Suppression of undesirable network messages

US 7,631,044 B2
Filed: 03/09/2005
Issued: 12/08/2009
Est. Priority Date: 03/09/2004
Status: Expired due to Fees

First Claim

Patent Images

1. A system for inhibiting or suppressing delivery of undesirable email messages through vulnerable systems comprising:

an emulator that emulates one or more vulnerable systems that can be used by spammers to relay, forward or otherwise send undesirable email messages to target systems; and

a module associated with the emulator, the module configured tointercept undesirable email messages that spammers attempt to relay, forward or otherwise send to target systems using one or more of the emulated one or more vulnerable systems, andsend replies back to spammers, in response to spammers'"'"' attempts to relay, forward or otherwise send undesirable email messages to target systems using one or more of the emulated one or more vulnerable systems,wherein at least a majority of intercepted undesirable email messages are prevented from ever being relayed, forwarded or otherwise sent to target systems using one or more of the emulated one or more vulnerable systems, andwherein, in order to make it appear to spammers that undesirable email messages are successfully being relayed, forwarded or other sent to target systems, the replies sent back to spammers emulate what the spammers would expect to receive had the intercepted undesirable email messages been successfully relayed, forwarded or otherwise sent using one or more of the emulated one or more vulnerable systems, even though at least a majority of the intercepted undesirable email messages are never relayed, forwarded or otherwise sent to target systems.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system for suppressing delivery of undesirable messages through vulnerable systems. The system includes an emulator that emulates one or more of the vulnerable systems. A module associated with the emulator intercepts undesirable messages, which were originally intended to be sent through a vulnerable system. One embodiment includes plural emulators, which include one or more servers that are part of a network of servers. A controller communicates with one or more servers. In this embodiment, the controller includes a database capable of storing statistics pertaining to undesirable messages blocked by one or more of the servers. The statistics may include information pertaining to the sender(s) of the undesirable messages. Undesirable messages intercepted by the network of servers include email spam.

Citations

42 Claims

1. A system for inhibiting or suppressing delivery of undesirable email messages through vulnerable systems comprising:
- an emulator that emulates one or more vulnerable systems that can be used by spammers to relay, forward or otherwise send undesirable email messages to target systems; and
  
  a module associated with the emulator, the module configured tointercept undesirable email messages that spammers attempt to relay, forward or otherwise send to target systems using one or more of the emulated one or more vulnerable systems, andsend replies back to spammers, in response to spammers'"'"' attempts to relay, forward or otherwise send undesirable email messages to target systems using one or more of the emulated one or more vulnerable systems,wherein at least a majority of intercepted undesirable email messages are prevented from ever being relayed, forwarded or otherwise sent to target systems using one or more of the emulated one or more vulnerable systems, andwherein, in order to make it appear to spammers that undesirable email messages are successfully being relayed, forwarded or other sent to target systems, the replies sent back to spammers emulate what the spammers would expect to receive had the intercepted undesirable email messages been successfully relayed, forwarded or otherwise sent using one or more of the emulated one or more vulnerable systems, even though at least a majority of the intercepted undesirable email messages are never relayed, forwarded or otherwise sent to target systems.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 33)
- - 2. The system of claim 1 wherein the system further includes plural emulators, the plural emulators including one or more servers.
  - 3. The system of claim 2 wherein the one or more servers are part of a network of servers.
  - 4. The system of claim 3 further including a controller in communication with one or more servers of the network of servers.
  - 5. The system of claim 4 wherein the controller includes a database configured to store statistics pertaining to undesirable email messages intercepted by one or more of the servers.
  - 6. The system of claim 5 wherein the statistics include data pertaining to a sender of the undesirable email messages.
  - 7. The system of claim 4 wherein elements of the network of servers are interconnected via the Internet.
  - 8. The system of claim 1 wherein the undesirable email messages include spam.
  - 9. The system of claim 1 wherein the emulator further includesa response-time emulation mechanism that adjusts emulator response times, for sending the replies back to spammers, based on the lengths or sizes of the intercepted messages.
  - 10. The system of claim 9 wherein the emulator further includesa command-delivery limiter that limits rates or sending intervals at which predetermined commands bound for a target email server are sent.
  - 11. The system of claim 10 wherein the predetermined commands include recipient (RCPT) and verify (VRFY) Simple Mail Transport Protocol (SMPT) commands.
  - 12. The system of claim 9 wherein the emulator further includesa mechanism that selectively further delays messages sent by the emulator in response to intercepted email communications.
  - 13. The system of claim 1 wherein the module includesa message deletion/archiving module configured to delete, archive, or forward intercepted email messages.
  - 14. The system of claim 1 wherein the emulator further includesa mode-selection module in communication with a user interface, the mode-selection module facilitating switching emulation modes of the emulator.
  - 15. The system of claim 14 wherein the emulation modes include one or more of the following:
    - open proxy emulation;
      
      open relay emulation;
      
