Microsoft and other industry leaders champion Sender ID as an initiative that provides a technical solution to help counter spoofing. Spammers use spoofing as their primary deceptive practice.
E-mail domain spoofing involves forging a sender's address on e-mail messages. Malicious individuals use spoofing to mislead e-mail recipients into reading and responding to deceptive mail. These phony messages can jeopardize the online safety of the user, and can damage the reputation of the company which seemingly sent the e-mail message.
Spoofed e-mail often contains "phishing" scams. In these scams, a spammer, posing as a trusted party such as a bank or reputable online vendor, sends millions of e-mail messages directing recipients to websites that appear to be official, but which are really scams. Visitors to these fraudulent websites are asked to disclose personal information, such as credit card numbers, or to purchase counterfeit or pirated products.
Sender ID seeks to verify that every e-mail message originates from the Internet domain from which it claims it was sent. Sender ID checks the address of the server that sent the mail against a registered list of servers that the domain owner or e-mail recipient have allowed to send e-mail. The Internet service provider (ISP) or recipient's e-mail server automatically perform this comparison before the e-mail message is delivered. If the Sender ID verification passes, the message is delivered as regular mail.
If the check fails, the message is further analyzed and the receiving server may refuse to deliver the e-mail, or it may flag the e-mail as a possible deceptive message. Depending on the recipient's ISP or e-mail server software, messages that fail the Sender ID check may be flagged and sorted differently. For example, a simple icon may be displayed in the message to indicate the failure. Or the message may be sent to the junk mail folder for the recipient's review, or it may be automatically rejected and deleted.
There is no single solution to stopping all spam and online fraud. However, Sender ID is a significant first step that many in the industry support to counter spam and online phishing attacks.
Thanks to Frank & Indi for this