What is Sender-ID?

Sender-ID or Sender-ID Framework (SDIF) is an experimental protocol designed to allow any SMTP Server to validate the fact that the domain used in the incoming mails is legally used and approved by the real owner of such domain. By using records similar to the ones used by SPF, an SMTP Server may obtain detailed information about the authorized servers that are allowed to that domain name.

Unlike SPF, Sender-ID may accept a mail that shows differences between DNS records and the domains used in the MAIL command and the FROM header, however a mail client (like Outlook) can use this information to put special markings on the mail or some content like images or URLs.

The official definition of SDIF as shown in Microsoft’s official page is:

Sender ID seeks to verify that every e-mail message originates from the Internet domain from which it claims to have been sent. This is accomplished by checking the address of the server that sent the mail against a registered list of servers that the domain owner has authorized to send e-mail. This verification is automatically performed by the Internet service provider (ISP) or the recipient’s mail server before the e-mail message is delivered. The result of the Sender ID check can be incorporated into the filtering tasks that are already performed by the mail server. After the sender has been authenticated, the mail server may apply conventional content filters and consider past behaviors, traffic patterns, and sender reputation when determining whether to deliver mail to the recipient.

Because this is a Microsoft protocol, the hotmail.com (live.com) platform uses this technology. This helps a lot in the tunning the protocol needs to be more effective. Sender-ID is also included in Microsoft Exchange Server.

 

For more information about the rules to create, transmit and process an email you can check out our publication on The SMTP Protocol Fundamentals.

Remember to send us your questions and comments to our Twitter account:@redinskala where you can find more information and security tips.

Thanks for your visit!