Authentication – SPF and/or SenderID?

After jibbering on about authentication the other day, I had another read through it and thought that I’d best check the details on the old SPF and Sender-ID malarkey.

SPF is is Sender Policy Framework, the idea behind it is to stop sender address forgery.
Sender-ID is also anti-spoofing concept that was supposed to be SPF and more but it did not quite work out that way.

Here is the fun I had trying to find out…

Obviously I Googled it, I’ve not got into the habit of Binging it and to be honest, Google still gives me better results – I digress.
Google took me here “SPF vs Sender ID“, which is the definative blurb but not really written for the average marketer wanting to know whether or not to care about authentication. Wikipedia says something very similar too.

Further down my Google results I find Terry Zink’s Anti-spam Blog. This paints SenderID as doing everything SPF does and more, then I look in the URL and see – so it is Microsoft! Anyway, Terry says that SPF is applied at the server level will be stored in the ‘envelope’, which is the part of the email headers that has all of the lowest level tekki stuff for the email. SenderID is apparently added in the header as well but SenderID is linked with the from address, which is not in the envolope and is displayed to the recipient’s email client so that means that it protects content.
That is a lovely idea although it does contradict experiences I have had when applying it.

Further down in my Google Results I found an article from Tamara Gielen called “Sender ID vs. SPF: What’s the Difference?“, the article is not about SenderID vs SPF at all, in fact it summerises, in a very copy and paste kind of way, an article by Stefan Pollard for Clickz called “Hotmail Delivery Tips for Sender ID and SPF“, so I went stright to the article a bit dissapointed. I then read the Clickz article and there is a section called “Sender ID vs. SPF: What’s the Difference?” but nothing really comparative.

I then went onto the next page of Google results, I know, it was a brave move and very scary but I got through it.
It all got very tekki from there and not really relevant to the question “which one’s better and can they be used together?”.

So in summary, there does not seem to be anybody, who can get in the first two pages of Google, writing on the internet who can tell me what the differnce is. So I am sticking with the answer I got from my System Administrator mate who said “Sender ID is only any good for Hotmail and Yahoo and could actually make it worse for everyone else. If you want to get into Hotmail and Yahoo consistently, don’t spam people and they’ll let you send as many as you like!”.
– Never a truer word spoken, amen.

Finally I went to the trusty Email Marketing Reports and even Mark Brownlow has not got a definative answer but he did link to an interesting table from MailChimp of all people about who does what.

If you are having nightmares with Hotmail and Yahoo having a word with Return Path is probably your best bet unless you have a load of IPs with great reputations in the cupboard and you only send double opt-in.
Finally, SenderID is, apparently, not the same as Return Path’s authentication. Although what I’ve seen of it it looks exactly the same, so it might possibly be an SPF record / SenderID that is registered specially with Hotmail and Yahoo to give any emails using it much better deliverability. This is a guess, very logically thought out but a guess non-the-less!

2 responses to “Authentication – SPF and/or SenderID?

  1. Thanks for mentioning Return Path. To be clear, Return Path's accreditation programs do improve delivery at both Yahoo and Hotmail. However, our accreditation programs are not an authentication standard. Moreover, for a sending IP to be certified, it must have a good reputation to start. If you want to improve your reptuation, we'd be pleased to help you with that as well.


Comments are closed.