Browse Definitions :
Definition

Sender ID

Sender ID is Microsoft's proposed e-mail sender authentication protocol designed to protect against domain spoofing and phishing exploits. The Sender ID Framework, as Microsoft calls it, comprises three separate specifications: Sender Policy Framework (SPF), Caller ID for e-mail, and Submitter Optimization. Briefly, here's how it works: The Domain Name System (DNS) maintains SPF records for domains. When an e-mail message is received by the inbound mail server, the server looks up the sending domain's published DNS record and determines whether the sending server's IP address matches the one on record. If the record matches, the e-mail is authenticated and delivered to the recipient; otherwise, the message is either discarded or returned to the sender as bounce e-mail.

Domain spoofing is often used to make recipients think that a fraudulent message comes from a legitimate source; the sender is likely to be phishing (pronounced fishing) for information that will give them access to the recipient's resources, such as credit card numbers, user names, and passwords. These messages often purport to come from well-known companies; AOL, BestBuy, MSN, PayPal, and Yahoo have all been imitated. When the attacker pretends to represent a well-known company, the exploit is sometimes called a brand spoof.

This was last updated in November 2005

Continue Reading About Sender ID

SearchCompliance

  • information governance

    Information governance is a holistic approach to managing corporate information by implementing processes, roles, controls and ...

  • enterprise document management (EDM)

    Enterprise document management (EDM) is a strategy for overseeing an organization's paper and electronic documents so they can be...

  • risk assessment

    Risk assessment is the identification of hazards that could negatively impact an organization's ability to conduct business.

SearchSecurity

  • PKI (public key infrastructure)

    PKI (public key infrastructure) is the underlying framework that enables entities -- users and servers -- to securely exchange ...

  • obfuscation

    Obfuscation means to make something difficult to understand.

  • dumpster diving

    Dumpster diving is looking for treasure in someone else's trash.

SearchHealthIT

SearchDisasterRecovery

  • risk mitigation

    Risk mitigation is a strategy to prepare for and lessen the effects of threats faced by a business.

  • call tree

    A call tree is a layered hierarchical communication model that is used to notify specific individuals of an event and coordinate ...

  • Disaster Recovery as a Service (DRaaS)

    Disaster recovery as a service (DRaaS) is the replication and hosting of physical or virtual servers by a third party to provide ...

SearchStorage

  • cloud storage

    Cloud storage is a service model in which data is transmitted and stored on remote storage systems, where it is maintained, ...

  • cloud testing

    Cloud testing is the process of using the cloud computing resources of a third-party service provider to test software ...

  • storage virtualization

    Storage virtualization is the pooling of physical storage from multiple storage devices into what appears to be a single storage ...

Close