Anti-spam implementations in a router at the network layer
First Claim
Patent Images
1. A method of performing anti-spam in a router in a computer network, the method comprising:
- receiving in the router a TCP handshake packet from an initiating mail transfer agent, the TCP handshake packet being configured to initiate a connection with another mail transfer agent;
detecting receipt of the TCP handshake packet in the router;
determining an IP address of the initiating mail transfer agent;
consulting an externally located network reputation service to determine if the IP address belongs to a known spammer;
inspecting at a network layer a source IP address of an IP packet received in the router; and
performing a predetermined action on the IP packet in the router when the source IP address is that of the initiating mail transfer agent and the mail transfer agent is deemed by the network reputation service as belonging to a known spammer, wherein the predetermined action includes marking the IP packet as low priority as part of slowing down a data transfer rate of all packets from the initiating mail transfer agent.
1 Assignment
0 Petitions
Accused Products
Abstract
In one embodiment, a router inspects at a network layer source addresses of network layer packets flowing through the router. The router compares the source addresses to addresses of computers employed by spammers, and performs a predetermined action on a particular network layer packet having a source address that belongs to a computer of a spammer. The predetermined action may involve dropping the particular network layer packet or limiting the data transfer rate of the particular network layer packet.
-
Citations
11 Claims
-
1. A method of performing anti-spam in a router in a computer network, the method comprising:
-
receiving in the router a TCP handshake packet from an initiating mail transfer agent, the TCP handshake packet being configured to initiate a connection with another mail transfer agent; detecting receipt of the TCP handshake packet in the router; determining an IP address of the initiating mail transfer agent; consulting an externally located network reputation service to determine if the IP address belongs to a known spammer; inspecting at a network layer a source IP address of an IP packet received in the router; and performing a predetermined action on the IP packet in the router when the source IP address is that of the initiating mail transfer agent and the mail transfer agent is deemed by the network reputation service as belonging to a known spammer, wherein the predetermined action includes marking the IP packet as low priority as part of slowing down a data transfer rate of all packets from the initiating mail transfer agent. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A method of performing anti-spam in a router in a computer network, the method comprising:
-
detecting reception of network layer packets in the router; in the router, inspecting at a network layer source addresses of the network layer packets; comparing in the router the source addresses to addresses of computers employed by spammers; and in the router, performing a predetermined action on a particular network layer packet having a source address matching that of a computer employed by a spammer, wherein the predetermined action comprises marking the particular network layer packet as low priority to delay the routing of the particular network layer packet. - View Dependent Claims (7, 8, 9, 10, 11)
-
Specification