Source reputation information system for filtering electronic messages using a network-connected computer
First Claim
1. A method of filtering incoming electronic messages from a computer network at a network-connected computer system, the method comprising:
- receiving a delivery attempt for an incoming electronic message at a receiving server in the network-connected computer system;
determining a source of the incoming electronic message;
requesting a reputation profile for the source from a service in the computer network that is external to the receiving server and any terminals connected thereto for receiving incoming messages from the receiving server;
receiving the reputation profile for the source at the network-connected computer system, the reputation profile based on reputation data for the source generated by a centralized electronic message traffic monitoring system evaluating messages after being sent from a sending server and before being received by the targeted receiving server; and
deciding disposition of the delivery attempt for an incoming electronic message based on the reputation profile received from the service.
3 Assignments
0 Petitions
Accused Products
Abstract
Disclosed herein are filtering systems and methods that employ an electronic message source reputation system. The source reputation system maintains a pool of source Internet Protocol (IP) address information, in the form of a Real-Time Threat Identification Network (“RTIN”) database, which can provide the reputation of source IP addresses, which can be used by customers for filtering network traffic. The source reputation system provides for multiple avenues of access to the source reputation information. Examples of such avenues can include Domain Name Server (DNS)-type queries, servicing routers with router-table data, or other avenues.
-
Citations
68 Claims
-
1. A method of filtering incoming electronic messages from a computer network at a network-connected computer system, the method comprising:
-
receiving a delivery attempt for an incoming electronic message at a receiving server in the network-connected computer system; determining a source of the incoming electronic message; requesting a reputation profile for the source from a service in the computer network that is external to the receiving server and any terminals connected thereto for receiving incoming messages from the receiving server; receiving the reputation profile for the source at the network-connected computer system, the reputation profile based on reputation data for the source generated by a centralized electronic message traffic monitoring system evaluating messages after being sent from a sending server and before being received by the targeted receiving server; and deciding disposition of the delivery attempt for an incoming electronic message based on the reputation profile received from the service. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
-
-
18. A system for handling delivery attempts for incoming electronic messages from a computer network, the system comprising:
a client system connected to the computer network and comprising a processor for executing instructions stored in a memory, the execution of the instructions configured to; receive a delivery attempt for an incoming electronic message at a receiving server in the client system, and determine a source of the incoming electronic message; and
the client system comprising a client machine within it and configured to;request a reputation profile on the source from a service in the computer network that is external to the receiving server and any terminals connected thereto for receiving incoming messages from the receiving server, receive the reputation profile on the source at the network-connected computer system, the reputation profile based on reputation data for sources of messages generated by a centralized electronic message traffic monitoring system evaluating messages after being sent from a sending server and before being received by the targeted receiving server, and decide disposition of the delivery attempt for an incoming electronic message based on the reputation profile received from the service. - View Dependent Claims (19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32)
-
33. A method of filtering a flow of electronic messages across a computer network, the method comprising:
-
receiving a delivery attempt for an incoming electronic message at a receiving server in a network-connected computer system; determining a source of the incoming electronic message; requesting a reputation profile on the source from a service in the computer network that is external to the receiving sewer and any terminals connected thereto for receiving incoming messages from the receiving server; generating -message traffic information associated with the source by the service, the message traffic information generated by a centralized electronic message traffic monitoring system evaluating messages after being sent from a sending server and before being received by the targeted receiving servers; generating a source reputation profile by the service based on at least the message traffic information; providing the source reputation profile from the service to the network-connected computer system; and deciding disposition by the network-connected computer system of the delivery attempt for an incoming electronic message based on the reputation profile received from the service. - View Dependent Claims (34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50)
-
-
51. A network traffic filtering system for filtering a flow of electronic messages across a computer network, the system comprising:
-
a client system connected to the computer network and configured to; receive a delivery attempt for an incoming electronic message at a receiving server in the client system, and determine a source of the incoming electronic message; the client system comprising a client machine within it and configured to request a reputation profile on the source from a service in the computer network that is external to the receiving server and any terminals connected thereto for receiving incoming messages from the receiving server; an engine installed on one or more computing devices affiliated with the service, the engine executing instructions stored in a memory of the one or more computing devices, the execution of the instructions configured to; generate a source reputation profile based at least on reputation data for sources of messages generated by a centralized electronic message traffic monitoring system evaluating messages after being sent from a sending server and before being received by the targeted receiving server, and provide the source reputation profile to the client machine; and wherein the client machine is further configured to decide disposition of the delivery attempt for an incoming electronic message based on the reputation profile received from the service. - View Dependent Claims (52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64, 65, 66, 67, 68)
-
Specification