Authenticating and confidence marking e-mail messages

US 10,110,530 B2
Filed: 02/01/2008
Issued: 10/23/2018
Est. Priority Date: 02/02/2007
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method of authenticating an e-mail message, comprising:

extracting a plurality of e-mail headers associated with said e-mail message;

from the extracted plurality of email headers, identifying a sending edge mail transfer agent (MTA), wherein identifying the sending edge MTA comprises examining individual ones of the extracted plurality of headers to identify MTAs associated with a sending domain, and to identify a specific one of the MTAs associated with the sending domain as the sending edge MTA;

from the extracted plurality of email headers, identifying a specific sender of the e-mail message;

determining from at least one computer-accessible record whether said sending edge MTA is specifically identified as authorized to send said e-mail messages on behalf of the specific sender; and

authenticating said email message if the computer-accessible record indicates that the sending edge MTA is specifically identified as authorized to send email messages on behalf of the specific sender.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods and systems for authenticating and confidence marking e-mail messages are described. One embodiment describes a method of authenticating an e-mail message. This method involves extracting a plurality of e-mail headers associated with the e-mail message, and identifying a sending edge mail transfer agent (MTA). The method then calls for determining if the sending edge MTA is authorized to send the e-mail message.

29 Citations

View as Search Results

33 Claims

1. A computer-implemented method of authenticating an e-mail message, comprising:
- extracting a plurality of e-mail headers associated with said e-mail message;
  
  from the extracted plurality of email headers, identifying a sending edge mail transfer agent (MTA), wherein identifying the sending edge MTA comprises examining individual ones of the extracted plurality of headers to identify MTAs associated with a sending domain, and to identify a specific one of the MTAs associated with the sending domain as the sending edge MTA;
  
  from the extracted plurality of email headers, identifying a specific sender of the e-mail message;
  
  determining from at least one computer-accessible record whether said sending edge MTA is specifically identified as authorized to send said e-mail messages on behalf of the specific sender; and
  
  authenticating said email message if the computer-accessible record indicates that the sending edge MTA is specifically identified as authorized to send email messages on behalf of the specific sender.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
- - 2. The method of claim 1, wherein said plurality of e-mail headers comprise headers from the group of:
    - a plurality of “
      
      Received;
      
      ”
      
      headers;
      
      a “
      
      From;
      
      ”
      
      header; and
      
      a “
      
      Sender;
      
      ”
      
      header.
  - 3. The method of claim 2, wherein said identifying comprises examining said plurality of “
    - Received;
      
      ”
      
      headers to identify said sending edge MTA.
  - 4. The method of claim 1, wherein said determining comprises performing a sender policy framework (SPF) check to determine if the sending edge MTA is authorized to send email messages on behalf of the specific sender.
  - 5. The method of claim 1, further comprising:
    - receiving said e-mail message.
  - 6. The method of claim 1, further comprising:
    - preparing an authentication request comprising said extracted e-mail headers; and
      
      transmitting said authentication request to an authentication service.
  - 7. The method of claim 1, further comprising:
    - examining said extracted e-mail headers to determine if said e-mail message may have been sent by a known entity.
  - 8. The method of claim 1, further comprising:
    - examining said extracted e-mail headers to determine if said e-mail message may have been sent on behalf of a known entity.
  - 9. The method of claim 1, further comprising:
    - if the computer-accessible record indicates that the sending edge MTA is specifically identified as authorized to send email messages on behalf of the specific sender, displaying a confidence icon.
  - 10. The method of claim 1, wherein authenticating comprises performing an action, in response to said attempt to authenticate, wherein said action is to visually indicate a result of said attempting to authenticate on a computer screen.
  - 11. The method of claim 1, further comprising:
    - aggregating said plurality of headers;
      
      transmitting said aggregated plurality of headers to a validation server; and
      
      receiving handling instructions corresponding to said plurality of headers.
  - 12. The method of claim 1, wherein extracting comprises extracting at a server the plurality of email headers from an authentication request.
  - 13. The method of claim 1, wherein the specific sender and the sending domain are associated with respective domains.
  - 14. The method of claim 1, wherein the method further comprises failing said email message unless the computer-accessible record indicates that the sending edge MTA is specifically identified as authorized to send email messages on behalf of the specific sender.
  - 15. The method of claim 1, wherein the at least one computer-accessible record comprises a DNS record that indicates the sending edge MTA, specifically, is authorized to send email messages on behalf of the sending domain.

16. A method of authenticating an e-mail message, comprising:
- receiving an authentication request comprising a plurality of headers associated with said email message and extracting said plurality of headers from the authentication request;
  
  from the extracted plurality of headers, identifying an edge mail transfer agent (MTA) associated with a sending domain of said e-mail message, wherein identifying the edge MTA comprises examining ones of the extracted plurality of headers to identify MTAs associated with the sending domain, and identifying a specific one of the MTAs associated with the sending domain as the edge MTA;
  
  determining from at least one computer-accessible record whether said edge MTA, specifically, is authorized to send email messages on behalf of a specified sender associated with said email message; and
  
  generating an authentication response dependent on whether said edge MTA, specifically, is authorized to send email messages on behalf of the specific sender.
- View Dependent Claims (17, 18, 19, 20, 21, 22, 23, 24, 25, 26)
- - 17. The method of claim 16, further comprising:
    - determining if a known entity is involved with said e-mail message from said plurality of headers.
  - 18. The method of claim 17, wherein said determining comprises comparing the contents of at least one of a “
    - From;
      
