Time and threshold based whitelisting
First Claim
1. A computer implemented method for managing electronic mail message whitelists, the method comprising the steps of:
- monitoring incoming and outgoing electronic messages, by a computer;
responsive to detecting an outgoing electronic message from a user to a recipient, adding a temporary whitelist entry for the recipient to a whitelist of the user by a computer, the temporary whitelist entry being set to automatically expire after a set period of time;
delivering electronic messages from the recipient to the user without any security screening during the set period of time prior to the automatic expiration of the temporary whitelist entry, by a computer;
analyzing electronic mail message traffic between the user and the recipient during the set period of time prior to the automatic expiration of the temporary whitelist entry, by a computer;
responsive to results of analyzing the electronic mail message traffic between the user and the recipient during the set period of time prior to the expiration of the temporary whitelist entry, determining whether to transform the temporary whitelist entry into a permanent whitelist entry and continue to deliver electronic messages from the recipient to the user without any security screening, by a computer; and
performing an additional step transforming the status of the temporary whitelist entry, by a computer.
5 Assignments
0 Petitions
Accused Products
Abstract
In response to a user sending an electronic mail message to a recipient, a whitelist manager creates a temporary whitelist entry for the recipient on the user'"'"'s whitelist. The temporary whitelist entry is set to expire after a set period of time. During the period of time that the temporary whitelist entry is in effect, electronic mail messages from the recipient are passed to the user without being subject to security screening. The whitelist manager keeps track of email traffic between the user and the recipient during this time period. If the nature of this email traffic is sufficient to establish that the recipient is legitimate, the whitelist manager converts the temporary entry to a permanent one. Otherwise, the whitelist manager disables the temporary entry, after which email from the recipient to the user is subject to normal security processing.
-
Citations
18 Claims
-
1. A computer implemented method for managing electronic mail message whitelists, the method comprising the steps of:
-
monitoring incoming and outgoing electronic messages, by a computer; responsive to detecting an outgoing electronic message from a user to a recipient, adding a temporary whitelist entry for the recipient to a whitelist of the user by a computer, the temporary whitelist entry being set to automatically expire after a set period of time; delivering electronic messages from the recipient to the user without any security screening during the set period of time prior to the automatic expiration of the temporary whitelist entry, by a computer; analyzing electronic mail message traffic between the user and the recipient during the set period of time prior to the automatic expiration of the temporary whitelist entry, by a computer; responsive to results of analyzing the electronic mail message traffic between the user and the recipient during the set period of time prior to the expiration of the temporary whitelist entry, determining whether to transform the temporary whitelist entry into a permanent whitelist entry and continue to deliver electronic messages from the recipient to the user without any security screening, by a computer; and performing an additional step transforming the status of the temporary whitelist entry, by a computer. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. At least one non-transitory computer readable medium containing a computer program product for managing electronic mail message whitelists, the computer program product comprising:
-
program code for monitoring incoming and outgoing electronic messages; program code for, responsive to detecting an outgoing electronic message from a user to a recipient, adding a temporary whitelist entry for the recipient to a whitelist of the user, the temporary whitelist entry being set to automatically expire after a set period of time; program code for delivering electronic messages from the recipient to the user without any security screening during the set period of time prior to the automatic expiration of the temporary whitelist entry; program code for analyzing electronic mail message traffic between the user and the recipient during the set period of time prior to the automatic expiration of the temporary whitelist entry; program code for, responsive to results of analyzing the electronic mail message traffic between the user and the recipient during the set period of time prior to the expiration of the temporary whitelist entry, determining whether to transform the temporary whitelist entry into a permanent whitelist entry and continue to deliver electronic messages from the recipient to the user without any security screening; and performing an additional step transforming the status of the temporary whitelist entry. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
-
Specification