As predicted, Microsoft’s efforts to license the new SenderID anti-SPAM technology is causing all sorts of problems with the Open Source community. Microsoft want their alleged intellectual property to be made part of the new industry standard on mail authentication. The problem is that their “license” is not compatible with the GPL and other Open Source licenses. What that means is that some of the biggest MTA ‘s (mail server applications) in use on the Internet may not be able to use the new technology. I suspect Microsoft hopes that will encourage people to buy their own mail server software, or perhaps they consider it a potential lever to use against OSS (Open Source Software) sometime in the future.
Sendmail, Postfix, Courier and other Open Source MTA’s have licenses that basically make anyone using the software a “sub licensee”, something that may well be incompatible with Microsoft’s IP license. As it stands right now, Sendmail have created a testing milter plug-in for SenderID, but did so without any license with Microsoft.
If the license issues cannot be resolved, the whole process should be dropped and they should start again. No company, (particularly a convicted predatory monopolist like Microsoft) should be allowed to use an industry standard as a tool to increase the market share of their own products by licensing their contributions in a manner that is incompatible with their competition. If Netscape had done that to Microsoft back when SSL became a standard, then Internet Explorer would likely not have been able to use SSL encryption. (or more likely, SSL would have been dumped in favour of another more open standard.)
Negotiation has been ongoing between parties for both sides, and some progress has been made, Microsoft released this revised license, but it still falls short of addressing all the OSS communities concerns.
The Apache Foundation, the group responsible for the wildly popular Apache web server software, have pulled their support for the standard, citing the license issue as the reason:
“We believe that the current license is generally incompatible with open source, contrary to the practice of open Internet standards, and specifically incompatible with Apache License 2.0.”
In short, this is turning into a PR nightmare for Microsoft, and even if they win and SenderID becomes the standard with their standard license, it’s unlikely that it will result in any extra market share for Microsoft’s e-mail server software. The likely result is that the Open Source community will just create their own open standard, and than we’ll have two incompatible implementations which helps nobody except possible the spammers. In fact its likely that the OSS solution would become the mainstream solution as Microsoft is far from having a monopoly of the mail server market. A concurring opinion with regards to this issue, written by Eweek’s Larry Seltzer can be found here. The BBC has an excellent article on the whole problem as well and it’s available here.
Update: Debian, the biggest of the non commercial Linux distributions, have rejected Sender ID as well. For the same reasons as Apache, the MS patent breaks the “free” rule of Debian. In this case it means “free” of encumbrances. Here is a quote from Martin Schulz:
The current Microsoft Royalty-Free Sender ID Patent License Agreement
terms are a barrier to any Debian package which wants to implement
Sender ID or include Sender ID support. We believe the current
license and resulting encumbrances are incompatible with the DFSG,
unlike other Internet standards that Debian is able to support.
Therefore, we cannot implement or deploy Sender ID under the current
license terms. Indeed, we would be forced to remove SenderID support
from software we ship that does support Sender ID upstream according
to the terms of our social contract.For the most part, our legal concerns mirror those of the Apache
Software Foundation, the Free Software Foundation, as well as the
Postfix, Exim, and Courier maintainers.
You can read the whole e-mail to the Debian news list here.
INSERT: Things are looking bleak with regards to SenderID becoming a standard because of the license issue. Because Microsoft are not the 800 pound gorilla in these circles, they are unable to muscle the standard though and it looks like being dead as an issue in its current form. See Groklaw for an excellent article.
Regards
Franki.
