Tuesday, April 26, 2011

Sender Policy Framework

The Sender Policy Framework is a simple and easy to use method to prevent email address spoofing. Of course, someone has to muddy the waters. Hotmail uses a protocol called Sender-ID, which looks an update to SPF ("spf2.0") but is in reality a competing experiment from Microsoft.

There are a number of problems with Sender-ID. The worst problem is that it expects certain email headers which may not be present in a legitimate email that follows the established standards. Microsoft refuses to address this problems and as a result, both SPF and Send-ID have stalled in the standardization process.

Sigh. Some things never change.

No comments:

Post a Comment