FW: Exchange security initiatives

  • From: "Oluwaseyi Owoeye" <OOwoeye@xxxxxxxxxxxxxxxxxxx>
  • To: "[ExchangeList]" <exchangelist@xxxxxxxxxxxxx>
  • Date: Mon, 17 May 2004 11:08:49 +0100


Hi Folks,


As part of the "Exchange Edge Services" and "Coordinated Spam Reduction
Initiative (CSRI)", Microsoft is moving aggressively to implement the
"Caller ID for e-mail".  Caller ID for e-mail specification is part of
the broader CSRI initiative ( which is a Microsoft Policy & Technology
proposal), and is intended to prevent domain spoofing in an effort to
combat spam.  Both "Exchange Edge Services" and "Coordinated Spam
Reduction Initiative (CSRI)" were announced by Bill Gates in Feb., 2004
at the RSA conference.


These technology proposals are widely expected to become Industry
Standards in the very near future.  So if you are not in the know, it's
about team to get familiar with these upcoming technologies, as we will
definitely see customer mail flow issues, and CritSits surrounding these
technologies.   As mentioned in the excerpt below, Microsoft is
aggressively working with its industry partners on the pilot, so it's
very close from being a reality.




"Microsoft is moving ahead with plans for a pilot implementation of
Caller ID for E-Mail in its Hotmail(r) service. Hotmail will begin
publishing outbound IP addresses today and will begin checking inbound
addresses early this summer. In addition, the company continues to work
with others in the industry to test this proposal, including Amazon.com
Inc., Brightmail Inc. and Sendmail Inc."


If you want to know more about Edge Services, CSRI, & Caller ID for
e-mail please see the following links:

( Draft proposals for both Caller ID for E-mail and CSRI are available
at the links below)


Coordinated Spam Reduction Initiative:

Caller ID for E-Mail Technical Specification:

E-Mail Protection With Exchange Edge Services:


The following three PDF docs are also available at the Caller ID for
e-mail link above:


"Caller ID for E-Mail: The Next Step to Deterring Spam"
Initial specification to address domain spoofing.

"Protecting Domain Names from Spoofing: A Guide for E-Mail Senders"
Instructions and templates for protecting a domain name from spoofing
using the Caller ID specification.

"Caller ID for E-Mail Implementation License"
The terms of the patent license for implementing this specification.






Other related posts:

  • » FW: Exchange security initiatives