The Complete Guide to Email Authentication, Part 4

This is part 4 of an 8 part series on Email Authentication, to go to part one click here.

Sender ID Framework (Sender ID)

Very similar to SPF version 1 is SPF 2.0, more commonly known as Sender ID. Sender ID works on the same principles as SPF, with the exception that it not only has the capability to authenticate the domain used for the “envelope” email address, but also can authenticate the domain used in the “from” or “sender” header email address. This is the address that is typically visible in most mail programs.

Creating and Publishing Sender ID Records

The original methodology of the Sender ID standard (as defined in the RFC document) is to create and publish a Sender ID record very similar to creating an SPF record. The only difference is in the tag that is used at the beginning of the text record. Whereas SPF only uses the “v=spf1” tag, Sender ID uses “spf2.0/pra”, “spf2.0/mfrom”, or “spf2.0/mfrom,pra”, depending on what identities are being validated. With the exception of this first tag, the remainder of the Sender ID record uses the same methodology as SPF version 1.

It is interesting to note that while there has been no official change in documentation, it appears that Microsoft has adapted to and recommends using the “v=spf1” tag, as opposed to using “spf2.0”.

email authentication guide

Authenticating Sender ID Records

Authentication using Sender ID is virtually the same as with SPF authentication. The only difference is that, as described above, Sender ID verifies the domain used in the “from” or “sender” header email address – not the “envelope” email address.

>>Continue on to The Complete Guide to Email Authentication, Part 5