Sending Email and Microsoft's Sender ID

In June 2005, Microsoft began to implement its check for Sender ID records of its Hotmail and MSN email accounts using their version of a specification known as Sender Policy Framework (SPF). Sender ID is only slightly different than SPF, in face Sender ID is specified in the Sender ID string as "v=spf2." Sender ID records are simple identification records attached to the Domain Name Server(s). This identification allows the recipient mail server to determine that email being received is coming from a domain authorized to send that email.

Legitimate email marketers will definitely want to take the time to establish a Sender ID, or risk non-delivery of a substantial portion of their legitimate email messages. Those messages could either be automatically blocked or sent to the recipient’s junk email folder if they fail the check. It will only be a matter of time before other large online email accounts and Internet Service Providers (ISPs) also begin to check Sender ID to authenticate email. MSN and Hotmail already check for Sender ID records, although it does not yet block unauthorized senders.

It is extremely important to test your email messages in a variety of email clients, including Hotmail. If no Sender ID record is associated with the domain name server, the message displays a warning, indicating that the sender could not be verified. Depending on the recipient's filter settings, the message may never even be seen. Each incident will add to the deniability rate, as the ISP learns more about a particular machine’s email practices. It is important to configure your Sender ID as soon as possible.

Here's how to configure your Sender ID

Simply go to the Sender ID Framework wizard at http://www.anti-spamtools.org/SenderIDEmailPolicyTool/Default.aspx and follow the four easy steps (These steps may need to be taken by your network administrator, who should readily understand all the technical instructions that will be requested). Additional configuration may be necessary for companies with multiple name servers, or those who are sending email on behalf of companies with a different domain. Once the initial record is made, there are options for implementing more advanced features of Sender ID.

Once implemented, it is a good idea to check the Sender ID record (this check can also occur ahead of time, in case the network administrator already has Sender ID in place). Go to http://www.dnsreport.com and enter the domain name to check. The results of the Sender ID test appear toward the bottom of the report at the end of the "Mail" section. If there is no record, a yellow warning is displayed, with some information on why you need Sender ID.

Another new term associated with Sender ID and Sender ID is Purported Responsible Address, or PRA. The PRA is a modification to Sender ID on the recipient mail server that should address concerns about blocking forwarded messages. Microsoft will shortly be implementing PRA in their mail servers, namely Hotmail and MSN. As a sender, the only step you need to take for PRA configuration is to ensure that the Sender ID is associated with the proper domain; the recipient mail server determines whether it will simply look for the Sender ID or implement PRA.

For more information about Sender ID, you can visit the Sender ID home page at http://www.microsoft.com/mscorp/safety/technologies/senderid/default.mspx.