Authentication method for preventing delivery of junk electronic mail

US 20040181581A1
Filed: 03/11/2003
Published: 09/16/2004
Est. Priority Date: 03/11/2003
Status: Abandoned Application

First Claim

Patent Images

1. An authentication method for preventing receipt of undesirable (junk or spam) electronic mail (e-mail) by an intended recipient of e-mail messages, the steps comprising:

(a) providing an authentication database comprising a plurality of e-mail addresses of trusted e-mail source addresses from whence e-mail is acceptable;

(b) receiving a raw e-mail message from a sender by an intended recipient, said raw e-mail having a source address;

(c) comparing said source address to said authentication database; and

(d) when said comparing step (c) fails to match said source address to a trusted e-mail address in said authentication database, automatically responding to said sender at said source address with a message requesting additional authentication information therefrom.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

This invention relates to the field of Electronic Mail Systems. Specifically, this invention creates a new and useful method, a system and an unique computer program product for preventing delivery of undesirable (junk or spam) electronic mail messages to intended recipients. This invention authenticates the source address of every incoming electronic mail message, enabling the recipient to receive electronic e-mail only from trusted sources. This invention does not use predetermined lists, text-scanning filters or trusted-user-classification methods. Instead, it uses proprietary messaging feedback algorithms to authenticate the source address of each message, including but not limited to the sender'"'"'s e-mail address.

Citations

25 Claims

1. An authentication method for preventing receipt of undesirable (junk or spam) electronic mail (e-mail) by an intended recipient of e-mail messages, the steps comprising:
- (a) providing an authentication database comprising a plurality of e-mail addresses of trusted e-mail source addresses from whence e-mail is acceptable;
  
  (b) receiving a raw e-mail message from a sender by an intended recipient, said raw e-mail having a source address;
  
  (c) comparing said source address to said authentication database; and
  
  (d) when said comparing step (c) fails to match said source address to a trusted e-mail address in said authentication database, automatically responding to said sender at said source address with a message requesting additional authentication information therefrom.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19)
- - 2. The authentication method, as recited in claim 1, wherein said automatically responding step (d) comprises the sub-step of retaining said raw e-mail message in a quarantine storage area.
  - 3. The authentication method, as recited in claim 1, the steps further comprising:
    - (e) when said comparing step (c) matches said source address to a trusted e-mail address in said authentication database, processing said raw e-mail message and forming an authenticated message therefrom for presentation to said intended recipient.
  - 4. The authentication method, as recited in claim 2, the steps further comprising:
    - (f) upon receipt of the requested authentication information of step (d) from said source address, if said authentication information is determined to be valid, automatically adding said source address to said authentication database and processing said raw e-mail message stored in said quarantine storage area and forming an authenticated message therefrom for presentation to said intended recipient;
      
      (g) upon receipt of the requested authentication information of step (d) from said source address, if said authentication information is determined to be invalid, automatically excluding said source address from said authentication database and ignoring said raw e-mail message stored in said quarantine storage area.
  - 5. The authentication method as recited in claim 4, wherein said message requesting additional authentication information of step (d) comprises a Request for Authorization (RFA) message and wherein said response message of steps (f) and (g) from said source address comprises a Request for Authorization Reply (RFAR) message.
  - 6. The authentication method as recited in claim 5, wherein said RFA message comprises instructions for obtaining said authentication information to be included in said RFAR message, said instructions comprising at least one from a group of methods:
    - (h) requesting said sender at said source address to send a RFAR message to said intended recipient comprising a password contained in said RFA message;
      
      (i) requesting said sender at said source address to send an RFAR message to said intended recipient comprising an authentication object disguised in a graphic file in said RFA message;
      
      (j) requesting said sender at said source address to send an RFAR message to said intended recipient comprising a completed information form, a blank information form being contained within said RFA message;
      
      (k) requesting said sender at said source address to contact said intended recipient by telephone to obtain said authentication information;
      
