SPAM report generation system and method
First Claim
Patent Images
1. A method for generating a report on an unsolicited electronic message, comprising:
- receiving an electronic mail message;
determining whether the electronic message is an unsolicited message;
if the message is an unsolicited message, examining the message to identify a network address relating to the message, identifying an authority hosting the network address, generating a report containing the identified network address and hosting authority, and transmitting the report to a central managed service provider, where the central managed service provider collects threat information from one or more organizations and reports to the hosting authority once a predetermined amount of threat information has been collected;
wherein identifying the hosting authority comprises identifying an owner of a network domain;
wherein reporting to the hosting authority includes the central managed service provider transmitting a hosting authority message including the collected threat information to the hosting authority;
wherein the hosting authority message that the central managed service provider transmits to the hosting authority includes a hosting authority report that includes a content of the message, a date and time the message arrived on a recipient'"'"'s server, an IP address and name reported during an SMTP connection associated with the message, and a full WHOIS report used to track down the hosting authority.
11 Assignments
0 Petitions
Accused Products
Abstract
A method of the present invention generally comprises receiving an electronic mail message and determining whether the electronic message is an unsolicited message. If the message is an unsolicited message, it is examined to identify a network address relating to the message and an authority hosting the network address. A report is then generated containing the identified network address and the hosting authority.
-
Citations
31 Claims
-
1. A method for generating a report on an unsolicited electronic message, comprising:
- receiving an electronic mail message;
determining whether the electronic message is an unsolicited message;
if the message is an unsolicited message, examining the message to identify a network address relating to the message, identifying an authority hosting the network address, generating a report containing the identified network address and hosting authority, and transmitting the report to a central managed service provider, where the central managed service provider collects threat information from one or more organizations and reports to the hosting authority once a predetermined amount of threat information has been collected;
wherein identifying the hosting authority comprises identifying an owner of a network domain;
wherein reporting to the hosting authority includes the central managed service provider transmitting a hosting authority message including the collected threat information to the hosting authority;
wherein the hosting authority message that the central managed service provider transmits to the hosting authority includes a hosting authority report that includes a content of the message, a date and time the message arrived on a recipient'"'"'s server, an IP address and name reported during an SMTP connection associated with the message, and a full WHOIS report used to track down the hosting authority. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 26, 27, 28, 29, 30, 31)
- receiving an electronic mail message;
-
12. A system, the system comprising:
- a detector that detects a network address within an electronic message identified as an unsolicited message;
a host identifier that identifies an authority hosting the network address;
a report generator that generates a report containing the identified network address and hosting authority; and
a tangible computer readable storage medium that at least temporarily stores the identified network address and hosting authority;
wherein identifying the hosting authority comprises identifying an owner of a network domain;
wherein the system is operable such that the report is transmitted to a central managed service provider, where the central managed service provider collects threat information from one or more organizations and reports to the hosting authority once a predetermined amount of threat information has been collected;
wherein reporting to the hosting authority includes the central managed service provider transmitting a hosting authority message including the collected threat information to the hosting authority;
wherein the system is operable such that the hosting authority message that the central managed service provider transmits to the hosting authority includes a hosting authority report that includes a content of the message, a date and time the message arrived on a recipient'"'"'s server, an IP address and name reported during an SMTP connection associated with the message, and a full WHOIS report used to track down the hosting authority. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20)
- a detector that detects a network address within an electronic message identified as an unsolicited message;
-
21. A computer product embodied on a tangible computer readable storage medium, comprising:
- code that receives an electronic mail message;
code that determines whether the electronic message is an unsolicited message;
code that examines the message to identify a network address relating to the message if the message is an unsolicited message;
code that identifies an authority hosting the network address;
code that generates a report containing the identified network address; and
a computer readable medium that stores said computer codes;
wherein identifying the hosting authority comprises identifying an owner of a network domain;
wherein the computer product is operable such that the report is transmitted to a central managed service provider, where the central managed service provider collects threat information from one or more organizations and reports to the hosting authority once a predetermined amount of threat information has been collected;
wherein reporting to the hosting authority includes the central managed service provider transmitting a hosting authority message including the collected threat information to the hosting authority;
wherein the computer program product is operable such that the hosting authority message that the central managed service provider transmits to the hosting authority includes a hosting authority report that includes a content of the message, a date and time the message arrived on a recipient'"'"'s server, an IP address and name reported during an SMTP connection associated with the message, and a full WHOIS report used to track down the hosting authority. - View Dependent Claims (22, 23, 24, 25)
- code that receives an electronic mail message;
Specification