E-MAIL AUTHENTICATION

US 20080282344A1
Filed: 05/07/2007
Published: 11/13/2008
Est. Priority Date: 05/07/2007
Status: Active Grant

First Claim

Patent Images

1. A method for determining whether an e-mail originates from a sender who is authorized by an address provider to send the e-mail to an intended recipient'"'"'s e-mail address, the method comprising:

receiving an e-mail directed to an intended recipient'"'"'s e-mail address, wherein the e-mail includes information identifying a sender and an address provider from which the sender obtained the intended recipient'"'"'s e-mail address;

querying an authentication server to verify whether the sender is authorized by the address provider to send the e-mail to the intended recipient;

receiving a response from the authentication server;

delivering the e-mail to the intended recipient if the response indicates that the sender is authorized by the address provider to send the e-mail to the intended recipient; and

preventing normal delivery of the e-mail to the intended recipient if the response indicates that the sender is not authorized by the address provider to send the e-mail to the intended recipient.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method for determining whether an e-mail originates from a sender authorized by an address provider to send the e-mail to an intended recipient'"'"'s e-mail address. The e-mail identifies an address provider from which the intended recipient'"'"'s e-mail address was obtained. The e-mail is delivered to the intended recipient only upon verification that the sender is authorized by the address provider to obtain the intended recipient'"'"'s e-mail address. The system and method may also provide for determining whether an e-mail originates from a forged source. A server receives data relating to an e-mail, including a purported sender and a verification host. The server queries the verification host with information pertaining to the e-mail and requests confirmation that the e-mail originates from the purported sender. The e-mail is determined to originate from a forged source unless the verification host responds that the e-mail originates from the purported sender.

59 Citations

View as Search Results

43 Claims

1. A method for determining whether an e-mail originates from a sender who is authorized by an address provider to send the e-mail to an intended recipient'"'"'s e-mail address, the method comprising:
- receiving an e-mail directed to an intended recipient'"'"'s e-mail address, wherein the e-mail includes information identifying a sender and an address provider from which the sender obtained the intended recipient'"'"'s e-mail address;
  
  querying an authentication server to verify whether the sender is authorized by the address provider to send the e-mail to the intended recipient;
  
  receiving a response from the authentication server;
  
  delivering the e-mail to the intended recipient if the response indicates that the sender is authorized by the address provider to send the e-mail to the intended recipient; and
  
  preventing normal delivery of the e-mail to the intended recipient if the response indicates that the sender is not authorized by the address provider to send the e-mail to the intended recipient.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
- - 2. The method of claim 1, wherein the address provider is identified in an e-mail header, subject line, or body.
  - 3. The method of claim 2, wherein the address provider is identified in a user-defined field.
  - 4. The method of claim 2, wherein the address provider is separated by at least one machine-readable character delimiter.
  - 5. The method of claim 1, wherein the e-mail further comprises an IP address associated with the authentication server.
  - 6. The method of claim 5, wherein the authentication server is provided by the address provider.
  - 7. The method of claim 5, wherein the authentication server is provided by a third party that is associated with the address provider and one or more different address providers.
  - 8. The method of claim 1, wherein the authentication server accesses a database comprising a first list of client e-mail addresses associated with the address provider or a second list of approved senders associated with the address provider.
  - 9. The method of claim 8, wherein the step of querying the authentication server comprises determining whether the intended recipient'"'"'s e-mail address is on the first list of client e-mail addresses.
  - 10. The method of claim 9, wherein the response received from the authentication server indicates that the sender is an authorized sender if the intended recipient'"'"'s e-mail address is on the first list of client e-mail addresses and wherein the response received from the authentication server indicates that the sender is not an authorized sender if the intended recipient'"'"'s e-mail address is not on the first list of client e-mail addresses.
  - 11. The method of claim 8, wherein the step of querying the authentication server comprises determining whether the sender is on the second list of approved senders.
  - 12. The method of claim 11, wherein the response received from the authentication server indicates that the sender is an authorized sender if the sender is identified on the second list of approved senders and wherein the response received from the authentication server indicates that the sender is not an authorized sender if the sender is not identified on the second list of approved senders.
  - 13. The method of claim 1, wherein the different action is selected from the group consisting of:
    - preventing delivery of the e-mail to the intended recipient, discarding the e-mail, marking the e-mail as spam, and segregating the e-mail with spam
  - 14. The method of claim 1 further comprising confirming that the e-mail originates from the sender identified in the e-mail before the step of delivering the e-mail or taking a different action.
  - 15. The method of claim 14, wherein the sender is identified by an IP address and wherein confirming step is performed by sending a query to the sender'"'"'s IP address requesting a confirmation that the sender sent the e-mail.
  - 16. The method of claim 15, wherein the query comprises providing a hash value for the e-mail and requesting that the sender confirm sending the e-mail based on the hash value.
  - 17. The method of claim 16, wherein the step of taking a different action is performed if the sender does not confirm sending the e-mail within a predetermined time period or a predetermined number of query attempts to the sender'"'"'s IP address.

