Spam detector with challenges
First Claim
1. An e-mail server that facilitates detection of unsolicited e-mail, comprising:
- a processor configured to execute;
an e-mail component that receives and stores messages and computes associated probabilities that the e-mail messages are spam for valid but unmonitored e-mail addresses;
a mail classifier that receives e-mail messages and determines the associated probability that a received e-mail message is spam for each of the messages; and
a challenge component that sends a challenge to an originator of the received e-mail message to a valid but unmonitored e-mail address, where the received e-mail message has an associated probability of being spam greater than a first threshold and a difficulty of the challenge being based, at least in part, upon the associated probability that the e-mail message is spam, and the challenge component desists from sending the challenge to the originator of the received e-mail message to the valid but unmonitored e-mail address, where the associated probability of the received message being spam is less than or equal to the first threshold, the challenge being sent, at least in part, to obfuscate validity of the valid but unmonitored e-mail address to the originator of the received e-mail message.
2 Assignments
0 Petitions
Accused Products
Abstract
A system and method facilitating detection of unsolicited e-mail message(s) with challenges is provided. The invention includes an e-mail component and a challenge component. The system can receive e-mail message(s) and associated probabilities that the e-mail message(s) are spam. Based, at least in part, upon the associated probability, the system can send a challenge to a sender of an e-mail message. The challenge can be an embedded code, computational challenge, human challenge and/or micropayment request. Based, at least in part, upon a response to the challenge (or lack of response), the challenge component can modify the associated probability and/or delete the e-mail message.
-
Citations
34 Claims
-
1. An e-mail server that facilitates detection of unsolicited e-mail, comprising:
a processor configured to execute; an e-mail component that receives and stores messages and computes associated probabilities that the e-mail messages are spam for valid but unmonitored e-mail addresses; a mail classifier that receives e-mail messages and determines the associated probability that a received e-mail message is spam for each of the messages; and a challenge component that sends a challenge to an originator of the received e-mail message to a valid but unmonitored e-mail address, where the received e-mail message has an associated probability of being spam greater than a first threshold and a difficulty of the challenge being based, at least in part, upon the associated probability that the e-mail message is spam, and the challenge component desists from sending the challenge to the originator of the received e-mail message to the valid but unmonitored e-mail address, where the associated probability of the received message being spam is less than or equal to the first threshold, the challenge being sent, at least in part, to obfuscate validity of the valid but unmonitored e-mail address to the originator of the received e-mail message. - View Dependent Claims (2, 3)
-
4. An e-mail server that facilitates detection of unsolicited e-mail, comprising:
-
a processor configured to execute; an e-mail component that receives and stores messages and computes associated probabilities that the e-mail messages are spam for valid but unmonitored e-mail addresses; a mail classifier that receives e-mail messages and determines the associated probability that a received e-mail message is spam for each of the messages; and a challenge component that sends a challenge to an originator of the received e-mail message to a valid but unmonitored e-mail address, the received e-mail message having an associated probability of being spam greater than a first threshold and desists from sending the challenge to the originator of the received e-mail message to the valid but unmonitored e-mail address, where the associated probability of the received message being spam is less than or equal to the first threshold, the challenge being sent, at least in part, to obfuscate validity of the valid but unmonitored e-mail address to the originator of the received e-mail message, the challenge including a computational challenge comprising a one-way hash of values derived from the received message including the message content, message recipient, message sender, message time stamp, and recipient stamp.
