Sender Policy Framework

"Whither Sender ID?" (Computer Business Review, 2004-09-18)

"AOL withdraws support for Sender ID" (PC Pro, 2004-09-16)

"AOL Dumps Microsoft's Sender ID" (Overclockers Club, 2004-09-16)

"TECF appoints three key advisors" (IT News Australia, 2004-09-16)

"IETF deals Microsoft's e-mail proposal a setback" (InfoWorld, 2004-09-14)

"IETF Shoots Down Microsoft Email Proposal" (WinInformant.com, 2004-09-14)

"IETF Reportedly Rejects Sender ID" (InternetWeek.com, 2004-09-14)

"The Rumors of Sender ID's Demise Are Exaggerated" (Circle ID, 2004-09-13)

"MS anti-spam proposal returned to sender" (The Register, 2004-09-13)

"Developing an Email Marketing Strategy in Hospitality" (Hospitality Net, 2004-09-13)

The IETF MARID working group issues a statement of consensus relating to SPF. (2004-09-11)

"Spammers Hijack Sender ID" (Information Week, 2004-09-10)

"Spammers ahead of the pack again" (Sydney Morning Herald, 2004-09-09)

"Those spammers are at it again!" (Techtree.com, 2004-09-09)

"Spammers embrace email authentication" (IT-Analysis, 2004-09-06)

"Debian refuses to add Microsoft anti-spam technology" (Techworld.com, 2004-09-06)

"Sophos Advises on Simple Steps to Avoid Being Phished" (Computerworld Australia, 2004-09-06)

"Sender ID loses supporters" (ZDNet UK, 2004-09-03)

"SENDER ID: A Tale of Open Standards and Corporate Greed? - Part II" (Circle ID, 2004-09-02)

"Apache Rejects Sender ID Proposal" (Netcraft, 2004-09-02)

"Survey Finds Spammers Embracing Sender Authentication" (TechNewsWorld, 2004-09-02)

"Microsoft challenges firms to adopt SPF in 30 days" (Computer Business Review, 2004-09-01)

"Sendmail Trials Sender ID" (ZDNet UK, 2004-09-01)

"Sender ID licence may hinder adoption" (The Age, 2004-08-31)

"Spam born in the USA – and much is porn" (Silicon.com, 2004-08-18)

"Microsoft proposes ID solution for spam" (ZDNet UK, 2004-08-13)

"Microsoft Garners Support For Authentication Scheme" (Information Week, 2004-08-12)

ClickZ tells email marketers "If you haven't already done so, publish an SPF record". (2004-08-02)

CircleID publishes part 1 of their two-part interview with Meng. (2004-07-01)

FrontBridge announces SPF support for their anti-spam products (2004-06-29)

SPF getting known in the industry (2004-06-22)

We're mentioned by name in the FTC report. We're also mentioned in the ASTA Technology and Policy Proposal, but you kind of have to read between the lines.

PointnClick, Inc. gives ESPs a rundown of SPF and how to publish (2004-06-22)

SPF and Caller ID at the Inbox Event (2004-06-03)

At the Inbox Event, an SPF/Caller ID Deployment Strategy BoF brought together a critical mass of ISPs, MTA vendors, and ESPs; it kicks off a round of industry coordination on testing, implementing, and rolling out the merged SPF/Caller ID thingy, which we have yet to actually name. This is enormous progress on a scale nobody had imagined possible a year ago.

v=spf1 record format accepted by Microsoft (2004-05-25)

Microsoft has dropped its objections to the SPF semantics and syntax model. Getting their buy-in is a major step forward. People who have been waiting to see how things will shake out can now go ahead and publish SPF records. While the SPF community conceded that the upgrade path for SPF should be XML, the existing TXT format will be supported for the foreseeable future. For more details, see this slideshow.

We're in the April Linux Journal! (2004-03-13)

Check out our exciting three-page centerfold where we bare it all! Actually, the article just discusses how to publish SPF records. The March issue talks about how to check SPF in your MTA.

Mail::SPF::Query parsing Caller ID records! (2004-02-26)

The latest version of Mail::SPF::Query will parse Caller-ID records! SPF-enabled MTAs can now read Hotmail's and microsoft.com's records and translate them into SPF format. As a reminder: SPF is designed to protect the envelope sender so you don't get bounces that say "You sent us a virus". Caller ID is designed to protect the headers so eBay and PayPal can limit the damage of phishing spams that say "Your credit card has expired, please re-enter it here". If you are annoyed by viruses that cause you to get bounces, you should publish SPF. If you are a big institution or a bank and are concerned about phishing, you should publish Caller ID records as well, but first you should check with Microsoft because you may need a technology license; they control the patent on Caller ID.

Microsoft announces Caller ID for E-mail (2004-02-24)

Microsoft has announced Caller ID for E-mail, a close relative of SPF. Some people have reported that Microsoft Word is unable to open the documents at that web site; we provide PDF versions for your convenience. In other news we are up to 7500 domains registered.

SPF and the IETF standards process (2004-02-12)

An eWeek article discusses SPF's interaction with the IETF standards process. While it would be really nice to see the SPF draft approved as an Experimental or Draft Standard within the next few weeks, the conservatism inherent in the IETF process may require that we follow procedure, hold a BoF, charter a Working Group, and meet a few times over the next year or two. Conservatism has served the IETF well in the past, and you certainly don't want to rush something as important as this. But the problems are urgent, and people are beginning to abandon email entirely. We need to act as quickly as prudence allows.

SPF is an Internet Draft! (2004-02-11)

The spec has been published as an Internet Draft with the version number 00. This marks the first step on the road toward RFC standard status. Oh, and we changed the name from "Sender Permitted From" to "Sender Policy Framework".

6000+ domains have published (2004-02-04)

The registry crosses the 6000 mark. Major publishing domains include: AOL.com Altavista.com DynDNS.org E!Online.com (the ! is silent) GNU.org LiveJournal.com MotleyFool.com OReilly.com Oxford.ac.uk PairNIC.com Perl.org PhilZimmermann.com SAP.com Symantec.com Ticketmaster.com w3.org and of course foo.com.

5500+ domains have published (2004-02-02)

The registry crosses the 5500 mark.

Eine deutsche Version dieser Webseite gibt es hier. (2004-01-28)

SPF at the MIT Spam Conference (2004-01-16)

Eric Raymond mentions SPF in his talk at the MIT Spam Conference. A handout is distributed to the audience. The registry crosses the 4000 mark.

AOL has published SPF records! (2004-01-09)

Slashdot noticed that AOL experimentally turned on SPF for 24 hours. During that time, thousands of spams were blocked. They have turned it off over the weekend to assess the results of the experiment, and will turn it on again next week.

Mail::SPF::Query 1.9.5, 3rd-party implementations (2003-12-16)

Mail::SPF::Query 1.9.5 has a few updates, and matches the draft version 02.9.4 which is the latest RFC draft. You are encouraged to publish records. Independent client implementations in C and Python have begun. MTA plugins for Sendmail, Postfix, and Exim are available for download. The Slashdot thread contains a number of questions and criticisms based on an incomplete understanding of SPF. All those questions and criticisms are already answered or addressed on this website. To the trolls, I say: please engage eyeballs before operating fingers.

Design freeze announced (2003-12-10)

Slashdot. Load on Slashdotted servers: 0.02 ... (2003-10-05)

ASRG unification effort (2003-10-02)

A unification project has begun under the aegis of the ASRG: the authors of SPF, RMX, DMP, and other designated sender schemes are working together to produce a single proposal that gathers the strengths of the different approaches. Early adopters, please join the mailing list; the spec is very likely to grow additional features by the time we're done.