Sender ID Resources
Tools and Information to Aid in Deploying E-Mail Authentication
Published: September 30, 2004 | Updated: September 7, 2007
The following resources have been created to assist both senders and receivers in deploying Sender ID. Senders, domain holders, and brand holders can learn about steps they can take to protect their brand and customers from deceptive e-mail and phishing exploits. Receiving networks, including ISPs, carriers, and corporate networks, can expedite e-mail that has been authenticated by using Sender ID into their overall messaging hygiene architecture. These resources have been created based on more than three years of real-world deployments of Sender ID and hundreds of corporate deployments, and they have been adopted by more than 12 million domain holders.
Submit feedback and suggestions
Many of these recommendations can also be used for complementary authentication protocols, including Domain Keys Identified Mail (DKIM).
Sender ID provides the following benefits:
Improved deliverability of legitimate e-mail
Increased protection of your brand and domain from phishing attacks
Reduced false positives (up to 85 percent) for senders with good reputations
Increased protection from spam and phishing, with a detection rate of more than 95 percent for phishing exploits
Improved online trust and confidence
Improvements in overall spam detection of 10 percent or more
Easy implementation and management at no cost you
On This Page
Implementation Resources and Guides
Sender ID Business Value White Paper
(Portable Document Format file, 767 KB)
This Sender ID Case study outlines the business and technical value of Sender ID, including user and brand protection, enhanced deliverability of legitimate e-mail, and increased spam detection. It is based on real-world data from Windows Live Hotmail, GoDaddy.com (the world's largest domain registrar), and eBay/PayPal.
Implementation Tips for the Sender ID Framework
This overview of the Sender ID Framework includes instructions on using text files with the revised Sender Policy Framework (SPF) format, Purported Responsible Address (PRA) and "Mail From" checks, and the submitter Optimizations. It also provides a step-by-step guide on how to create your own SPF record. Get valuable tips and answers to frequently asked questions on implementing the Sender ID Framework.
The Sender ID Framework: Protecting Your Brand, Users, and Infrastructure
(Portable Document Format file, 1416 KB)
This presentation provides an overview of the Sender ID Framework and the business value of e-mail authentication.
Microsoft Exchange Server Intelligent Message Filter v2 Operations Guide
This guide provides overall operational information to help optimize the performance of Exchange Server Intelligent Message Filter, including Sender ID filtering options and IP address configuration for Sender ID filtering.
Sender ID Tools
Sender ID Framework SPF Record Wizard
This multistep wizard guides you through the process of creating a new SPF record for your Domain Name System (DNS) domain. After you create your record, you will need to add the text file to your domain's DNS zone file configuration. Depending on the complexity of your e-mail infrastructure, you may need to manually edit the SPF record created. Microsoft and the Internet Engineering Task Force (IETF) recommend that PTR (pointers) not be included within SPF records owing to the increased chance of error rates and additional DNS traffic.
Submissions to Windows Live Hotmail
You are encouraged to notify Microsoft after you publish your SPF record to your DNS zone file. Doing so will help ensure that your record is automatically included in the SIDF cache and will reduce the risk of DNS latency.
Submit a request to have your domain added to the SIDF cache
Third-Party Verification Tools and Resources
For e-mail authentication, tools, resources, and best practices from leading industry vendors, visit the Authentication and Online Trust Alliance Web site. This site includes resources to help ensure that your domains are optimized for Sender ID Framework and other complementary technologies.
Visit the Authentication and Online Trust Alliance resources site
The Internet Engineering Task Force Request for Comments
The IETF approved Sender ID in April 2006 as an experimental standard and issued a Request for Comments (RFC). The Sender ID Framework includes four separate specifications:
Sender ID: Authenticating E-Mail
This core document describes how the Sender ID Framework works. The specification provides an overview of the usage of SPF records, as well as information on how to check the validity of either the "Mail From" or the PRA of an e-mail message and how to interpret the results of the check.
Sender Policy Framework: Authorizing Use of Domains in "Mail From"
This IETF page describes the content and format of the SPF record, the information that senders need to publish in DNS regarding their outbound e-mail servers. It also describes how receivers use this information to validate the "Mail From" domain of an e-mail message.
Purported Responsible Address in E-Mail Messages
This page describes how to extract the PRA—the identity of the party most recently responsible for submitting the message—from an e-mail message.
SMTP Service Extension for Indicating the Responsible Submitter of an E-Mail Message
This memo defines an extension to the SMTP service that helps receiving e-mail servers determine whether the SMTP client is authorized to transmit e-mail on behalf of the responsible submitter's domain.
Sender ID Framework Licensing Information
No license is required from Microsoft for any implementation of the Sender ID Framework, including implementations of the Purported Responsible Address (PRA). Working closely with the Open Source Community, Microsoft provides the choice of the Open Specification Promise (OSP) or the RANDZ standards license. The OSP is an alternative approach being offered in which Microsoft irrevocably promises not to assert any necessary patent claims against anyone for making, using, selling, or distributing any implementation of Sender ID PRA check technologies to the extent it implements the specification. Recipients of the OSP do not need to sign or fax a license back to Microsoft, and because the OSP applies directly to everyone, there is no need for the ability to sublicense. This step by Microsoft makes its patented technology available to the entire e-mail and Internet ecosystem, including the open source community. Larry Rosen, a leading open source attorney, has stated, "Microsoft's introduction of the OSP is a good step to further enable collaboration between software vendors and the open source community. This OSP enables the open source community to implement these standard specifications without having to pay any royalties to Microsoft or sign a license agreement."
Learn more about the Open Specification Promise
Learn more about RANDZ
Overview of Sender ID
Sender ID Overview
This industry brochure describes the benefits of implementing Sender ID and is available in a number of languages. To view an online version, click Low for your chosen language in the table. To print a high-resolution copy, click High (print-ready) and download the file.
Learn more about third-party Sender ID Framework industry support and solutions