News

Microsoft Outlines Anti-Spam Technical Roadmap

Microsoft this week unveiled its long-awaited technical roadmap for combating spam, which the company identifies as the top complaint of its e-mail customers.

Formally called the Coordinated Spam Reduction Initiative or CSRI, Microsoft's anti-spam proposal consists of three industry-wide steps:

  • Development of an e-mail equivalent of Caller ID to make spoofing a less attractive method for spammers.
  • Creation of independent e-mail trust authorities (IETAs) that would certify and monitor legitimate high-volume e-mail senders. The IETAs would help set reasonable behavior policies and verify the identities of compliant senders through digital certificates or safe lists. The IETAs would charge high-volume e-mailers large fees for their services.
  • Creation of a less expensive alternative for low volume e-mailers than the independent e-mail trust authorities. An example of an alternative would be payment in computer cycles, through required tasks that expend a few seconds worth of compute cycles per message sent. Spending that kind of time per message would put high-volume spammers out of business, according to Microsoft.

    Microsoft describes CSRI as a specification in the draft-for-comment stage and posted it online at www.microsoft.com/spam.

    Already the company has very high hopes for CSRI. In announcing the initiative at the RSA Security Conference this week, Microsoft co-founder Bill Gates said, "We believe that Caller ID for e-mail and the Coordinated Spam Reduction Initiative will help change the economic model for sending spam and put spammers out of business."

    Gates and other Microsoft officials gave the most attention to the Caller ID portion of the proposal. The idea, which Microsoft has been working on for about a year, would require three steps to work. First, all e-mail senders would publish the IP addresses of their outbound e-mail servers in the Domain Name System in a format described in the Caller ID for E-mail specification. Recipient e-mail systems would check each message to determine the purported responsible domain. Then the recipient systems would query the DNS to check the IP address of the message against registered outbound e-mail IP addresses for that domain.

    Microsoft began a pilot implementation of Caller ID for E-mail in its Hotmail service this week. The pilot starts with Hotmail publishing outbound IP addresses. Microsoft's free e-mail service will begin checking inbound addresses early this summer.

    A few major companies have signed on to test the Caller ID proposal -- Amazon, Brightmail and Sendmail.

    The technical roadmap comes about a month after Gates told an audience at the Davos summit that "in the next 12 to 18 months we can expect (spam) not to be a major problem as today."

  • About the Author

    Scott Bekker is editor in chief of Redmond Channel Partner magazine.

    Featured

    • Microsoft Offers Support Extensions for Exchange 2016 and 2019

      Microsoft has introduced a paid Extended Security Update (ESU) program for on-premises Exchange Server 2016 and 2019, offering a crucial safety cushion as both versions near their Oct. 14, 2025 end-of-support date.

    • An image of planes flying around a globe

      2025 Microsoft Conference Calendar: For Partners, IT Pros and Developers

      Here's your guide to all the IT training sessions, partner meet-ups and annual Microsoft conferences you won't want to miss.

    • Notebook

      Microsoft Centers AI, Security and Partner Dogfooding at MCAPS

      Microsoft's second annual MCAPS for Partners event took place Tuesday, delivering a volley of updates and directives for its partners for fiscal 2026.

    • Microsoft Layoffs: AI Is the Obvious Elephant in the Room

      As Microsoft doubles down on an $80 billion bet on AI this fiscal year, its workforce reductions are drawing scrutiny over whether AI's ascent is quietly reshaping its human capital strategy, even as official messaging avoids drawing a direct line.