Just a semantic point, but isn't what you are calling sender ID really SPF?
I thought that all SPF records started with "v=spf1" and all Sender ID records started with "spf2.0"?
In the email authentication settings page for a given domain, it shows:
DomainKeys, Sender ID, & SPF.
I haven't made any changes to my DNS records yet, however I see that:
- SPF is verified
- Sender ID is not verified, however it asks that I add this record: "v=spf1 mx include:cmail1.com ~all" which I'm pretty sure is an SPF record not a Sender ID record.
I guess by SPF verified you mean that you've added our domain to your SPF record, not that our SPF record allows mail to be sent from your domain.
Thanks for the question, authentication can be confusing stuff sometimes. I often get lost myself. Basically, it's the "include:cmail1.com" This refers to the correct Sender ID records we maintain in our own DNS which will ensure you are covered.
In regards to SPF being automatically covered, the SPF standard looks at the return-path address in your mail headers, which point back to our servers for every email you send. Because of this, all emails we deliver are automatically covered by our default SPF record.
By ensuring the "include:cmail1.com" statement is included in your own SPF record, both bases are covered.
Hope that helps.
But if I refer to http://www.openspf.org/SPF_vs_Sender_ID then SPF is v=spf1 and SenderID is "spf2.0/pra", "spf2.0/mfrom", or "spf2.0/mfrom,pra". So when you talk about SenderID, you are actually referring to SPF from OpenSPF but not Microsoft's SenderID ? (Quite confusing yes :)
But if you go through Microsoft's SenderID wizard they just give you back v=spf1 record so maybe spf2.0 isn't used?