Microsoft announced the release of its anticipated Sender ID technology which would be used to filter out some spam and phishing (email messages trying to steal your money/identify) messages.
How Sender ID works is that it matches the “from” line in an email with domain name of the email sender. So, if you get an email from firstname.lastname@example.org it will see if the email server that sent email from citibank.com is REALLY the email address of citibank.com. Sender ID is now implemented for HotMail users.
I am tempted to applaud Microsoft for its efforts to stop spam and phishing but I’m not sure if a) this is simply another effort by Microsoft to boost sales by forcing a proprietary solution and 2) so many experts do not like how Microsoft has implemented this technology and not consulted others.
In some ways Microsoft’s Sender ID implementation is good news. But bad in some ways bad because according to Cnet Microsoft’s move increases pressure on e-mail senders to adopt Sender ID. The technology requires Internet service providers, companies and other Internet domain holders to publish so-called SPF (Sender Policy Framework) records to identify their mail servers.
About 1 million domains currently publish SPF records, Microsoft said. That’s far from the 71.4 million registered domains worldwide at the end of last year. Still, because some large e-mail senders such as AOL support Sender ID, about 30 percent of e-mail today carries Sender ID information, according to e-mail filtering company MessageLabs.
Cnet also writes Experts say one of the problems with Sender ID is that it doesn’t work with e-mail forwarding services. The basic premise of Sender ID is to check if an e-mail that claims to be coming from a certain Internet domain is really being sent from the e-mail servers associated with that domain.
“If you receive mail forwarded through, for example, a university alumni account, the Sender ID check fails,” said Matt Sergeant, a senior antispam technologist at MessageLabs.