What is a Sender ID?

Article Details
  • Written By: Mary McMahon
  • Edited By: Kristen Osborne
  • Last Modified Date: 09 November 2019
  • Copyright Protected:
    Conjecture Corporation
  • Print this Article
Free Widgets for your Site/Blog
In 2009, swimming’s governing body banned the full-body "supersuits" worn by many athletes at the 2008 Olympics.  more...

November 14 ,  1972 :  The Dow Jones closed higher than 1,000 for the first time in history.  more...

Sender ID is a method developed by researchers at Microsoft for verifying the sender of an email communication. This is one among a number of tactics developed by various working groups for addressing issues like spam, phishing, and ethically dubious uses of email systems. The framework is similar to sender policy framework (SPF), although it works slightly differently, focusing on different aspects of an email to verify the sender's identity.

Under sender ID, when email arrives on a server for someone, the server looks up the originating information in the headers and then checks with a domain name server (DNS) to see if the stated identification of the sender matches the server data. If an email purporting to come from resolves to a different server, the sender ID system knows that the email is trying to spoof the recipient, tricking the person into thinking it comes from one place when it's actually from another.

The system will flag emails with originations that do not match the claims made in their headers. These can be deleted, bounced back to the sender, sent to a spam trap, or quarantined. The sender ID system can be configured in the way that best suits the needs of the users. Some users want to know what kinds of email are being flagged, while others may want people attempting to spoof them to know that the emails are not getting through.


The disadvantage to sender ID is that if records are outdated or erroneous, as can happen, email may be trapped in the system when it is actually legitimate. It can take up to 48 hours for changes of information to propagate across the DNS system. Someone might, for example, move a domain to a new host and then email a friend. The email would be caught by the sender ID authentication because it wouldn't match the existing record the system finds, even though it is genuine.

As with other measures designed to increase email and computer security, sender ID has strengths and weaknesses. People interested in facilitating spoofing, spamming, and similar activities with email can work to develop workarounds and exploits to take advantage of the holes they find in such security frameworks. For this reason, security experts recommend creating layers of security. If a malicious email slips through sender ID, for example, it might be caught by an antivirus program and sent to quarantine before someone opens it and infects the system.


You might also Like


Discuss this Article

Post your comments

Post Anonymously


forgot password?