Two prominent open-source software groups have rejected a proposed technology standard backed by Microsoft that would close a loophole used to send unsolicited commercial (spam) email, citing unresolved patent and licensing issues with the standard known as Sender ID.
Both the Apache Software Foundation and the Debian Project said they would not be able to support the Sender ID email authentication standard in their products.
Both organisations said the Sender ID license did not meet the standards they held for software distributed with their products, making it incompatible.
Other open-source groups, including the Free Software Foundation, have also voiced reservations about the Sender ID patents, according to those familiar with the dispute.
Microsoft was unable to comment for this story.
Sender ID is a technology standard that closes loopholes in the current system for sending and receiving email that allow senders, including spammers, to fake, or spoof, a message's origin.
Organisations publish a list of their approved email servers in the DNS (domain name system). That record, referred to as the sender policy framework (SPF) record, is then used to verify the sender of email messages sent to other Internet domains using Sender ID.
Internet domains have published SPF records since the standard was introduced by Pobox.com. In May, Microsoft and Pobox.com reached an agreement to merge SPF with a Microsoft-developed standard called Caller ID to form the new Sender ID standard.
At the heart of the dispute between Microsoft and the open-source community is language in the Royalty-Free Sender ID Patent License Agreement, which Microsoft requires those using Sender ID technology to sign, according to Internet Research Task Force's Anti-Spam Research Group member, John Levine.
Open-source software advocates were uncomfortable with a prohibition against transferring or sublicensing Sender ID licenses to others in the open-source community, and with a requirement that all licensee's contacted Microsoft directly to receive a copy of the license, he said.
Open-source software groups are also suspicious of Microsoft's refusal to say what pending patents the company has around the Sender ID technology.
Without information on what technology it is claiming patents on, open-source groups are wary about implementing Sender ID for fear that Microsoft's patents, when finally disclosed and then granted, will be broad, according to the Apache Software Foundation.
The concerns over patent language in Sender ID are not new. Legal and technology experts raised similar questions about a licensing agreement for the Microsoft Caller ID authentication standard.
But patent disagreements aside, the Sender ID technology had not proven to be as popular or as effective at stopping spam as some had hoped, Levine said.
"People are saying why jump through hoops and sell our soul to Microsoft for technology that's not that great, even when it is deployed," he said.