-
-
5. An e-mail server that facilitates detection of unsolicited e-mail, comprising:
-
a processor configured to execute; an e-mail component that receives and stores messages and computes associated probabilities that the e-mail messages are spam for valid but unmonitored e-mail addresses; a mail classifier that receives e-mail messages and determines the associated probability that a received e-mail message is spam for each of the messages; a challenge component that sends a challenge to an originator of the received e-mail message to a valid but unmonitored e-mail address, the received e-mail message having an associated probability of being spam greater than a first threshold and desists from sending the challenge to the originator of the received e-mail message to the valid but unmonitored e-mail address, where the associated probability of the received message being spam is less than or equal to the first threshold, the challenge being sent, at least in part, to obfuscate validity of the valid but unmonitored e-mail address to the originator of the received e-mail message, the challenge including a micropayment request; and wherein at least one of; the challenge includes a computational challenge comprising a one-way hash of values derived from the incoming message including the message content, message recipient, message sender, message time stamp, and recipient stamp, the challenge component sends the sender a choice of challenges, the choice of challenges being based, at least in part, upon an adaptive filter;
orthe mail classifier determines an associated probability that the incoming e-mail message is spam and a difficulty of the challenge being sent being based, at least in part, upon the associated probability that the e-mail message is spam.
-
-
6. An e-mail server that facilitates detection of unsolicited e-mail, comprising:
a processor configured to execute; an e-mail component that receives and stores messages and computes associated probabilities that the e-mail messages are spam for valid but unmonitored e-mail addresses; a mail classifier that receives e-mail messages and determines the associated probability that a received e-mail message is spam for each of the messages; and a challenge component that sends a challenge to an originator of the received e-mail message to a valid but unmonitored e-mail address, the received e-mail message having an associated probability of being spam greater than a first threshold and desists from sending the challenge to the originator of the received e-mail message to the valid but unmonitored e-mail address, where the associated probability of the received message being spam is less than or equal to the first threshold, the challenge being sent, at least in part, to obfuscate validity of the valid but unmonitored e-mail address to the originator of the received e-mail message, wherein the challenge component sends the originator a choice of challenges, the choice of challenges being based upon an adaptive spam filter.
-
7. A system that facilitates detection of unsolicited messages, comprising:
a processor configured to execute; a mail classifier that receives an incoming message and classifies the incoming message as spam or a legitimate message and reclassifies the incoming message based at least on a received challenge response, wherein reclassifying the incoming message schedules an update to the mail classifier with a new training set including the reclassified message; a challenge component that sends a challenge including a micropayment request to a sender of the message where the message is classified as spam and refrains from sending the challenge to the sender where the message is classified as a legitimate message; and wherein at least one of; the challenge includes a computational challenge comprising a one-way hash of values derived from the incoming message including the message content, message recipient, message sender, message time stamp, and recipient stamp, the challenge component sends the sender a choice of challenges, the choice of challenges being based, at least in part, upon an adaptive spam filter;
orthe mail classifier determines an associated probability that the incoming e-mail message is spam and a difficulty of the challenge being sent being based, at least in part, upon the associated probability that the e-mail message is spam. - View Dependent Claims (8, 9, 10, 11, 12, 13)
-
14. A system that facilitates detection of unsolicited e-mail, comprising:
-
a processor configured to execute; a mail classifier that receives an incoming e-mail message and classifies the incoming e-mail message as spam, questionable spam and legitimate e-mail; a legitimate e-mail sender store that stores information comprising a confidence level associated with the sender of the e-mail message classified as legitimate e-mail; and a challenge component that sends a challenge including a micropayment request to a sender of an e-mail message classified as questionable spam and sends the challenge to the sender where the e-mail message is classified as legitimate e-mail when the e-mail has an associated probability of being spam greater than the associated confidence level of the sender; and wherein at least one of; the challenge includes a computational challenge comprising a one-way hash of values derived from the incoming message including the message content, message recipient, message sender, message time stamp, and recipient stamp, the challenge component sends the sender a choice of challenges, the choice of challenges being based, at least in part, upon an adaptive spam filter;
orthe mail classifier determines an associated probability that the incoming e-mail message is spam and a difficulty of the challenge being sent being based, at least in part, upon the associated probability that the incoming e-mail message is spam. - View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22)
