E-mail message authentication extending standards complaint techniques
First Claim
Patent Images
1. A computer-implemented method for processing an email message received from over a wide area network (“
- WAN”
), the method comprising;
receiving header information for the email message and storing the header information in processor-accessible storage, wherein the stored header information includes plural headers comprising at least a “
FROM;
”
header;
using at least one processor toextract one or more sending domains from the header information,transmit a request via the WAN to identify whether at least one domain from the one or more sending domains corresponds to a predetermined domain,dependent on a response received via the WAN which identifies at least one domain corresponding to the predetermined domain, access via the WAN at least one sender policy framework (SPF) record published in association with the at least one domain which corresponds to the predetermined domain,authenticate the email message if the accessed at least one SPF record includes an SPF record corresponding to a sending domain represented by the “
FROM;
”
header and if the email message was received from an address determined according to the SPF record for email purporting to be from the sending domain represented by the “
FROM;
”
header, andif there is no SPF record corresponding to the sending domain represented by the “
FROM;
”
header, authenticate the email message if the accessed at least one SPF record includes an SPF record corresponding to a sending domain represented by a purported responsible address (PRA) identified by the email message and if the email message was received from an address determined according to the SPF record for email purporting to be from the sending domain represented by the PRA; and
causing a processor-based system to deliver the email message to an addressed recipient following authentication;
whereinthe response identifies a first domain which corresponds the predetermined domain, andthe computer-implemented method further comprises transmitting a result over the WAN to a third party destination address, the result identifying both of the first domain and each sending domain extracted from the header information.
1 Assignment
0 Petitions
Accused Products
Abstract
A system and method for e-mail authentication. The method includes aggregating a plurality of headers associated with an e-mail message and transmitting the aggregated plurality of headers to a validation service. A validation response is then received from the validation service. The e-mail is authenticated based on the validation response.
31 Citations
19 Claims
-
1. A computer-implemented method for processing an email message received from over a wide area network (“
- WAN”
), the method comprising;receiving header information for the email message and storing the header information in processor-accessible storage, wherein the stored header information includes plural headers comprising at least a “
FROM;
”
header;using at least one processor to extract one or more sending domains from the header information, transmit a request via the WAN to identify whether at least one domain from the one or more sending domains corresponds to a predetermined domain, dependent on a response received via the WAN which identifies at least one domain corresponding to the predetermined domain, access via the WAN at least one sender policy framework (SPF) record published in association with the at least one domain which corresponds to the predetermined domain, authenticate the email message if the accessed at least one SPF record includes an SPF record corresponding to a sending domain represented by the “
FROM;
”
header and if the email message was received from an address determined according to the SPF record for email purporting to be from the sending domain represented by the “
FROM;
”
header, andif there is no SPF record corresponding to the sending domain represented by the “
FROM;
”
header, authenticate the email message if the accessed at least one SPF record includes an SPF record corresponding to a sending domain represented by a purported responsible address (PRA) identified by the email message and if the email message was received from an address determined according to the SPF record for email purporting to be from the sending domain represented by the PRA; andcausing a processor-based system to deliver the email message to an addressed recipient following authentication; wherein the response identifies a first domain which corresponds the predetermined domain, and the computer-implemented method further comprises transmitting a result over the WAN to a third party destination address, the result identifying both of the first domain and each sending domain extracted from the header information. - View Dependent Claims (2, 3, 4, 5, 6, 7)
- WAN”
-
8. An apparatus comprising instructions stored on non-transitory machine-readable media, the instructions when executed to cause at least one processor to:
-
receive header information for the email message and store the header information in processor-accessible storage, wherein the stored header information includes plural headers comprising at least a “
FROM;
”
header;extract one or more sending domains from the header information; transmit a request via the WAN to identify whether at least one domain from the one or more sending domains corresponds to a predetermined domain; dependent on a response received via the WAN which identifies at least one domain corresponding to the predetermined domain, access via the WAN at least one sender policy framework (SPF) record published in association with the at least one domain which corresponds to the predetermined domain; authenticate the email message if the accessed at least one SPF record includes an SPF record corresponding to a sending domain represented by the “
FROM;
”
header and if the email message was received from an address determined according to the SPF record for email purporting to be from the sending domain represented by the “
FROM;
”
header;if there is no SPF record corresponding to the sending domain represented by the “
FROM;
”
header, authenticate the email message if the accessed at least one SPF record includes an SPF record corresponding to a sending domain represented by a purported responsible address (PRA) identified by the email message and if the email message was received from an address determined according to the SPF record for email purporting to be from the sending domain represented by the PRA; andcause delivery of the email message to an addressed recipient following authentication. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A network device, comprising processor-accessible storage, instructions stored on non-transitory machine-readable media, at least one processor, and circuitry to establish a wide area network (“
- WAN”
) connection, wherein;the instructions when executed are to cause the at least one processor to receive header information for the email message and store the header information in the processor-accessible storage, wherein the stored header information includes plural headers comprising at least a “
FROM;
”
header,extract one or more sending domains from the header information, transmit a request via the WAN connection to identify whether at least one domain from the one or more sending domains corresponds to a predetermined domain, dependent on a response received via the WAN connection which identifies at least one domain corresponding to the predetermined domain, access via the WAN connection at least one sender policy framework (SPF) record published in association with the at least one domain which corresponds to the predetermined domain, authenticate the email message if the accessed at least one SPF record includes an SPF record corresponding to a sending domain represented by the “
FROM;
”
header and if the email message was received from an address determined according to the SPF record for email purporting to be from the sending domain represented by the “
FROM;
”
header, andif there is no SPF record corresponding to the sending domain represented by the “
FROM;
”
header, authenticate the email message if the accessed at least one SPF record includes an SPF record corresponding to a sending domain represented by a purported responsible address (PRA) identified by the email message and if the email message was received from an address determined according to the SPF record for email purporting to be from the sending domain represented by the PRA; andthe network device is to cause delivery of the email message to an addressed recipient following authentication. - View Dependent Claims (16, 17, 18, 19)
- WAN”
Specification