Combined Microsoft, SPF E-Mail Standard Goes to Standards Body

  |  June 25, 2004   |  Comments

The move is seen as a critical step toward e-mail authentication and the end of spoofing, phishing and spam.

Microsoft and Sender Policy Framework (SPF) author Meng Weng Wong have converged their respective email authentication standards and submitted the resulting specification, now called Sender ID, to the Internet Engineering Task Force.

Sender ID, like its progenitors SPF and Caller ID for E-Mail, is aimed at adding the identity element to email. That's seen as a critical first step in eliminating spoofing, phishing and spam. The news comes on the heels of public support for authentication standards expressed by both the ISPs' Anti-Spam Technical Alliance and the Federal Trade Commission.

"Over half of the email targeting our Hotmail customers today come from spoofed domains, and we are committed to taking this trick away from spammers," said Ryan Hamlin, general manager of the Anti-Spam Technology and Strategy Group at Microsoft.

Sender ID works by looking at information both in the "envelope" of the email message and in the message itself. It compares that information with data published by domain owners in the Domain Name System (DNS), to confirm the email actually came from the domain that it appears to be from. For example, recipients could be sure an email from was actually from someone at the domain.

There's been some controversy over the format in which the Sender ID records should be published in the DNS. The merged specification calls for an XML format -- a format many critics say is unnecessarily complicated and difficult to deal with. However, the Sender ID authors have made the specification backwards compatible with the simpler SPF text format. More than 20,000 domains have already published records in that format, according to Wong.

AOL, as one of those that published the original SPF standard, is pleased with Sender ID. "We are glad the new standard is fully backwards compatible with the existing SPF, which is in use by tens of thousands of domains on the Internet already," said Carl Hutzler, director of Antispam Operations at AOL.

A number of email service providers have already adopted SPF and other authentication technologies. AOL has said it will require those on its whitelist to publish SPF records by the end of the summer.


Pamela Parker

Pamela Parker is a former managing editor of ClickZ News, Features, and Experts. She's been covering interactive advertising and marketing since the boom days of 1999, chronicling the dot-com crash and the subsequent rise of the medium. Before working at ClickZ, Parker was associate editor at @NY, a pioneering Web site and e-mail newsletter covering New York new media start-ups. Parker received a master's degree in journalism, with a concentration in new media, from Columbia University's Graduate School of Journalism.

COMMENTSCommenting policy

comments powered by Disqus

ClickZ Today is our #1 newsletter.
Get a daily dose of digital marketing.



Featured White Papers

2015 Holiday Email Guide

2015 Holiday Email Guide
The holidays are just around the corner. Download this whitepaper to find out how to create successful holiday email campaigns that drive engagement and revenue.

Three Ways to Make Your Big Data More Valuable

Three Ways to Make Your Big Data More Valuable
Big data holds a lot of promise for marketers, but are marketers ready to make the most of it to drive better business decisions and improve ROI? This study looks at the hidden challenges modern marketers face when trying to put big data to use.