Electronic mail sender verification

US 10,200,345 B2
Filed: 10/27/2014
Issued: 02/05/2019
Est. Priority Date: 10/29/2013
Status: Active Grant

First Claim

Patent Images

1. A method for verifying a purported sender of an e-mail message, the method comprising:

retrieving an encryption key associated with a device from which the e-mail message originated;

attempting decryption of one or more components of the e-mail message using the encryption key;

determining that the decryption fails;

in response to determining that the decryption fails, disarming but not deleting the e-mail message to form a disarmed e-mail message;

delivering the disarmed e-mail message in place of the e-mail message;

parsing a transaction identifier from the e-mail message, wherein the transaction identifier identifies a mail submission transaction by which the e-mail message was submitted; and

comparing the transaction identifier to one or more previously stored transaction identifiers associated with the purported sender of the e-mail.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An e-mail server decrypts attachments of an e-mail message with a key associated with a sending device such that failure of the decryption indicates the e-mail message can be harmful. The sending device inserts its device identifier into the e-mail message as a header and uses an encryption key associated with the device identifier and a digital fingerprint of the sending device to encrypt all attachments of the e-mail message. The delivering e-mail server processes the e-mail message. If the e-mail message contains no identifier, if no key is associated with the parsed identifier, or if attempted encryption fails, the e-mail server determines that the e-mail message is potentially harmful and disarms the e-mail message.

43 Citations

12 Claims

1. A method for verifying a purported sender of an e-mail message, the method comprising:
- retrieving an encryption key associated with a device from which the e-mail message originated;
  
  attempting decryption of one or more components of the e-mail message using the encryption key;
  
  determining that the decryption fails;
  
  in response to determining that the decryption fails, disarming but not deleting the e-mail message to form a disarmed e-mail message;
  
  delivering the disarmed e-mail message in place of the e-mail message;
  
  parsing a transaction identifier from the e-mail message, wherein the transaction identifier identifies a mail submission transaction by which the e-mail message was submitted; and
  
  comparing the transaction identifier to one or more previously stored transaction identifiers associated with the purported sender of the e-mail.
- View Dependent Claims (2, 3, 4)
- - 2. The method of claim 1 wherein the encryption key is derived from a digital fingerprint of the device.
  - 3. The method of claim 1 further comprising:
    - parsing an identifier of the device from the e-mail message; and
      
      wherein retrieving the encryption key associated with the device includes using the identifier.
  - 4. The method of claim 1 wherein disarming the e-mail message comprises:
    - stripping one or more attachments from the e-mail message.

5. A non-transitory tangible computer readable medium useful in association with a computer that includes one or more processors and a memory, the non-transitory computer readable medium including computer instructions that are configured to cause the computer, by execution of the computer instructions in the one or more processors from the memory, to verify a purported sender of an e-mail message by at least:
- retrieving an encryption key associated with a device from which the e-mail message originated;
  
  attempting decryption of one or more components of the e-mail message using the encryption key;
  
  determining that the decryption fails;
  
  in response to determining that the decryption fails, disarming but not deleting the e-mail message to form a disarmed e-mail message;
  
  delivering the disarmed e-mail message in place of the e-mail message;
  
  parsing a transaction identifier from the e-mail message, wherein the transaction identifier identifies a mail submission transaction by which the e-mail message was submitted; and
  
  comparing the transaction identifier to one or more previously stored transaction identifiers associated with the purported sender of the e-mail.
- View Dependent Claims (6, 7, 8)
- - 6. The computer readable medium of claim 5 wherein the encryption key is derived from a digital fingerprint of the device.
  - 7. The computer readable medium of claim 5 wherein the computer instructions are configured to cause the computer to verify a purported sender of an e-mail message by at least also:
    - parsing an identifier of the device from the e-mail message; and
      
      wherein retrieving the encryption key associated with the device includes using the identifier.
  - 8. The computer readable medium of claim 5 wherein disarming the e-mail message comprises:
    - stripping one or more attachments from the e-mail message.

9. A computer system comprising:
- at least one processor;
  
  a computer readable medium that is operatively coupled to the processor;
  
  network access circuitry that is operatively coupled to the processor; and
  
  sender verification logic (i) that executes at least in part in the processor from the computer readable medium and (ii) that, when executed, causes the processor to verify a purported sender of an e-mail message by at least;
  
  retrieving an encryption key associated with a device from which the e-mail message originated;
  
  attempting decryption of one or more components of the e-mail message using the encryption key;
  
  determining that the decryption fails;
  
  in response to determining that the decryption fails, disarming but not deleting the e-mail message to form a disarmed e-mail message;
  
  delivering the disarmed e-mail message in place of the e-mail message;
  
  parsing a transaction identifier from the e-mail message, wherein the transaction identifier identifies a mail submission transaction by which the e-mail message was submitted; and
  
  comparing the transaction identifier to one or more previously stored transaction identifiers associated with the purported sender of the e-mail.
- View Dependent Claims (10, 11, 12)
- - 10. The computer system of claim 9 wherein the encryption key is derived from a digital fingerprint of the device.
  - 11. The computer system of claim 9 wherein the sender verification logic causes the processor to verify a purported sender of an e-mail message by at least also:
    - parsing an identifier of the device from the e-mail message; and
      
      wherein retrieving the encryption key associated with the device includes using the identifier.
  - 12. The computer system of claim 9 wherein disarming the e-mail message comprises:
    - stripping one or more attachments from the e-mail message.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Uniloc 2017 LLC (SoftBank Group Corp.)
Original Assignee
Uniloc 2017 LLC (SoftBank Group Corp.)
Inventors
Harjanto, Dono
Primary Examiner(s)
Pwu, Jeffrey C
Assistant Examiner(s)
Ambaye, Samuel

Application Number

US14/524,939
Publication Number

US 20150121075A1
Time in Patent Office

1,562 Days
Field of Search

713168, 713176
US Class Current
CPC Class Codes

H04L 51/00   User-to-user messaging in p...

H04L 51/08   Annexed information, e.g. a...

H04L 51/23   Reliability checks, e.g. ac...

H04L 63/0428   wherein the data content is...

H04L 63/126   the source of the received ...

H04L 63/1483   service impersonation, e.g....

Electronic mail sender verification

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

43 Citations

12 Claims

Specification

Use Cases

Quick Links

Others

Electronic mail sender verification

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

43 Citations

12 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others