-
-
23. A computer implemented method for detecting unsolicited e-mail, comprising:
- sending, via a computer, a first challenge to a sender of an e-mail message classified as questionable spam;
dispatching, via the computer, a choice of challenges corresponding to a second challenge being dispatched to a sender of a second e-mail message, wherein the sender of the second e-mail message is classified as a legitimate sender and the choice of challenges is based, at least in part, upon an adaptive spam filter; receiving, at the computer; a response to the first challenge to the sender of the e-mail message classified as questionable spam, and a response to the second challenge that was sent to the legitimate sender; and modifying, via the computer; the classification of the first e-mail message based, at least in part, upon the response to the first challenge, and the classification of the second e-mail message based, at least in part, upon the response to the second challenge and a changing subjective perception or preference of a user, wherein the modification of the classification of the second e-mail message includes decreasing a probability that the legitimate e-mail message is spam. - View Dependent Claims (24, 25, 26, 27)
- sending, via a computer, a first challenge to a sender of an e-mail message classified as questionable spam;
-
28. A method for responding to e-mail challenges, comprising:
-
maintaining a quantity of challenges processed corresponding to a particular e-mail message of a plurality of e-mail messages to mitigate denial-of-service attacks; receiving, at an e-mail originator computer, a plurality of challenges to the particular e-mail message of the plurality of e-mail messages, the challenges received based at least in part on an inference by a computer initiator of the challenges that the particular e-mail message is legitimate e-mail; ordering for processing, via the e-mail originator computer, pending selected challenges corresponding to the plurality of e-mail messages based, at least in part, upon the quantity of challenges previously processed for respective corresponding messages to mitigate denial-of-service attacks; processing, via the e-mail originator computer, a first challenge of the pending selected challenges, the first challenge corresponding to a message having a fewest previously processed challenges; sending, via the e-mail originator computer, a response to the first challenge of the pending challenges corresponding to the message having the fewest previously processed challenges; responsive to sending the response to the first challenge of the pending challenges corresponding to the message having the fewest previously processed challenges, incrementing the quantity of challenges processed corresponding to that message. - View Dependent Claims (29, 30)
-
-
31. A computer storage device storing computer executable components of a system that facilitates detection of unsolicited e-mail, comprising:
-
a mail classifier component that; configures at least a legitimate-email folder and a spam e-mail folder;
receives e-mail messages;determines an associated probability that the e-mail messages are spam; classifies each of the e-mail messages as one of at least legitimate or spam; and reclassifies an e-mail message when a challenge response is received from a sender of an e-mail message; a challenge component that sends a generated challenge having at least a difficulty of a first level or a micropayment of a first amount to the sender of the e-mail message having an associated probability of being spam greater than a first threshold, and desists from generating challenge content where the associated probability of being spam is less than or equal to the first threshold, wherein the challenge component sends a more onerous challenge to the originator of an e-mail message based at least on the e-mail message having a greater associated probability of being spam, the more onerous challenge including a challenge more difficult than the first level or a challenge requiring a micropayment greater than the first amount; and at least one of the computer executable components, responsive to the e-mail message being reclassified, being configured to serve contents of at least one of the legitimate e-mail folder or the spam e-mail folder as a new training set to update the mail classifier component. - View Dependent Claims (32)
-
-
33. A computer storage device having computer executable instructions encoded thereon, the computer executable instructions programmed to configure a computer to perform operations comprising:
-
detecting whether an e-mail message is from a mailing list and in an event that the e-mail message is from a mailing list, whether the mailing list is moderated or unmoderated; in an event the e-mail message is determined to be from a moderated mailing list, including the mailing list in a legitimate e-mail sender store; in an event the e-mail message is determined to be from an unmoderated mailing list, prompting for a first threshold probability to be associated with the unmoderated mailing list; in an event the e-mail message is determined not to be from a mailing list, prompting for a first threshold probability to be associated with a sender of the e-mail message; determining an associated probability that the e-mail message is spam; sending a challenge to a respective mailing list or sender of the e-mail message having an associated probability greater than the first threshold and refraining from sending the challenge where the associated probability is less than the first threshold probability, a difficulty of the challenge being based, at least in part, upon the associated probability that the e-mail message is spam; and automatically modifying the associated probability that the e-mail is spam based on a response to a challenge. - View Dependent Claims (34)
-
Specification