Sender Policy Framework

Alternate formats: PDF | plain text

SPF for e-mail is an independent standard

The Sender Policy Framework (SPF) Project makes a clear statement on the independence of its SPF e-mail sender authentication protocol.

Raleigh, North Carolina, USA, March 23, 2005 — The SPF Project wishes to make clear the independence and standing of SPF, its proposed standard for sender authentication of electronic mail.

During the functional period of the Internet Engineering Task Force's MARID working group, several mutations of the SPF protocol specification were published. These specifically include draft-lyon-senderid-core and draft-lentczner-spf, which constitute the Sender-ID protocol proposed by Microsoft Corporation. None of those drafts should be considered officially sanctioned by the SPF project.

After the collapse of MARID and the subsequent formation of the SPF Council, the SPF project's steering committee, a new line of specification drafts, draft-schlitt-spf-classic, has now been created and submitted to the IETF for standardization. This line of drafts exclusively defines the SPF protocol by authority of the SPF project.

In its current Sender-ID specification and through its public relations practice, Microsoft has declared SPF, both technically and conceptually, to be a dependent and integral part of Sender-ID. The SPF project firmly rejects this attempt at co-opting SPF. Although SPF and Sender-ID are conceptually related and can be used in parallel, they are independent protocols and should not be confused.

By now, at least 750,000 domains have published sender policies complying with the SPF protocol, which has a tradition reaching back to mid-2003. However, though no cooperation on the authoring of the SPF protocol is desired, the project remains open to collaborative efforts on the development of future e-mail authentication standards.

About the SPF Project

The SPF Project was founded in 2003 by Meng Weng Wong to act against the increasing levels of e-mail sender address forgery by spammers, imposters, and computer viruses. He and the many dedicated internet technologists who have joined him have developed the sender authentication technology now called Sender Policy Framework.

SPF aims to fix various ambiguities in the standards underlying the e-mail system that have essentially remained unchanged since their inception in 1982. The Sender Policy Framework allows domain owners to define who may and may not send mail reputed to be from their domains.

For additional details about Sender Policy Framework see:
http://www.openspf.org

About the SPF Council

Established in December 2004, the SPF Council's mission is to steer the overall SPF standardization effort, promote the deployment of SPF on the global Internet, and to develop and improve the project's public messaging and communications.

For additional details and news about the SPF Council see:
http://www.openspf.org/Council

Press Contact