The Sender ID Framework is an e-mail authentication technology protocol that helps address the problem of spoofing and phishing by verifying the domain name from which e-mail messages are sent.
E-mail has become an important part of everyday life, enhancing communications, productivity, and e-commerce. Unfortunately, spammers and online criminals exploit e-mail, creating threats to security and personal identity. Left unchecked, these dangers undermine customer trust and online confidence, and they make it increasingly difficult to ensure the deliverability of legitimate e-mail.
How Sender ID Works?
Sender ID validates the origin of e-mail messages by verifying the IP address of the sender against the alleged owner of the sending domain.
To use SIDF, e-mail senders and domain owners must publish or declare all of the Internet Protocol (IP) addresses used by their outbound e-mail servers, or the IPs authorized to send e-mail on their behalf, in the Domain Name System (DNS). These IPs are included in a Sender Policy Framework (SPF) text file.
- A sender or user sends an e-mail message from an e-mail client or Web interface. No interaction or changes to the sender's client or Mail Transfer Agent (MTA) are required.
- The recipient's inbound e-mail server receives the e-mail message. The server uses SIDF and calls the Purported Responsible Domain's (PRA) DNS for the SPF record.
- The receiving MTA determines whether the outbound e-mail server's IP address matches the IP addresses that are authorized to send e-mail for the domain.
- For most domains and IPs, sender reputation data is applied to the SIDF verdict check.
- Based on the SPF record syntax, the pass or fail verdict, the reputation data, and the content filtering score, the receiving MTA delivers the e-mail message to the inbox, a junk or bulk folder, or a quarantine folder. If an e-mail message fails, the receiving network may block, delete, or junk the e-mail.
