Authenticating and confidence marking e-mail messages

US 10,541,956 B2
Filed: 09/14/2018
Issued: 01/21/2020
Est. Priority Date: 02/02/2007
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method of authenticating an e-mail message, wherein the e-mail message is sent by a first entity in a manner purporting to be on behalf of a second entity, and wherein the second entity is a legal entity not inherently associated with the first entity, the computer-implemented method comprising:

extracting a plurality of e-mail headers from said e-mail message;

from the extracted plurality of e-mail headers, identifying a sending edge mail transfer agent (MTA) associated with the first entity;

from said e-mail message, identifying the second entity and a domain associated with the second entity;

retrieving via a wide area network (WAN) a record in association with the domain of the second entity, and processing the record to determine whether the identified sending edge MTA associated with the first entity is explicitly identified by the record as authorized to send said e-mail messages on behalf of the second entity; and

responsively authenticating said e-mail message.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods and systems for authenticating and confidence marking e-mail messages are described. One embodiment describes a method of authenticating an e-mail message. This method involves extracting a plurality of e-mail headers associated with the e-mail message, and identifying a sending edge mail transfer agent (MTA). The method then calls for determining if the sending edge MTA is authorized to send the e-mail message.

37 Citations

View as Search Results

24 Claims

1. A computer-implemented method of authenticating an e-mail message, wherein the e-mail message is sent by a first entity in a manner purporting to be on behalf of a second entity, and wherein the second entity is a legal entity not inherently associated with the first entity, the computer-implemented method comprising:
- extracting a plurality of e-mail headers from said e-mail message;
  
  from the extracted plurality of e-mail headers, identifying a sending edge mail transfer agent (MTA) associated with the first entity;
  
  from said e-mail message, identifying the second entity and a domain associated with the second entity;
  
  retrieving via a wide area network (WAN) a record in association with the domain of the second entity, and processing the record to determine whether the identified sending edge MTA associated with the first entity is explicitly identified by the record as authorized to send said e-mail messages on behalf of the second entity; and
  
  responsively authenticating said e-mail message.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 23)
- - 2. The computer-implemented method of claim 1, wherein the domain is a second domain, and wherein identifying the second entity comprises identifying a first domain independent from the first entity from the extracted plurality of e-mail headers, identifying the second entity from the first domain, wherein the first domain is not authorized by the second entity, and identifying the second domain as a domain authorized by the second entity.
  - 3. The computer-implemented method of claim 2, wherein the record comprises a sender policy framework (SPF) record, wherein the SPF record is associated with the second domain, and wherein processing the SPF record comprises determining whether the SPF record for the second domain explicitly identifies the identified sending edge MTA associated with the first entity.
  - 4. The computer-implemented method of claim 1, wherein:
    - identifying the second entity and the domain associated with the second entity comprises,from the extracted plurality of e-mail headers, identifying one or more domains of prior senders which are not inherently associated with the first entity,transmitting a request via a WAN to a validation service, wherein the validation service is to compare the one or more domains with a list of known, trustworthy entities having names similar to the one or more domains, andreceiving a response from the validation service which provides information to identify a SPF record corresponding to one of the known, trustworthy entities;
      
      retrieving the record comprises retrieving the SPF record corresponding to the one of the known, trustworthy entities; and
      
      the processing comprises processing the SPF record so as to determine whether the identified sending edge MTA is explicitly identified by the one of the known, trustworthy entities as authorized to send said e-mail messages on behalf of the one of the known, trustworthy entities.
  - 5. The computer-implemented method of claim 4, wherein extracting the plurality of e-mail headers comprises extracting each “
    - Sender;
      
      ” and
      
      “
      
      Reply-To;
      
      ”
      
      header present in said e-mail message, such that the one or more domains comprises at least one domain derived from a “
      
      Sender;
      
      ”
      
      or “
      
      Reply-To;
      
