Electronic mail filtering system and methods
First Claim
1. A method of detecting unsolicited email comprising the steps of:
- a) generating a signature set, for a received email message, containing a plurality of encoded signatures corresponding to a plurality of content portions of said email message;
b) performing a lookup of the individual encoded signatures of said signature set against a database storing a plurality of reference signatures, wherein said plurality of reference signatures includes encoded signatures corresponding to respective content portions occurring in any of a plurality of predetermined unsolicited email messages and wherein each of said plurality of reference signatures is accessed by said step of performing a lookup independent of reference to an individual one of said plurality of predetermined unsolicited email messages;
c) first determining a score value for said received email message calculated as a representative percentage match between said signature set and said plurality of reference signatures; and
d) second determining whether said score value is greater that a predetermined threshold value, whereby said email message is qualified as unsolicited email.
7 Assignments
0 Petitions
Accused Products
Abstract
The system filters-out undesirable email messages sent to a user email address. The system includes a data store providing updateable storage of signature records that correspond to a subset of undesirable email messages that may be sent to the predetermined email address. An email filter processor is coupled to the store of signature records and operates against the email messages received at the predetermined email address to identify and filter-out email messages corresponding to any of the signature records. An update system is provided to automatically receive a set of signature records, which are then used to update the plurality of signature records stored by the data store. The system can be implemented to include at least a portion of the email processor system within a client site email transport system, which receives the email messages addressed to the set of email addresses assigned or associated with the client site, including the predetermined email address.
-
Citations
3 Claims
-
1. A method of detecting unsolicited email comprising the steps of:
-
a) generating a signature set, for a received email message, containing a plurality of encoded signatures corresponding to a plurality of content portions of said email message;
b) performing a lookup of the individual encoded signatures of said signature set against a database storing a plurality of reference signatures, wherein said plurality of reference signatures includes encoded signatures corresponding to respective content portions occurring in any of a plurality of predetermined unsolicited email messages and wherein each of said plurality of reference signatures is accessed by said step of performing a lookup independent of reference to an individual one of said plurality of predetermined unsolicited email messages;
c) first determining a score value for said received email message calculated as a representative percentage match between said signature set and said plurality of reference signatures; and
d) second determining whether said score value is greater that a predetermined threshold value, whereby said email message is qualified as unsolicited email. - View Dependent Claims (2, 3)
wherein said database stores a first plurality of said reference signatures corresponding to respective like overlapping, multi-word content portions of any of said plurality of predetermined unsolicited email messages and a second plurality of said reference signatures corresponding to non-overlapping, multi-word content portions of any of said plurality of predetermined unsolicited email messages occurring at predefined locations within said plurality of predetermined unsolicited email messages, and wherein said step of performing performs said lookup of signatures by looking up signatures of said first said signature set against said first plurality of said reference signatures and by looking up signatures of said second said signature set, respectively by like predefined location, against said second plurality of said reference signatures. -
3. The method of claim 2 wherein said step of first determining determines said score value for said received email message based on a calculated signature match value for each like pairing of said signatures between said first said signature set and said first plurality of said reference signatures and between said second said signature set and said second plurality of said reference signatures.
-
Specification