Jonathan M. Gardner wrote:
The only good thing is that to comply with SenderID, you have to publish SPF
records. At least Meng won that point. Now we will have Microsoft actively
campaigning for more people to publish SPF records.
I think this is one of the most important points in this thread.
So a question is whether the DNS records for SenderID can be used to detect
anti-forgery without using the Microsoft patent?
If most vendors will adopt only DNS records that support SenderID, e.g.
johnp(_at_)idimo(_dot_)com wrote:
v=spf2.0/pra ptr mx:govorim.idimo.com mx -all
then can we safely use that DNS record to implement SPF classic checks with
good confidence of not building liability to Microsoft, or to implement checks
on Sender: and From: (assuming we are confident in liberating prior art for
doing the latter case unencumbered)?
If not, what can we do now about it?
Sure Microsoft will not require a license for declaring an "v=spf2.0/pra"
record. But will they state clearly that they will not require a license for
reading and using it to do anti-forgery checks?
I envision/fear a future where to do SenderID for free, you use a Microsoft
product or API. I envision/fear a future where you do SPF on a SenderID DNS
record at your own risk. Remember the GIF LZW patent and it's stifling effect
on freeware GIF editors.