25% of Legitimate Mail Now Uses SPF/SenderID

According to the Microsoft people at Hotmail, roughly 25% of inbound email now has an appropriate SPF record.

This is encouraging news. It means that more and more domain owners are publishing SPF records that say which machines on the internet are authorized to send email "from" their domain.

We have two caveats to this, but they are minor:

  • 25% probably represents only a few domains, but they are the major ones: AOL, Earthlink, Gmail, etc.
  • Some of the sample is going to be spam. Much of the spam will have already been filtered out by Hotmail's IP-level filtering, but some would still get through at the point of measurement. This will be subject to later, content based filtering.

As we've said before, domain owners should publish SPF records in the domain name system (DNS), in order to help receiving systems spot messages with forged senders.

This will no doubt be discussed at the Email Authentication Summit on July 12th in New York.

Post a comment

You must be logged in to post a comment. To comment, first join our community.