      (l) requesting said sender at said source address to contact said intended recipient by mail to obtain said authentication information.
  - 7. The authentication method as recited in claim 5, wherein a postmaster of a potentially legitimate source address that has been sent a RFA message, said source address having been programmed to ignore incoming mail (non-respondable source address), responds to said intended recipient with a Delivery Status Notification (DSN) message informing said intended recipient of the non-deliverable status of said RFA message, whereupon said intended recipient responds to said postmaster with a Delivery Status Notification Reply (DSNR) message, informing said postmaster of the requirement for said non-respondable source address to be authenticated and instructing said postmaster to contact a specified internet web site, at which internet web site instructions are provided on how to communicate the required authentication information to said intended recipient, such instructions also requesting that the sender at said non-respondable source address include said required authentication information within an e-mail message to be sent from said non-respondable source address to said intended recipient.
  - 8. The authentication method as recited in claim 4, wherein said automatically responding step (d) and invalidating step (g) are performed iteratively up to a predetermined number of attempts, at which point, if said sender source address is not yet validated, said sender source address is deemed unauthorized and no further validation attempts are made.
  - 9. The authentication method as recited in claim 2, wherein said quarantine storage area stores undelivered raw e-mail messages for a predetermined time period, said undelivered raw e-mail messages being deleted at the end of said predetermined time period.
  - 10. The authentication method as recited in claim 4, wherein said authentication database can be modified by at least one from a group of methods:
    - adding all source addresses within an internet domain to said authentication database, deleting all source addresses within an internet domain from said authentication database.
  - 11. The authentication method as recited in claim 1, wherein said authentication database is stored on a client computer used by said intended recipient and a duplicate copy of said authentication database is communicated by way of an e-mail message sent from said intended recipient back to himself and stored in said intended recipient'"'"'s mailbox on a mail server servicing said intended recipient.
  - 12. The authentication method as recited in claim 11, wherein said e-mail message containing said duplicate copy of said authentication database and stored on said mail server is periodically replaced by an update e-mail message from said intended recipient, said update e-mail message containing an updated version of said authentication database, thereby providing synchronization of said authentication database for said intended recipient on both said client computer and said mail server.
  - 13. The authentication method as recited in claim 11, wherein said duplicate copy of said authentication database stored on said mail server is delivered to said intended recipient on said client computer to replace an unusable authentication database on said client computer, as may occur after a catastrophic event, such as failure and repair of said client computer.
  - 14. The authentication method as recited in claim 11, wherein said duplicate copy of said authentication database stored on said mail server is delivered to a plurality of client computers from said mail server, each said client computer having the present invention installed thereon, allowing said intended recipient to receive junk mail protected incoming messages from each and all of said plurality of client computers.
  - 15. The authentication method as recited in claim 4, wherein the present invention'"'"'s processes operate transparently with an existing e-mail client application installed on a message receiving and sending client computer.
  - 16. The authentication method as recited in claim 4, wherein the present invention is implemented on a client computer to prevent receipt of undesirable electronic mail by a plurality of intended recipients that are users of said client computer.
  - 17. The authentication method as recited in claim 16, wherein each said intended recipient is assigned an authentication database and a quarantine storage area on said client computer.
  - 18. The authentication method as recited in claim 4, wherein the present invention is implemented on a server computer to prevent receipt of undesirable electronic mail by a plurality of intended recipients on a plurality of client computers.
  - 19. The authentication method as recited in claim 18, wherein each said intended recipient is assigned an authentication database and a quarantine storage area on said server computer.

20. A computer program product comprising:
- (a) a computer usable storage medium;
  
  (b) computer readable program code stored on said storage medium, providing means for enabling automatic authentication of e-mail source addresses;
  
  (c) computer readable program code stored on said storage medium, providing means for the creation of an authentication database comprising a plurality of trusted e-mail source addresses;
  
  (d) computer readable program code stored on said storage medium, providing means for the creation of a quarantine storage area for temporary storage of raw, undelivered e-mail messages;
  
  (e) computer readable program code stored on said storage medium, providing means for delivery of incoming e-mail messages from authenticated source addresses to intended destination addresses;
  
  (f) computer readable program code stored on said storage medium, providing means for preventing delivery of incoming e-mail messages from unauthenticated source addresses;
  
  (g) computer readable program code stored on said storage medium, providing means for creating a plurality of control computer screens for intended recipient(s) to control at least one from the group;
  
  system operating parameters, automatic features of the product, modification of source addresses within the authentication database;
  
  (h) computer readable program code stored on said storage medium, providing means for creating a plurality of display computer screens for intended recipient(s) to monitor the status of at least one from the group;
  
  authentication processing steps, authentication database, quarantine storage area, plurality of control computer screens.
- View Dependent Claims (21)
- - 21. The computer program product as recited in claim 20, wherein said computer readable program code, element (b), also incorporates at least one from the group:
    - means for receiving e-mail messages from senders, means for comparing source addresses to said authentication database, means for sending request for authorization messages to a sender, means for receiving and processing reply messages from a sender, means for authenticating source addresses and adding them to said authentication database.

22. An electronic system to prevent delivery of undesirable (junk or spam) e-mail messages to intended recipients, comprising:
- (a) a message originating computer having the capability to create and send messages to intended recipients and to reply to incoming messages from intended recipients;
  
  (b) a communications network to route and process messages;
  
  (c) a message receiving computer having the capability to create an authentication database comprising a plurality of trusted e-mail source addresses, receive and process incoming messages from senders, generate request for authorization messages to senders, process request for authorization reply messages from senders, authenticate source addresses and add said source addresses to said authentication database, deliver incoming e-mails from authenticated source addresses to intended destination addresses.
- View Dependent Claims (23, 24, 25)
- - 23. The electronic system as recited in claim 22, wherein there exists at the message receiving computer at least one from the following group:
    - a quarantine storage area, authentication database viewing screens, control screens for e-mail message control of individual source addresses and domains, configuration screens for configuring and monitoring sender source addresses and e-mail messages.
  - 24. The electronic system as recited in claim 22, wherein said message receiving computer is implemented as a client computer, thereby enabling automatic control of e-mail delivery to a plurality of intended recipients.
  - 25. The electronic system as recited in claim 22, wherein said message receiving computer is implemented as a server computer, thereby enabling automatic control of e-mail delivery to a plurality of client computers and a plurality of intended recipients on each said client computer.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Michael Thomas Kosco
Original Assignee
Michael Thomas Kosco
Inventors
Kosco, Michael Thomas

Application Number

US10/386,033
Publication Number

US 20040181581A1
Time in Patent Office

Days
Field of Search
US Class Current

709/206
CPC Class Codes

G06Q 10/107   Computer-aided management o...

H04L 51/212   using filtering or selectiv...

H04L 63/08   for authentication of entit...

Authentication method for preventing delivery of junk electronic mail

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

Citations

25 Claims

Specification

Solutions

Use Cases

Quick Links

Authentication method for preventing delivery of junk electronic mail

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

25 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links