Method and system for verifying identification of an electronic mail message
First Claim
Patent Images
1. A method comprising:
- receiving an electronic mail message at a recipient server, the electronic mail message comprising a signature and a key identifier, said signature identifying a domain from which said electronic mail message originated and said key identifier for verifying said signature;
accessing a domain name system over a network by the recipient server to perform a domain name system (DNS) lookup responsive to receiving the electronic mail message at the recipient server, the DNS lookup to locate a key registration server associated with the domain;
accessing, by the recipient server, said key registration server over the network responsive to receiving the electronic mail message at the recipient server, the key registration server to verify an association of said key identifier with the domain in the signature of the received electronic mail message; and
receiving, at the recipient server, a security rating associated with the domain or sender of the received electronic mail message from a rating service, where the security rating is based on at least one of registration policies associated with the domain, domain security, or behavioral information associated with the sender of the electronic mail message.
1 Assignment
0 Petitions
Accused Products
Abstract
A method and system for verifying identification of an electronic mail message. An electronic mail message including a signature and a key is received, the signature identifying a domain from which the electronic mail message originated and the key for verifying the signature. A key registration server of the domain is accessed to verify the key. The key registration server provides for verifying that a key used to sign an electronic mail message is valid and that the sender is authorized by the domain to send the electronic mail message from the return address.
72 Citations
49 Claims
-
1. A method comprising:
-
receiving an electronic mail message at a recipient server, the electronic mail message comprising a signature and a key identifier, said signature identifying a domain from which said electronic mail message originated and said key identifier for verifying said signature; accessing a domain name system over a network by the recipient server to perform a domain name system (DNS) lookup responsive to receiving the electronic mail message at the recipient server, the DNS lookup to locate a key registration server associated with the domain; accessing, by the recipient server, said key registration server over the network responsive to receiving the electronic mail message at the recipient server, the key registration server to verify an association of said key identifier with the domain in the signature of the received electronic mail message; and receiving, at the recipient server, a security rating associated with the domain or sender of the received electronic mail message from a rating service, where the security rating is based on at least one of registration policies associated with the domain, domain security, or behavioral information associated with the sender of the electronic mail message. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A system comprising:
-
a mail signer for transmitting an electronic mail message, said electronic mail message comprising a signature and a key identifier, said signature identifying a domain from which said electronic mail message originated and said key identifier for verifying said signature; a key registration server for registering a key; and a mail verifier for receiving said electronic mail message generated independently of a public key associated with the mail verifier, for verifying said signature based on said key identifier, for accessing a domain name system over a network to perform a domain name system (DNS) lookup responsive to receiving the electronic mail message from the mail signer, the DNS lookup to locate said key registration server, and for accessing said key registration server over the network responsive to receiving the electronic mail message from the mail signer, the key registration server to verify an association of said key identifier with the domain in the signature of the received electronic mail message. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25)
-
-
26. An electronic device comprising:
-
a bus; a computer-readable memory coupled to said bus; and a processor coupled to said bus, said processor for; receiving an electronic mail message at a recipient server, the electronic mail message comprising a signature and a key identifier, said signature identifying a domain from which said electronic mail message originated and said key identifier for verifying said signature; accessing a domain name system over a network by the recipient server to perform a domain name system (DNS) lookup responsive to receiving the electronic mail message at the recipient server, the DNS lookup to locate a key registration server associated with the domain; accessing, by the recipient server, said key registration server over the network responsive to receiving the electronic mail message at the recipient server, the key registration server to verify an association of said key identifier with the domain in the signature of the received electronic mail message; and tagging the electronic mail message with verification results associated with the authorization of the key. - View Dependent Claims (27, 28, 29, 30, 31, 32, 33, 34)
-
-
35. A system for verifying identification of an electronic mail message, said system comprising:
-
means for transmitting an electronic mail message, said electronic mail message comprising a signature and a key, said signature identifying a domain from which said electronic mail message originated and said key for verifying said signature; means for registering said key; and means for receiving said electronic mail message generated independently of a public key associated with the means for receiving, for verifying said signature based on said key, for accessing a domain name system over a network to perform a domain name system (DNS) lookup responsive to receiving the electronic mail message, the DNS lookup to locate said means for registering said key, and for accessing said means for registering said key over the network responsive to receiving the electronic mail message, the means for registering said key to verify an association of said key with the domain in the signature of the received electronic mail message. - View Dependent Claims (36, 37)
-
-
38. A method comprising:
-
monitoring a domain for at least one of domain security at a ratings service, registration policies associated with the domain, and user-behavior associated with the domain; receiving, at the ratings service, a security rating request associated with an electronic mail message originating from the domain, the security rating request received from a recipient of the electronic mail message over a network; determining, at the ratings service, a security rating associated with said electronic mail message based on said monitoring; and transmitting, from the ratings service, a response comprising said security rating to the recipient of the electronic mail message over the network. - View Dependent Claims (39, 40)
-
-
41. A computer-usable medium having computer-readable program code embodied therein for causing a computer system to perform a method for determining a security rating, said method comprising:
-
monitoring a domain for at least one of domain security at a ratings service, registration policies associated with the domain, and user-behavior associated with the domain; receiving, at the ratings service, a security rating request associated with an electronic mail message originating from the domain, the security rating request received from a recipient of the electronic mail message over a network; determining, at the ratings service, a security rating associated with said electronic mail message based on said monitoring; and transmitting, from the ratings service, a response comprising said security rating to the recipient of the electronic mail message over the network. - View Dependent Claims (42, 43)
-
-
44. An electronic device comprising:
-
a bus; a computer-readable memory coupled to said bus; and a processor coupled to said bus, said processor for; monitoring a domain for at least one of domain security at a ratings service, registration policies associated with the domain, and user-behavior associated with the domain; receiving, at the ratings service, a security rating request associated with an electronic mail message originating from the domain, the security rating request received from a recipient of the electronic mail message over a network; determining, at the ratings service, a security rating associated with said electronic mail message based on said monitoring; and transmitting, from the ratings service, a response comprising said security rating to the recipient of the electronic mail message over the network. - View Dependent Claims (45, 46)
-
-
47. A system for determining a security rating, said system comprising:
-
means for monitoring a domain for at least one of domain security at a ratings service, registration policies associated with the domain, and user-behavior associated with the domain; means for receiving, at the ratings service, a security rating request associated with an electronic mail message originating from the domain, the security rating request received from a recipient of the electronic mail message over a network; means for determining, at the ratings service, a security rating associated with said electronic mail message based on said monitoring; and means for transmitting, from the ratings service, a response comprising said security rating to the recipient of the electronic mail message over the network. - View Dependent Claims (48, 49)
-
Specification