Reducing unwanted and unsolicited electronic messages by preventing connection hijacking and domain spoofing
First Claim
1. In a sending computer system that is network connectable to one or more receiving computer systems, the sending computer system being configured to send electronic messages to the receiving computer systems, a method for verifying that responses to a connection initiation sent by the sending computer system originate from a designated receiving computer system, the method comprising:
- an act of sending connection initiation data to a designated receiving computer system, the connection initiation data including a purported sending address of the sending computer system;
an act of receiving altered connection establishment data that includes address validation data and at least a portion of non-standard data that is not otherwise included in such a connection establishment, such that the inclusion of the portion of non-standard data substantially decreases the likelihood of providing an appropriate connection response without knowing that the portion of non-standard data is to be provided in the connection response;
an act of verifying that the connection response was received from the designated receiving computer system based on a determination that the connection response included the address validation data and the portion of non-standard data;
an act of generating an appropriate connection response based on the address validation data and the portion of non-standard data, the response including the portion of non-standard data in a form recognized by the verified receiving computer system as an appropriate form; and
an act of sending the appropriate connection response data to the receiving computer system.
2 Assignments
0 Petitions
Accused Products
Abstract
The present invention provides for generating inputs that can be provided to a message classification module to facilitate more reliable classification of electronic messages, such as, for example, as unwanted and/or unsolicited. In one embodiment, a sending messaging server provides an appropriate response to address verification data thereby indicating a reduced likelihood of the sending messaging server using a forged network address. In another embodiment, it is determined if a messaging server is authorized to send electronic messages for a domain. In yet another embodiment, electronic message transmission policies adhered to by a domain are identified. In yet a further embodiment, a sending computer system expends computational resources to solve a computational puzzle and includes an answer document in an electronic message. A receiving computer system receives the electronic message and verifies the answer document.
33 Citations
48 Claims
-
1. In a sending computer system that is network connectable to one or more receiving computer systems, the sending computer system being configured to send electronic messages to the receiving computer systems, a method for verifying that responses to a connection initiation sent by the sending computer system originate from a designated receiving computer system, the method comprising:
-
an act of sending connection initiation data to a designated receiving computer system, the connection initiation data including a purported sending address of the sending computer system; an act of receiving altered connection establishment data that includes address validation data and at least a portion of non-standard data that is not otherwise included in such a connection establishment, such that the inclusion of the portion of non-standard data substantially decreases the likelihood of providing an appropriate connection response without knowing that the portion of non-standard data is to be provided in the connection response; an act of verifying that the connection response was received from the designated receiving computer system based on a determination that the connection response included the address validation data and the portion of non-standard data; an act of generating an appropriate connection response based on the address validation data and the portion of non-standard data, the response including the portion of non-standard data in a form recognized by the verified receiving computer system as an appropriate form; and an act of sending the appropriate connection response data to the receiving computer system. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 45, 46, 47, 48)
-
-
9. In a receiving computer system that is network connectable to one or more sending computer systems, the receiving computer system being configured to receive electronic messages from the sending computer systems, a method for the receiving computer system detecting whether a sending computer system is receiving connection establishment responses, the method comprising:
-
an act of receiving connection initiation data from a sending computer system, the connection initiation data including a purported sending address of the sending computer system; an act of altering standard connection establishment data to include address validation data and at least a portion of non-standard data that is not otherwise included in such a connection establishment, such that the inclusion of the portion of non-standard data substantially decreases the likelihood of providing an appropriate connection response without knowing that the portion of non-standard data is to be provided in the connection response; and an act of sending the altered connection establishment data to the purported sending address, the sending computer system with the purported sending address being configured to verify that the connection response was received from the receiving computer system based on a determination that the connection response included the address validation data and the portion of non-standard data. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
-
-
21. In a receiving domain that is network connectable to one or more sending domains, the receiving domain including one or more receiving messaging servers configured to receive electronic messages from sending domains, a method for determining if a sending messaging server is authorized to send electronic messages for a sending domain, the method comprising:
-
