Sender Id is coming! Get your TXT records in order!
You heard right, Sender Id is coming! What is Sender Id, you ask? Don't feel bad, most Exchange admins are asking the same question. Essentially (and very simplified) Sender Id is part of an initiative (I'm not sure that is the exact correct word), to reduce spam. Sender Id is part of the Sender Policy Framework (SPF).
So how does it work? First, you create a DNS TXT record for your domain (or domains) that identifies the mail servers from which e-mail will be sent for your domain. SMTP servers that support Sender Id will then check that TXT record when they receive a message from one of your users.
Here is the FUD (fear, uncertainty, and doubt) part. If the message is coming from a domain that does not have a Sender Id TXT record or the record does not match the sending IP address, the receiving system has a couple of options:
- Do nothing.
- Reject the message entirely. (!!!!)
- Accept the message and then delete it prior to delivering it to the user.
- Give the message to the anti-spam inspection system with the assumption that the antispam system (such as Microsoft's IMF starting in Exchange 2003 SP2) will give the message a higher spam probability if the sender's domain does not have valid Sender Id records
Needing Sender Id TXT records for each of your e-mail domains is not FUD or a rumor. What to do? First, get to know Sender Id and SPF a little better. Microsoft has a Sender Id home page with lots of good information.
To make figuring out what your Sender Id TXT record needs to be, Microsoft has published their Sender ID Framework SPF Record Wizard; this wizard makes creating your TXT record for your domain MUCH easier. This wizard will also test your existing domain to see if there are any records. You can then send a mail message to firstname.lastname@example.org and you will get an automated response verifying the Sender Id record.
The sooner you can make this happen, the better off you will be.
Will Sender Id eliminate spam? No. Many spammers will simply generate, regenerate, and regenerate SPF records for whatever IP addresses their are currently using. An RBL (realtime block list) like The Spamhaus Project's SBL and XBL lists can help with these types of spammers that like to think they are legimate marketing organizations. I use Spamhaus's SBL-XBL combined list and I know that it reduces the amount of spam I receive by about 60% (and the very occasional valid message, too.)
Will Sender Id create lots of confusion, newsgroup questions, calls to tech support, and angry users/admins? I'm betting it will. Just like the RBLs, this will cause some legimate e-mail to be rejected. And, unfortunately, there are people out there managing DNS servers that can't even get A and MX records created properly, so the TXT records (which are somewhat more complicated) are just going to make matters worse.
Clustering MVP Russ Kaufmann forwarded on to me this link from his blog about his experience with this first mail rejection due to sender id. Thanks Russ!