      virus or worm-infected system emulation; and
      
      /orvulnerable web form emulation.
  - 16. The system of claim 1, wherein the module is also configured analyze the intercepted undesirable email messages, and to communicate results of the analysis to one or more further systems to inhibit the one or more further systems from relaying, forwarding or otherwise sending the undesirable email messages to target systems;
    - wherein the results of the analysis include information about undesirable email messages, other than or in additional to information about sending addresses from which undesirable email messages originate, so that the information would enable undesirable email messages to be identified as undesirable by the one or more further systems even if the one or more further systems received the undesirable email messages from different sending addresses.
  - 17. The system of claim 1, wherein the module is also configured to relay the intercepted undesirable email messages to an antispam controller that analyzes the intercepted undesirable email messages, and communicates results of the analysis to one or more further systems to inhibit the one or more further systems from relaying, forwarding or otherwise sending the undesirable email messages to target systems;
    - wherein the results of the analysis include information about undesirable email messages, other than or in additional to information about sending addresses from which undesirable email messages originate, so that the information would enable undesirable email messages to be identified as undesirable by the one or more further systems even if the one or more further systems received the undesirable email messages from different sending addresses.
  - 18. The system of claim 1, wherein the module is configured to relay, forward or otherwise send a minority of intercepted undesirable email messages to at least some target systems, just in case spammers test whether undesirable email messages are being successfully relayed, forwarded or otherwise sent to target systems.
  - 19. The system of claim 1, wherein the module is configured to:
    - determine whether incoming messages are relay test messages sent by spammers; and
      
      cause the relaying, to target systems, of incoming messages that are determined to be relay test messages.
  - 20. The system of claim 1, wherein the module is configured to:
    - determine whether incoming messages are addressed to known relay-test drop boxes; and
      
      cause the relaying, to known relay-test drop boxes, of messages that are determined to be addressed to known relay-test drop boxes.
  - 21. The system of claim 1, wherein the emulator treats all incoming email messages as undesirable email messages.
  - 22. The system of claim 1, further comprising:
    - a subsystem, associated with or in communication with the emulator, the subsystem configured to;
      
      analyze email messages to determine whether email messages are undesirable email messages that should be blocked; and
      
      inform the emulator when email messages should be blocked.
  - 33. The method of claim 16, wherein the forwarding the information about the undesirable email messages and/or about systems from which the undesirable email messages are sent, to the one or more further systems, can be performed directly or through one or more intermediary systems.

23. A system for inhibiting or suppressing delivery of undesirable email messages through vulnerable systems, comprising:
- an emulator that emulates one or more of the vulnerable systems that can be used by spammers to relay, forward or otherwise send undesirable email messages to target systems; and
  
  a module associated with the emulator, the module configured tointercept undesirable email messages that spammers attempt to relay, forward or otherwise send to target systems using one or more of the emulated one or more vulnerable systems, andforward information about the undesirable email messages and/or about systems from which the undesirable email messages are sent, to one or more further systems, so that the one or more further systems can recognize certain email messages as being undesirable;
  
  wherein the information about undesirable email messages and/or about systems from which the undesirable email messages are sent, comprises information other than or in additional to information about sending addresses from which undesirable email messages originate, so that the information would enable undesirable email messages to be identified as undesirable by the one or more further systems even if the one or more further systems received the undesirable email messages from different sending addresses.
- View Dependent Claims (24, 25, 26, 27, 28, 29, 30)
- - 24. The system of claim 23, wherein the one or more further systems comprise one or more target systems.
  - 25. The system of claim 24, wherein the one or more target systems, when they recognize certain email messages as being undesirable based on the information forwarded by the module, automatically delete the undesirable email messages, automatically relay the undesirable email messages and/or automatically put the undesirable email messages in a specific email folder.
  - 26. The system of claim 24, wherein:
    - the module is configured to flag the intercepted undesirable email messages; and
      
      the information about the undesirable email messages, which is forwarded to the one or more target systems, comprises the flagged email messages.
  - 27. The system of claim 23, wherein the one or more further systems comprise an antispam controller.
  - 28. The system of claim 27, wherein the antispam controller can communicate the information to one or more additional systems to inhibit the one or more additional systems from relaying, forwarding or otherwise sending the undesirable email messages.
  - 29. The system of claim 28, wherein:
    - the module is configured to flag the intercepted undesirable email messages; and
      
      the information about the undesirable email messages, which is forwarded to the antispam controller, comprises the flagged email messages.
  - 30. The system of claim 23, wherein the module is configured to forward the information about the undesirable email messages and/or about systems from which the undesirable email messages are sent, to the one or more further systems, directly or through one or more intermediary systems.

