Roger Howorth
Roger Howorth

Why vendors long for closure

Vendor aversion to open standards is understandable, but still harmful to users

Written by Roger Howorth

The fundamental difference between commercial and open-source software developments is that commercial coders have an incentive to offer proprietary systems and limit or avoid the use of entirely open standards.

They may therefore reject perfectly good things simply because they were invented by someone else. In other walks of life we call such behaviour madness.

There could already be a perfectly good way of doing things, such as the Simple Mail Transport Protocol (SMTP) for email, or the Domain Name System (DNS) for translating between numeric IP addresses and more manageable fully qualified domain names. But software vendors gain commercial advantage from doing things differently, and so when Microsoft made the Exchange mail server, it downplayed SMTP in favour of proprietary alternatives.

One consequence is that today, Microsoft Outlook has bugs, acknowledged by Microsoft and yet to be fixed, that prevent it from sending SMTP email using authentication and SSL encryption.

This is very serious because the authentication and encryption go hand in hand. Few people would send their username or password across the internet unless the data was encrypted.

Microsoft argues that the bug only affects systems that use a non-standard IP port for SMTP, but this is only a half-truth. The other half is that there is no standard IP port for encrypted SMTP.

The Internet Engineering Task Force (IETF) is currently considering such a standard - a draft version is currently available. The draft expires later this month, and its working title - draft-hutzler-spamops-01.txt - hints at the document's significance. If everyone was forced to authenticate to a mail server before using it, neither end-users nor server administrators would be plagued by spam. Without a standard way of encrypted authentication, I don't see how everyone could be forced to authenticate.

Meanwhile, in the absence of a standard, firms are left to do the best they can. Microsoft punts Exchange. Anti-spam vendors do likewise. The rest of us pick up the pieces.

Some firms run SMTP with authentication and encryption on the usual SMTP port of 25, but this gets tricky if you use a proxy server to filter spam from the front-end of your mail system. Ironically, the main reason for firms to secure their mail servers is not likely to be spam, but to comply with various rules on corporate governance and privacy.

Those that recognise the importance of authenticating users before allowing access to resources will no doubt rush to implement whatever standard the IETF eventually produces. Others might not be able to resist the desire to invent their own incompatible solution.

Tags:

reader comments

related articles

Fighting spam

Sender ID gains support

Some open source providers are backing the Sender ID scheme for fighting spam 05 Sep 2004

 

Canning spam

Tools, strategies and legal efforts for eradicating unsolicited email - plus advice on how to ensure legitimate email marketing remains both legal and welcome 27 Feb 2004

related whitepapers

today's top stories

Best practice: Five steps to achieving your e-commerce goals

Brian Walker of Forrester Research gives his top tips for ensuring e-commerce success 06 Jul 2009

Google meets the NHS? Politicians show their IT naivety again

The Tories like technology. They increasingly seem to think IT is going to help them win the General Election due next year.... 06 Jul 2009

How to maximise the value of your IT networking investment

A panel of experts discuss networking strategies that deliver real value to business 03 Jul 2009

Reaching the email zero count

I have noticed something quite bizarre today. Both my inboxes (work and personal) are empty – somehow I have managed to work... 06 Jul 2009

Habitat gets a web site makeover

The furniture retailer is revamping its online presence to provide a fully transactional web site. CIO Jacques Dekock explains why 02 Jul 2009

Advertisement

Newsletter signup

Sign up for our range of FREE newsletters:

More available - click 'submit' to view

Existing User

Newsletter user login:

Advertisement

Jobs

Related jobs

Job of the week

Job alerts

Sign up here

Find your next job

IT Salary Checker

Check salary here

Advertisement

White papers

Search white papers

Top categories

VPN, Extranet and Intranet Solutions

WAN/ LAN Solutions

Network Security

Interoperability-Connectivity

Grid/ Utility Computing

Latest poll

Would you use social networking sites to look for a job?

Would you use social networking sites to look for a job?

Tell us what you think about job hunting through LinkedIn, Facebook, Twitter etc

View poll results

Latest audio and video articles

network cablesVideo

How to maximise the value of your IT networking investment

A panel of experts discuss networking strategies that deliver real value to business 03 Jul 2009

green footprintsVideo

How to manage enterprise energy use - and the role IT can play

A panel of experts explore how firms can get to grips with their carbon footprint and make smarter use of energy 01 Jul 2009

Latest in-depth articles

Phil PavittAnalysis

From tracks man to tax man

Phil Pavitt, outgoing chief information officer for Transport for London, talks to Rosalie Marshall about the lessons he will take to his new role at HMRC 02 Jul 2009

UPS worker making a deliveryAnalysis

Global standardisation delivers benefits at UPS

Delivery giant sees benefits of central IT solution 02 Jul 2009

Advertisement

Primary Navigation