Domain spoofing refers to the use of someone else’s domain name when sending a message and is part of the larger problem of spoofing (the practice of forging the sender’s address on e-mail messages). Domain spoofing can also be used by malicious individuals in phishing scams, which try to lure consumers into divulging sensitive personal information by pretending the e-mail is from a trusted source, such as a consumer’s bank. Disclosure of such information can lead to identity theft and other online consumer fraud.

The Sender ID Framework is designed to verify that each e-mail message originates from the Internet domain from which it claims to come based on the sender’s server IP address. Eliminating domain spoofing will help legitimate senders protect their domain names and reputations, and help recipients more effectively identify and filter junk e-mail and phishing scams.

Benefits:

1. Improved deliverability of legitimate e-mail
2. Increased protection of your brand and domain from phishing attacks
3. Reduced false positives (up to 85 percent) for senders with good reputations
4. Increased protection from spam and phishing, with a detection rate of more than 95 percent for phishing exploits
5. Improved online trust and confidence
6. Improvements in overall spam detection of 10 percent or more
7. Easy implementation and management at no cost you

How it works?

1. A sender or user sends an e-mail message from an e-mail client or Web interface. No interaction or changes to the sender’s client or Mail Transfer Agent (MTA) are required.

2. The recipient’s inbound e-mail server receives the e-mail message. The server uses SIDF and calls the Purported Responsible Domain’s (PRA) DNS for the SPF record.

3. The receiving MTA determines whether the outbound e-mail server’s IP address matches the IP addresses that are authorized to send e-mail for the domain.

4. For most domains and IPs, sender reputation data is applied to the SIDF verdict check.

5. Based on the SPF record syntax, the pass or fail verdict, the reputation data, and the content filtering score, the receiving MTA delivers the e-mail message to the inbox, a junk or bulk folder, or a quarantine folder. If an e-mail message fails, the receiving network may block, delete, or junk the e-mail.

There is no single solution that will stop all spam and online fraud. However, Sender ID is a significant step, and more than 12 million domains worldwide are using it as a means to counter spam and online phishing attacks. Other complementary technologies are also being developed and will coexist with Sender ID.