      ”
      
      header which was present in said e-mail message.
  - 6. The computer-implemented method of claim 4, wherein said computer-implemented method further comprises receiving instructions from the validation service which are specific to the one of the known, trustworthy entities, and causing delivery of the e-mail message, responsive to the authenticating, in a manner will cause presentation to a recipient of the e-mail message of verification information where the presentation is customized to the one of the known, trustworthy entities.
  - 7. The computer-implemented method of claim 6, wherein the verification information comprises a visual indication specified by the one of the known, trustworthy entities.
  - 8. The computer-implemented method of claim 6, wherein the verification information comprises a confidence icon specified by the one of the known, trustworthy entities.
  - 9. The computer-implemented method of claim 4, wherein the validation service is to compare the one or more domains with the list of known, trustworthy entities to identify a condition where the one or more domains represent a fraudulent sender having a name similar to one of the known, trustworthy entities in the list, and wherein the response from the validation service is to identify the one of the known, trustworthy entities, such that a SPF record of the at least one SPF record corresponds to the one of the known, trustworthy entities in the list and not the fraudulent sender.
  - 10. The computer-implemented method of claim 1, wherein identifying the sending edge mail transfer agent (MTA) associated with the first entity comprises extracting a “
    - From;
      
      ”
      
      header of the e-mail message, and deriving the identified sending edge MTA from the extracted “
      
      From;
      
      ”
      
      header.
  - 11. The computer-implemented method of claim 1, wherein said computer-implemented method further comprises responsive to the authenticating, causing the e-mail message to be delivered to a recipient in a manner where the e-message will be displayed in a manner that explicitly conveys that the e-mail message has been verified to have been sent on behalf of the second entity.
  - 23. The apparatus of claim 2, wherein said instructions comprise an e-mail client plug-in.

12. An apparatus for authenticating an e-mail message, wherein the e-mail message is sent by a first entity in a manner purporting to be on behalf of a second entity, and wherein the second entity is a legal entity not inherently associated with the first entity, said apparatus comprising instructions stored on non-transitory, machine-readable media, said instructions when executed to cause at least one computer to:
- extract a plurality of e-mail headers from said e-mail message;
  
  from the extracted plurality of e-mail headers, identify a sending edge mail transfer agent (MTA) associated with the first entity;
  
  from said e-mail message, identify the second entity and a domain associated with the second entity;
  
  retrieve via a wide area network (WAN) a record in association with the domain of the second entity, and process the record to determine whether the identified sending edge MTA associated with the first entity is explicitly identified by the record as authorized to send said e-mail messages on behalf of the second entity; and
  
  responsively authenticate said e-mail message.
- View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
- - 13. The apparatus of claim 12, wherein the domain is a second domain, and wherein said instructions when executed are to cause the at least one computer to identify a first domain independent from the first entity from the extracted plurality of e-mail headers, to identify the second entity from the first domain, wherein the first domain is not authorized by the second entity, and to identify the second domain as a domain authorized by the second entity.
  - 14. The apparatus of claim 13, wherein the record comprises a sender policy framework (SPF) record, wherein the SPF record is associated with the second domain, and wherein said instructions when executed are to cause the at least one computer to determine whether the SPF record for the second domain explicitly identifies the identified sending edge MTA associated with the first entity.
  - 15. The apparatus of claim 12, wherein said instructions when executed are to cause the at least one computer to:
    - from the extracted plurality of e-mail headers, identify one or more domains of prior senders which are not inherently associated with the first entity;
      
      transmit a request via a WAN to a validation service, wherein the validation service is to compare the one or more domains with a list of known trustworthy entities having names similar to the one or more domains;
      
      receive a response from the validation service which provides information to identify a SPF record corresponding to one of the known, trustworthy entities;
      
      retrieve the SPF record; and
      
      process the SPF record so as to determine whether the identified sending edge MTA is explicitly identified by the one of the known, trustworthy entities as authorized to send said e-mail messages on behalf of the one of the known, trustworthy entities.
  - 16. The apparatus of claim 15, wherein said instructions when executed are to cause the at least one computer to extract each “
    - Sender;
      
      ” and
      
      “
      
      Reply-To;
      
      ”
      
      header present in said e-mail message, such that the one or more domains comprises at least one domain derived from a “
      
      Sender;
      
