "non-transferable & non-sublicensable" license which locks out open source implementations of the algorithms since they now cannot sub-license their implementations under the GPL/Apache/BSD licenses. This affects about 60% of the mail relay servers on the Internet! And what do Microsoft have to say on this? "We don't care". If you check the link, the second para tells you all -
…it does not make sense to discuss alternatives to PRA if those alternatives may be reasonably inferred to be covered by the patent application (though not necessarily the license) since this working group does not wish to discount Microsoft's patent application…
Don't forget to read the whole thread. So finally, Microsoft will go ahead with PRA's incorporation and will not use the other alternative MAILFROM method for checking incoming mails. Another quote from the above link -
While Microsoft plans to incorporate both mailfrom and PRA checking information in the records it maintains, it has no plans to use mailfrom to check incoming e-mails, saying PRA is the superior technology.
Pretty roguish attitude!
So what is the SenderID Framework?
The SenderID Framework is a method to authenticate whether a mail server sending mail for say, yahoo.com is indeed yahoo.com server. This is verified by asking the DNS servers of yahoo.com on who are its mail servers and comparing the returned information with the connecting server. If the IP address is listed in the DNS information, the mail is accepted. Now there are two proposals on how this can be implemented. One is SPF and the other is well, PRA. SPF has been freely available for quite sometime, but not PRA.
So does the SenderID Framework kill all spam? The answer has always been NO. Authentication Is Not an Anti-Spam System. Some more links - one, two.
1 Comment (closed)
Posted by
casey
20 September 2004 @ 7 AM