31. A method for inhibiting or suppressing delivery of undesirable email messages through vulnerable systems, comprising:
- emulating one or more vulnerable systems that can be used by spammers to relay, forward or otherwise send undesirable email messages to target systems;
  
  intercepting undesirable email messages that spammers attempt to relay, forward or otherwise send to target systems using one or more of the one or more vulnerable systems being emulated; and
  
  forwarding information about the undesirable email messages and/or about systems from which the undesirable email messages are sent, to one or more further systems, so that the one or more further systems can recognize certain email messages as being undesirable;
  
  wherein the information about undesirable email messages and/or about systems from which the undesirable email messages are sent, comprises information other than or in additional to information about sending addresses from which undesirable email messages originate, so that the information would enable undesirable email messages to be identified as undesirable by the one or more further systems even if the one or more further systems received the undesirable email messages from different sending addresses.
- View Dependent Claims (32)
- - 32. The method of claim 31, further comprising flagging the intercepted undesirable email messages, and wherein the information about the undesirable email messages, which is forwarded, comprise the flagged email messages.

34. A method for inhibiting or suppressing delivery of undesirable email messages through vulnerable systems comprising:
- emulating one or more vulnerable systems that can be used by spammers to relay, forward or otherwise send undesirable email messages to target systems;
  
  intercepting undesirable email messages that spammers attempt to relay, forward or otherwise send to target systems using one or more of the emulated one or more vulnerable systems, andsending replies back to spammers, in response to spammers'"'"' attempts to relay, forward or otherwise send undesirable email messages to target systems using one or more of the emulated one or more vulnerable systems; and
  
  preventing at least a majority of the intercepted undesirable email messages from ever being relayed, forwarded or otherwise sent to target systems using one or more of the one or more vulnerable systems being emulated;
  
  wherein, in order to make it appear to spammers that undesirable email messages are successfully being relayed, forwarded or other sent to target systems, the replies sent back to spammers emulate what the spammers would expect to receive had the intercepted undesirable email messages been successfully relayed, forwarded or otherwise sent using one or more of the emulated one or more vulnerable systems, even though at least a majority of the intercepted undesirable email messages are never relayed, forwarded or otherwise sent to target systems.
- View Dependent Claims (35, 36, 37, 38, 39, 40, 41, 42)
- - 35. The method of claim 34, further comprising adjusting response times, for sending the replies back to spammers, based on the lengths or sizes of the intercepted messages.
  - 36. The method of claim 34, further comprising:
    - analyzing intercepted undesirable email messages; and
      
      communicating results of the analyzing to one or more further systems to inhibit the one or more further systems from relaying, forwarding or otherwise sending the undesirable email messages;
      
      wherein the results of the analyzing include information about undesirable email messages, other than or in additional to information about sending addresses from which undesirable email messages originate, so that the information would enable undesirable email messages to be identified as undesirable by the one or more further systems even if the one or more further systems received the undesirable email messages from different sending addresses.
  - 37. The method of claim 34, further comprising:
    - relaying intercepted undesirable email messages to an antispam controller that analyzes the intercepted undesirable email messages, and communicates results of the analysis to one or more further systems to inhibit the one or more further systems from relaying, forwarding or otherwise sending the undesirable email messages;
      
      wherein the results of the analysis include information about undesirable email messages, other than or in additional to information about sending addresses from which undesirable email messages originate, so that the information would enable undesirable email messages to be identified as undesirable by the one or more further systems even if the one or more further systems received the undesirable email messages from different sending addresses.
  - 38. The method of claim 34, further comprising relaying, forwarding or otherwise sending a minority of intercepted undesirable email messages to at least some target systems, just in case spammers test whether undesirable email messages are being successfully relayed, forwarded or otherwise sent to target systems.
  - 39. The method of claim 34, further comprising:
    - determining whether incoming messages are relay test messages sent by spammers; and
      
      causing the relaying, to target systems, of incoming messages that are determined to be relay test messages.
  - 40. The method of claim 34, further comprising:
    - determining whether incoming messages are addressed to known relay-test drop boxes; and
      
      causing the relaying, to known relay-test drop boxes, of messages that are determined to be addressed to known relay-test drop boxes.
  - 41. The method of claim 34, further comprising:
    - treating, as undesirable email messages, all email messages received by the one or more vulnerable systems being emulated.
  - 42. The method of claim 34, further comprising:
    - analyzing email messages, received by the one or more vulnerable systems being emulated, to determine whether email messages are undesirable email messages that should be blocked; and
      
      informing, the one or more vulnerable systems being emulated, when email messages should be blocked.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Gozoom.com, Inc.
Original Assignee
Gozoom.com, Inc.
Inventors
Yu, Tony
Primary Examiner(s)
BAROT, BHARAT

Application Number

US11/077,384
Publication Number

US 20050246440A1
Time in Patent Office

1,735 Days
Field of Search

709202-203, 709206-207, 709223-226, 726 11- 14, 455/414.1
US Class Current

709/206
CPC Class Codes

H04L 51/212 using filtering or selectiv...

Suppression of undesirable network messages

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

42 Claims

Specification

Solutions

Use Cases

Quick Links

Suppression of undesirable network messages

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

42 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links