      ”
      
      or “
      
      Reply-To;
      
      ”
      
      header which was present in said e-mail message.
  - 17. The apparatus of claim 15, wherein said instructions when executed are to cause the at least one computer to receive instructions from the validation service which are specific to the one of the known, trustworthy entities, and to cause delivery of the e-mail message, responsive to the authenticating, in a manner will cause presentation to a recipient of the e-mail message of verification information where the presentation is customized to the one of the known, trustworthy entities.
  - 18. The apparatus of claim 17, wherein the verification information comprises a visual indication specified by the one of the known, trustworthy entities.
  - 19. The apparatus of claim 17, wherein the verification information comprises a confidence icon specified by the one of the known, trustworthy entities.
  - 20. The apparatus of claim 15, wherein the validation service is to compare the one or more domains with the list of known, trustworthy entities to identify a condition where the one or more domains represent a fraudulent sender having a name similar to one of the known, trustworthy entities in the list, and wherein the response from the validation service is to identify the one of the known, trustworthy entities, such that a SPF record of the at least one SPF record corresponds to the one of the known, trustworthy entities in the list and not the fraudulent sender.
  - 21. The apparatus of claim 12, wherein said instructions when executed are to cause the at least one computer to extract a “
    - From;
      
      ”
      
      header of the e-mail message, and to derive the identified sending edge MTA from the extracted “
      
      From;
      
      ”
      
      header.
  - 22. The apparatus of claim 12, wherein said instructions when executed are to cause the at least one computer to, responsive to the authentication, cause the e-mail message to be delivered to a recipient in a manner where the e-message will be displayed in a manner that explicitly conveys that the e-mail message has been verified to have been sent on behalf of the second entity.

24. An apparatus for authenticating an e-mail message, wherein the e-mail message is sent by a first entity in a manner purporting to be on behalf of a second entity, and wherein the second entity is a legal entity not inherently associated with the first entity, said apparatus comprising instructions stored on non-transitory, machine-readable media, said instructions when executed to cause an e-mail client of at least one computer to:
- extract a plurality of e-mail headers from said e-mail message;
  
  from the extracted plurality of e-mail headers, identify a sending edge mail transfer agent (MTA) associated with the first entity;
  
  from said e-mail message, identify the second entity and a domain associated with the second entity, including by causing the at least one computer tofrom the extracted plurality of e-mail headers, identify one or more domains of prior senders which are not inherently associated with the first entity,transmit a request via a WAN to a validation service, wherein the validation service is to compare the one or more domains with a list of known, trustworthy entities having names similar to the one or more domains, andreceive a response from the validation service which provides information to identify a SPF record corresponding to one of the known, trustworthy entities;
  
  retrieve via a wide area network (WAN) the SPF record corresponding to the one of the known, trustworthy entities, and process the retrieved SPF record to determine whether the identified sending edge MTA associated with the first entity is explicitly identified by the record as authorized to send said e-mail messages on behalf of the one of the known, trustworthy entities; and
  
  responsively authenticate said e-mail message and cause display of the e-mail message in the e-mail client in a manner that visually indicates that the e-mail message has been verified.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Iconix Incorporated (Matthews Group LLC)
Original Assignee
Iconix Incorporated (Matthews Group LLC)
Inventors
Sachtjen, Scott A.
Primary Examiner(s)
Najjar, Saleh
Assistant Examiner(s)
Mejia, Feliciano S

Application Number

US16/132,251
Publication Number

US 20190149499A1
Time in Patent Office

494 Days
Field of Search
US Class Current
CPC Class Codes

H04L 41/026   using e-messaging for trans...

H04L 51/00   User-to-user messaging in p...

H04L 51/212   using filtering or selectiv...

H04L 63/10   for controlling access to d...

H04L 63/126   the source of the received ...

H04L 65/70   Media network packetisation

H04L 9/12   Transmitting and receiving ...

Authenticating and confidence marking e-mail messages

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

37 Citations

24 Claims

Specification

Use Cases

Quick Links

Others

Authenticating and confidence marking e-mail messages

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

37 Citations

24 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others