Electronic message source reputation information system
First Claim
1. A network traffic filtering system for filtering a flow of electronic messages across a computer network from electronic message sources to intended recipients, the system comprising:
- an engine configured to generate reputation data and updated reputation data for sources of messages by evaluating messages after being sent from sending servers and before being received by any targeted receiving server associated with one or more intended recipients of one or more of the messages, the engine further configured to generate source reputation profiles of the electronic message sources using the reputation and updated reputation data;
a centralized server installed on one or more computing devices and including the engine, the centralized server external to any gateway to a network having one or more of the targeted receiving servers associated with the one or more intended recipients;
a source reputation profile of one of the message sources created by the engine and comprising;
a first reputation score for the message source calculated by the engine based on the reputation data for the message source, the first reputation score indicating a likelihood that electronic messages from the message source are unwanted by intended recipients of the messages, anda second reputation score for the message source adjusted from the first reputation score by the engine based on updated reputation data associated with the message source, the second reputation score indicating a decreased likelihood that electronic messages from the message source are unwanted by the intended recipients; and
a database connected to the centralized server and also external to any gateway to a network having one or more of the targeted receiving servers associated with the one or more intended recipients, the database configured to store the source reputation profiles.
3 Assignments
0 Petitions
Accused Products
Abstract
Disclosed herein are filtering systems and methods that employ an electronic message source reputation system. The source reputation system maintains a pool of source Internet Protocol (IP) address information, in the form of a Real-Time Threat Identification Network (“RTIN”) database, which can provide the reputation of source IP addresses, which can be used by customers for filtering network traffic. The source reputation system provides for multiple avenues of access to the source reputation information. Examples of such avenues can include Domain Name Server (DNS)-type queries, servicing routers with router-table data, or other avenues.
-
Citations
39 Claims
-
1. A network traffic filtering system for filtering a flow of electronic messages across a computer network from electronic message sources to intended recipients, the system comprising:
-
an engine configured to generate reputation data and updated reputation data for sources of messages by evaluating messages after being sent from sending servers and before being received by any targeted receiving server associated with one or more intended recipients of one or more of the messages, the engine further configured to generate source reputation profiles of the electronic message sources using the reputation and updated reputation data; a centralized server installed on one or more computing devices and including the engine, the centralized server external to any gateway to a network having one or more of the targeted receiving servers associated with the one or more intended recipients; a source reputation profile of one of the message sources created by the engine and comprising; a first reputation score for the message source calculated by the engine based on the reputation data for the message source, the first reputation score indicating a likelihood that electronic messages from the message source are unwanted by intended recipients of the messages, and a second reputation score for the message source adjusted from the first reputation score by the engine based on updated reputation data associated with the message source, the second reputation score indicating a decreased likelihood that electronic messages from the message source are unwanted by the intended recipients; and a database connected to the centralized server and also external to any gateway to a network having one or more of the targeted receiving servers associated with the one or more intended recipients, the database configured to store the source reputation profiles. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21)
-
-
22. A method of filtering a flow of electronic messages across a computer network from electronic message sources to intended recipients, a centralized server installed on one or more computing devices and including an engine, the engine performing the steps comprising:
-
calculating a first reputation score for a message source based on reputation data associated with the message source generated by evaluating messages after being sent from a sending server associated with the source and before being received at any gateway to a network having one or more targeted receiving servers associated with one or more intended recipients of one or more of the messages, the reputation data indicating a likelihood that electronic messages from the message source are unwanted by the one or more intended recipients of the messages; blocking messages sent from the message source from reaching any targeted receiving servers associated with the one or more intended recipients at a first time when the first reputation score is attributed to the message source; adjusting the first reputation score to a second reputation score for the message source based on updated reputation data associated with the message source generated by evaluating additional messages after being sent from the sending server associated with the source and before being received at any gateway to a network having one of the targeted receiving servers associated with one or more intended recipients of one or more of the messages, the updated reputation data indicating a decreased likelihood that electronic messages from the message source are unwanted by the one or more intended recipients; and allowing messages sent from the message source to reach the one or more intended recipients at a second time later than the first time when the second reputation score is attributed to the message source. - View Dependent Claims (23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39)
-
Specification