      ”
      
      header and a “
      
      Sender;
      
      ”
      
      header with said list of known entities.
  - 19. The method of claim 16, wherein said identifying comprises examining a plurality of “
    - Received;
      
      ”
      
      headers from said plurality of headers to identify said edge MTA.
  - 20. The method of claim 16, wherein said determining comprises performing a sender policy framework (SPF) check to determine if the edge MTA is authorized to send messages on behalf of the specific sender.
  - 21. The method of claim 16, further comprising:
    - generating an authentication instruction corresponding to a known entity associated with said e-mail message, wherein said authentication instruction identifies a confidence icon associated with said known entity, said confidence icon to be displayed on an end-user computer in association with said email message.
  - 22. The method of claim 16, wherein the sender and the sending domain are associated with respective domains.
  - 23. The method of claim 16, wherein the method further comprises failing said email message unless the computer-accessible record indicates that the edge MTA is specifically identified as authorized to send email messages on behalf of the specific sender.
  - 24. The method of claim 16, wherein the at least one computer-accessible record comprises a DNS record that indicates the edge MTA, specifically, is authorized to send email messages on behalf of the sending domain.
  - 25. The apparatus of claim 16, wherein the method further comprises failing said email message unless the computer-accessible record indicates that the edge MTA is specifically identified as authorized to send email messages on behalf of the specific sender.
  - 26. The apparatus of claim 16, wherein the at least one computer-accessible record comprises a DNS record that indicates the edge MTA, specifically, is authorized to send email messages on behalf of the sending domain.

27. An apparatus comprising a non-transitory computer-readable storage medium having computer-executable instructions for performing steps, the steps comprising:
- extracting a plurality of e-mail headers associated with said e-mail message;
  
  from the extracted plurality of email headers, identifying a sending edge mail transfer agent (MTA), wherein identifying the sending edge MTA comprises examining individual ones of the extracted plurality of headers to identify MTAs associated with a sending domain, and to identify a specific one of the MTAs associated with the sending domain as the sending edge MTA;
  
  from the extracted plurality of email headers, identifying a specific sender of the e-mail message;
  
  determining from at least one computer-accessible record whether said sending edge MTA is specifically identified as authorized to send said e-mail messages on behalf of the specific sender; and
  
  authenticating said email message if the computer-accessible record indicates that the sending edge MTA is specifically identified as authorized to send email messages on behalf of the specific sender.
- View Dependent Claims (28, 29, 30, 31)
- - 28. The apparatus of claim 27, wherein said instructions are to be executed by at least one server and wherein extracting comprises extracting at the server the plurality of email headers from an authentication request.
  - 29. The apparatus of claim 27, wherein the specific sender and the sending domain are associated with respective domains.
  - 30. The apparatus of claim 27, wherein said instructions are to cause a computer to fail said email message unless the computer-accessible record indicates that the sending edge MTA is specifically identified as authorized to send email messages on behalf of the specific sender.
  - 31. The apparatus of claim 27, wherein the at least one computer-accessible record comprises a DNS record that indicates the sending edge MTA, specifically, is authorized to send email messages on behalf of the sending domain.

32. An apparatus comprising a non-transitory computer-readable storage medium having computer-executable instructions for performing steps, the steps comprising:
- receiving an authentication request comprising a plurality of headers associated with said in email message and extracting said plurality of headers from the authentication request;
  
  from the extracted plurality of headers, identifying an edge mail transfer agent (MTA) associated with a sending domain of said e-mail message, wherein identifying the edge MTA comprises examining ones of the extracted plurality of headers to identify MTAs associated with the sending domain, and identifying a specific one of the MTAs associated with the sending domain as the edge MTA;
  
  determining from at least one computer-accessible record whether said edge MTA, specifically, is authorized to send email messages on behalf of at least one of the sending domain or a specified sender associated with said email message; and
  
  generating an authentication response dependent on whether said edge MTA, specifically, is authorized to send email messages on behalf of the specific sender.
- View Dependent Claims (33)
- - 33. The apparatus of claim 32, wherein the sender and the sending domain are associated with respective domains.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Iconix Incorporated (Matthews Group LLC)
Original Assignee
Iconix Incorporated (Matthews Group LLC)
Inventors
Sachtjen, Scott A.
Primary Examiner(s)
Najjar, Saleh
Assistant Examiner(s)
Mejia, Feliciano S

Application Number

US12/024,980
Publication Number

US 20080189770A1
Time in Patent Office

3,917 Days
Field of Search

713155, 713170, 726 1, 726 4, 726 13, 726 17, 726 18, 726 21, 726 2, 726 5, 726 26- 27, 726 30, 709217, 709229
US Class Current
CPC Class Codes

H04L 41/026   using e-messaging for trans...

H04L 51/00   User-to-user messaging in p...

H04L 51/212   using filtering or selectiv...

H04L 63/10   for controlling access to d...

H04L 63/126   the source of the received ...

H04L 65/70   Media network packetisation

H04L 9/12   Transmitting and receiving ...

Authenticating and confidence marking e-mail messages

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

29 Citations

33 Claims

Specification

Solutions

Use Cases

Quick Links

Authenticating and confidence marking e-mail messages

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

29 Citations

33 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links