Click Here to Install Silverlight*
United StatesChange|All Microsoft Sites
Microsoft
Safety 

Sender ID Framework Overview

Verification System Aims to Reduce Spam and Increase Safety Online

Published: September 30, 2004 | Updated: September 17, 2007

E-mail has become an important part of everyday life, enhancing communications, productivity, and e-commerce. Unfortunately, spammers and online criminals exploit e-mail, creating threats to security and personal identity. Left unchecked, these dangers undermine customer trust and online confidence, and they make it increasingly difficult to ensure the deliverability of legitimate e-mail.

To address this critical security issue, Microsoft is participating in an industry consortium that has developed the Sender ID Framework (SIDF). SIDF has been approved by the Internet Engineering Task Force to help increase the detection of deceptive e-mail and to improve the deliverability of legitimate e-mail. SIDF is an e-mail authentication protocol designed to be implemented at no cost for all senders, independent of their e-mail architecture. Today, SIDF is the leading solution embraced by more than 12 million domain holders, sending nearly 50 percent of all legitimate e-mail worldwide.

When receiving networks include the SIDF results with their existing antispam solutions, SIDF can improve e-mail deliverability while also reducing false positives. Although it will not stop spam completely, SIDF can help improve online trust and confidence when it is used with reputation data and antispam and phishing heuristics.

How Sender ID Works

Sender ID seeks to verify that every e-mail message originates from the Internet domain from which it claims to have been sent. This is accomplished by checking the address of the server that sent the mail against a registered list of servers that the domain owner has authorized to send e-mail. This verification is automatically performed by the Internet service provider (ISP) or the recipient's mail server before the e-mail message is delivered. The result of the Sender ID check can be incorporated into the filtering tasks that are already performed by the mail server. After the sender has been authenticated, the mail server may apply conventional content filters and consider past behaviors, traffic patterns, and sender reputation when determining whether to deliver mail to the recipient.

To use SIDF, e-mail senders and domain owners must publish or declare all of the Internet Protocol (IP) addresses used by their outbound e-mail servers, or the IPs authorized to send e-mail on their behalf, in the Domain Name System (DNS). These IPs are included in a Sender Policy Framework (SPF) text file.

The following diagram and steps outline the SIDF process:

1.

A sender or user sends an e-mail message from an e-mail client or Web interface. No interaction or changes to the sender's client or Mail Transfer Agent (MTA) are required.

2.

The recipient's inbound e-mail server receives the e-mail message. The server uses SIDF and calls the Purported Responsible Domain's (PRA) DNS for the SPF record.

3.

The receiving MTA determines whether the outbound e-mail server's IP address matches the IP addresses that are authorized to send e-mail for the domain.

4.

For most domains and IPs, sender reputation data is applied to the SIDF verdict check.

5.

Based on the SPF record syntax, the pass or fail verdict, the reputation data, and the content filtering score, the receiving MTA delivers the e-mail message to the inbox, a junk or bulk folder, or a quarantine folder. If an e-mail message fails, the receiving network may block, delete, or junk the e-mail.

A Significant Step Forward

There is no single solution that will stop all spam and online fraud. However, Sender ID is a significant step, and more than 12 million domains worldwide are using it as a means to counter spam and online phishing attacks. Other complementary technologies are also being developed and will coexist with Sender ID. These include signing solutions and additional antispam filters, such as Microsoft SmartScreen, which works with MSN, Windows Live Hotmail, Microsoft Office Outlook, and Microsoft Exchange Server.

For More Information

The Sender ID Technology and Sender ID Resources Web pages provide detailed technical information for network administrators and IT professionals.

Go to the Sender ID Technology: Information for IT Professionals page

Go to the Sender ID Resources page



© 2014 Microsoft Corporation. All rights reserved. Contact Us |Terms of Use |Trademarks |Privacy & Cookies