an act of receiving an electronic message purportedly sent from the sending domain, the electronic message including at least a portion of non-standard data that is not otherwise included in such a connection establishment, such that the inclusion of the portion of non-standard data substantially decreases the likelihood of providing an appropriate connection response without knowing that the portion of non-standard data is to be provided in the connection response; an act of examining a plurality of parameter values of the electronic message including the portion of non-standard data to attempt to verify that the connection response was received from the designated receiving domain based on a determination that the connection response included the address validation data and the portion of non-standard data; an act of querying a name server for a list of network addresses authorized to send electronic messages for the sending domain; an act of determining if the actual sending side network address is authorized to send electronic messages for the sending domain based on the query and on the inclusion of the portion of non-standard data in a form recognized by the verified receiving domain as an appropriate form; and an act of providing results of the determination to an message classification module such that the message classification module can make a more reliable decision as to classifying the received electronic message. - View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37)
-
-
38. A computer program product for use in a sending computer system that is network connectable to one or more receiving computer systems, the sending computer system being configured to send electronic messages to the receiving computer systems, the computer program product for implementing a method for verifying that responses to a connection initiation sent by the sending computer system originate from a designated receiving computer system, the computer program product comprising one or more computer-readable media having stored thereon computer executable instructions that, when executed by a processor, cause the sending computer system to perform the following:
-
send connection initiation data to a designated receiving computer system, the connection initiation data including a purported sending address of the sending computer system; receive altered connection establishment data that includes address validation data and at least a portion of non-standard data that is not otherwise included in such a connection establishment, such that the inclusion of the portion of non-standard data substantially decreases the likelihood of providing an appropriate connection response without knowing that the portion of non-standard data is to be provided in the connection response; verify that the connection response was received from the designated receiving computer system based on a determination that the connection response included the address validation data and the portion of non-standard data; generate an appropriate connection response based on the address validation data and the portion of non-standard data, the response including the portion of non-standard data in a form recognized by the verified receiving computer system as an appropriate form; and send the appropriate connection response data to the receiving computer system. - View Dependent Claims (39, 40)
-
-
41. A computer program product for use in a receiving computer system that is network connectable to one or more sending computer systems, the receiving computer system being configured to receive electronic messages from the sending computer systems, the computer program product for implementing a method for the receiving computer system detecting whether a sending computer system is receiving connection establishment responses, the computer program product comprising one or more computer-readable media having stored thereon computer executable instructions that, when executed by a processor, cause the receiving computer system to perform the following:
-
receive connection initiation data from a sending computer system, the connection initiation data including a purported sending address of the sending computer system; alter standard connection establishment data to include address validation data and at least a portion of non-standard data that is not otherwise included in such a connection establishment, such that the inclusion of the portion of non-standard data substantially decreases the likelihood of providing an appropriate connection response without knowing that the portion of non-standard data is to be provided in the connection response; and send the altered connection establishment data to the purported sending address, the sending computer system with the purported sending address being configured to verify that the connection response was received from the receiving computer system based on a determination that the connection response included the address validation data and the portion of non-standard data. - View Dependent Claims (42)
-
-
43. A computer program product for use in a receiving domain that is network connectable to one or more sending domains, the receiving domain including one or more receiving messaging servers configured to receive electronic messages from sending domains, the computer program product for implementing a method for determining if a sending messaging server is authorized to send electronic messages for a sending domain, the computer program product comprising one or more computer-readable media having stored thereon computer executable instructions that, when executed by a processor, cause the receiving domain to perform the following:
-
receive an electronic message purportedly sent from the sending domain, the electronic message including at least a portion of non-standard data that is not otherwise included in such a connection establishment, such that the inclusion of the portion of non-standard data substantially decreases the likelihood of providing an appropriate connection response without knowing that the portion of non-standard data is to be provided in the connection response; examine a plurality of parameter values of the electronic message including the portion of non-standard data to attempt to verify that the connection response was received from the designated receiving domain based on a determination that the connection response included the address validation data and the portion of non-standard data; query a name server for a list of network addresses authorized to send electronic messages for the sending domain; determine if the actual sending side network address is authorized to send electronic messages for the sending domain based on the query and on the inclusion of the portion of non-standard data in a form recognized by the verified receiving domain as an appropriate form; and provide results of the determination to an message classification module such that the message classification module can make a more reliable decision as to classifying the received electronic message. - View Dependent Claims (44)
-
Specification