SPF, DKIM & DMARC
All these techniques are based on the Domain Name System (DNS). With SPF, a DNS record is created, specifying (amongst other things) which systems are allowed to send mail for the domain in question.
Let's consider a simple example involving the domain 'example.nl'. Suppose that an SPF record (which is actually just a TXT record) is created for the domain, as follows:
example.nl. IN TXT "v=spf1 ip4:203.0.113.0/24 ip6:2001:db8::/32 ~all"
That SPF record means that only servers with IP addresses in the specified series are allowed to send mail for example.nl. Any mail that claims to be from example.nl, but isn't sent from a valid IP address, will immediately be identified as suspect by the recipient's mail system. In other words, SPF helps the recipient to tell whether incoming mail is legitimate. SPF isn't entirely straightforward, though. Before enabling SPF for outgoing mail or filtering incoming mail on the basis of SPF, you need to consider the configuration carefully. However, once set up correctly (see also RFC7001), SPF is a useful tool for identifying fraudulent mail.
Read the full article here on the website of The Dutch .nl Registry: How DKIM and DMARC can help prevent phishing
Source: sidn.nl
Big companies like Microsoft have many servers to send and receive e-mail. Usally their systems are proctected to send bulk spam trought their servers. Because not everything can be detected their servers are also used to send spam. Thats why now and then one of their servers is listed on our blacklist.
We will always report the spam action to Microsoft so they can take action. Normaly the server will be removed from our RBL with 1 a 2 working days and will be added to the whitelist if Microsoft request this.