18. A system for authenticating the dispersal of an intended recipient'"'"'s e-mail address from an address provider to a sender, the system comprising:
- a mail server for receiving an e-mail directed to an intended recipient'"'"'s e-mail address, wherein the e-mail includes information identifying the sender and the address provider from which the sender obtained the intended recipient'"'"'s e-mail address;
  
  an authentication server accessible by the mail server, wherein the authentication server receives and responds to queries from the mail server; and
  
  a database accessible by the authentication server, wherein the database comprises information that permits the authentication server to determine whether the sender is authorized by the address provider to access the intended recipient'"'"'s e-mail address.
- View Dependent Claims (19, 20, 21, 22, 23, 24, 25, 26, 27)
- - 19. The system of claim 18, wherein the address provider is identified in any one or more from the group consisting of:
    - the e-mail header, subject line, and body.
  - 20. The method of claim 19, wherein the address provider is identified in a user-defined field.
  - 21. The system of claim 19, wherein the address provider is separated by at least one machine-readable character delimiter.
  - 22. The system of claim 18, wherein the e-mail further comprises an IP address associated with the authentication server.
  - 23. The system of claim 22, wherein the authentication server is provided by the address provider.
  - 24. The system of claim 22, wherein the authentication server is provided by a third party that is associated with the address provider and one or more different address providers.
  - 25. The system of claim 18, wherein the database comprises a first list of client e-mail addresses associated with the address provider and a second list of approved senders associated with the address provider.
  - 26. The system of claim 25, wherein the sender is authorized by the address provider to obtain the intended recipient'"'"'s e-mail address if the intended recipient'"'"'s e-mail address is on the first list of client e-mail addresses.
  - 27. The system of claim 25, where the sender is authorized by the address provider to obtain the intended recipient'"'"'s e-mail address if the sender is on the second list of approved senders.

28. A method for determining whether at least one e-mail originates from a forged source, the method comprising:
- receiving data pertaining to the least one e-mail directed to at least one intended recipient, wherein the data includes information identifying a purported sender;
  
  querying a verification host to confirm that the at least one e-mail originates from the purported sender, wherein the query includes information identifying the at least one e-mail; and
  
  receiving a response from the verification host indicating whether or not the at least one e-mail originates from the purported sender;
  
  wherein the at least one e-mail is determined to originate from a forged source unless the response indicates that the at least one e-mail originates from the purported sender.
- View Dependent Claims (29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43)
- - 29. The method of claim 28, wherein the information identifying the purported sender includes any one or more of the following:
    - an e-mail address, a domain name, and an IP address.
  - 30. The method of claim 28, wherein the verification host is a server associated with the purported sender.
  - 31. The method of claim 30, wherein the step of querying the verification host is conducted via a two-way transmission channel.
  - 32. The method of claim 30, wherein the information identifying the at least one e-mail is any one or more selected from the group consisting of:
    - a hash value, a checksum, a digest of the e-mail, an authorization code, and at least a portion of text contained in the body of the e-mail.
  - 33. The method of claim 32, wherein delivery of the at least one e-mail to the intended recipient is prevented if the e-mail is determined to not have originated from the purported sender.
  - 34. The method of claim 28, further comprising determining an address for the verification host from information contained in the at least one e-mail.
  - 35. The method of claim 28, further comprising the step of determining an identity of hosts authorized to transmit e-mails for the purported sender.
  - 36. The method of claim 35, further comprising the step of determining whether the at least one e-mail is being transmitted from an authorized host.
  - 37. The method of claim 36, wherein delivery of the at least one e-mail to the at least one intended recipient is prevented if the at least one e-mail is not being transmitted from an authorized host.
  - 38. The method of claim 28, wherein the verification host comprises a third party server authorized by the purported source.
  - 39. The method of claim 28, wherein the at least one e-mail is a plurality of e-mails and wherein a single query is provided for the plurality of e-mails.
  - 40. The method of claim 39, wherein delivery of the plurality of e-mails to the intended recipients is allowed only if every one of the plurality of e-mails is determined to have originated from the purported sender.
  - 41. The method of claim 39, wherein the response from the verification host indicates that at least one of the plurality of e-mails does not originate from the purported sender.
  - 42. The method of claim 41 further comprising the step of dividing the plurality of e-mails into a plurality of groups.
  - 43. The method of claim 42 further comprising the step of querying the verification host to confirm that the e-mails in the plurality of groups originates from the purported senders.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Gary S. Shuster
Original Assignee
Gary S. Shuster
Inventors
Shuster, Gary Stephen

Granted Patent

US 8,126,971 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/21
CPC Class Codes

H04L 51/212 using filtering or selectiv...

E-MAIL AUTHENTICATION

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

59 Citations

43 Claims

Specification

Solutions

Use Cases

Quick Links

E-MAIL AUTHENTICATION

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

59 Citations

43 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links