E-mail authentication

US 8,126,971 B2
Filed: 05/07/2007
Issued: 02/28/2012
Est. Priority Date: 05/07/2007
Status: Active Grant

First Claim

Patent Images

1. A method for determining whether an e-mail originates from a sender who is authorized by an address provider to send the e-mail to an intended recipient'"'"'s e-mail address, the method comprising:

using at least one computer to perform the steps of;

receiving an e-mail directed to an intended recipient'"'"'s e-mail address;

determining a first identifier encoded in the e-mail identifying a sender of the e-mail;

determining a second identifier encoded in the e-mail that is distinct from the first identifier and from any e-mail address for the recipient, the second identifier identifying an address provider distinct from the sender and from the intended recipient as an entity from which the sender obtained the intended recipient'"'"'s e-mail address;

in response to determining the second identifier, querying an authentication server to determine whether the sender is authorized by the address provider to obtain the intended recipient'"'"'s e-mail address used for sending the e-mail to the intended recipient;

receiving a response from the authentication server;

delivering the e-mail to the intended recipient if the response indicates that the sender is authorized by the address provider to obtain the intended recipient'"'"'s e-mail address used for sending the e-mail to the intended recipient; and

preventing normal delivery of the e-mail to the intended recipient if the response indicates that the sender is not authorized by the address provider to obtain the intended recipient'"'"'s e-mail address used for sending the e-mail to the intended recipient.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method for determining whether an e-mail originates from a sender authorized by an address provider to send the e-mail to an intended recipient'"'"'s e-mail address. The e-mail identifies an address provider from which the intended recipient'"'"'s e-mail address was obtained. The e-mail is delivered to the intended recipient only upon verification that the sender is authorized by the address provider to obtain the intended recipient'"'"'s e-mail address. The system and method may also provide for determining whether an e-mail originates from a forged source. A server receives data relating to an e-mail, including a purported sender and a verification host. The server queries the verification host with information pertaining to the e-mail and requests confirmation that the e-mail originates from the purported sender. The e-mail is determined to originate from a forged source unless the verification host responds that the e-mail originates from the purported sender.

58 Citations

View as Search Results

27 Claims

1. A method for determining whether an e-mail originates from a sender who is authorized by an address provider to send the e-mail to an intended recipient'"'"'s e-mail address, the method comprising:
- using at least one computer to perform the steps of;
  
  receiving an e-mail directed to an intended recipient'"'"'s e-mail address;
  
  determining a first identifier encoded in the e-mail identifying a sender of the e-mail;
  
  determining a second identifier encoded in the e-mail that is distinct from the first identifier and from any e-mail address for the recipient, the second identifier identifying an address provider distinct from the sender and from the intended recipient as an entity from which the sender obtained the intended recipient'"'"'s e-mail address;
  
  in response to determining the second identifier, querying an authentication server to determine whether the sender is authorized by the address provider to obtain the intended recipient'"'"'s e-mail address used for sending the e-mail to the intended recipient;
  
  receiving a response from the authentication server;
  
  delivering the e-mail to the intended recipient if the response indicates that the sender is authorized by the address provider to obtain the intended recipient'"'"'s e-mail address used for sending the e-mail to the intended recipient; and
  
  preventing normal delivery of the e-mail to the intended recipient if the response indicates that the sender is not authorized by the address provider to obtain the intended recipient'"'"'s e-mail address used for sending the e-mail to the intended recipient.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
- - 2. The method of claim 1, wherein the address provider is identified in an e-mail header, subject line, or body.
  - 3. The method of claim 2, wherein the address provider is identified in a user-defined field.
  - 4. The method of claim 2, wherein the address provider is separated by at least one machine-readable character delimiter.
  - 5. The method of claim 1, wherein the e-mail further comprises an IP address associated with the authentication server.
  - 6. The method of claim 5, wherein the authentication server is provided by the address provider.
  - 7. The method of claim 5, wherein the authentication server is provided by a third party that is associated with the address provider and one or more different address providers.
  - 8. The method of claim 1, wherein the authentication server accesses a database comprising a first list of client e-mail addresses associated with the address provider or a second list of approved senders associated with the address provider.
  - 9. The method of claim 8, wherein the step of querying the authentication server comprises determining whether the intended recipient'"'"'s e-mail address is on the first list of client e-mail addresses.
  - 10. The method of claim 9, wherein the response received from the authentication server indicates that the sender is an authorized sender if the intended recipient'"'"'s e-mail address is on the first list of client e-mail addresses and wherein the response received from the authentication server indicates that the sender is not an authorized sender if the intended recipient'"'"'s e-mail address is not on the first list of client e-mail addresses.
  - 11. The method of claim 8, wherein the step of querying the authentication server comprises determining whether the sender is on the second list of approved senders.
  - 12. The method of claim 11, wherein the response received from the authentication server indicates that the sender is an authorized sender if the sender is identified on the second list of approved senders and wherein the response received from the authentication server indicates that the sender is not an authorized sender if the sender is not identified on the second list of approved senders.
  - 13. The method of claim 1, wherein preventing normal delivery of the e-mail to the intended recipient further comprises an action selected from the group consisting of:
    - discarding the e-mail, marking the e-mail as spam, and segregating the e-mail with spam.
  - 14. The method of claim 1 further comprising confirming that the e-mail originates from the sender identified in the e-mail before the step of delivering the e-mail.
  - 15. The method of claim 14, wherein the sender is identified by an IP address and wherein confirming step is performed by sending a query to the sender'"'"'s IP address requesting a confirmation that the sender sent the e-mail.
  - 16. The method of claim 15, wherein the query comprises providing a hash value for the e-mail and requesting that the sender confirm sending the e-mail based on the hash value.
  - 17. The method of claim 16, wherein the step of taking a different action is performed if the sender does not confirm sending the e-mail within a predetermined time period or a predetermined number of query attempts to the sender'"'"'s IP address.

18. A system for authenticating the dispersal of an intended recipient'"'"'s e-mail address from an address provider to a sender, the system comprising:
- a mail server, comprising at least one computer, configured for receiving an e-mail directed to an intended recipient'"'"'s e-mail address, determining a first identifier encoded in the e-mail identifying a sender of the e-mail, determining a second identifier encoded in the e-mail that is distinct from the first identifier and from any e-mail address for the recipient, and using the second identifier to identify an address provider distinct from the sender and from the intended recipient as an entity from which the sender obtained the intended recipient'"'"'s e-mail address;
  
  an authentication server, comprising at least one computer, accessible by the mail server, wherein the authentication server receives and responds to queries from the mail server; and
  
  a database accessible by the authentication server, wherein the database comprises information that permits the authentication server to determine whether the sender is authorized by the address provider to obtain the intended recipient'"'"'s e-mail address used for sending e-mail to the intended recipient'"'"'s e-mail address.
- View Dependent Claims (19, 20, 21, 22, 23, 24, 25, 26, 27)
- - 19. The system of claim 18, wherein the address provider is identified in any one or more from the group consisting of:
    - the e-mail header, subject line, and body.
  - 20. The method of claim 19, wherein the address provider is identified in a user-defined field.
  - 21. The system of claim 19, wherein the address provider is separated by at least one machine-readable character delimiter.
  - 22. The system of claim 18, wherein the e-mail further comprises an IP address associated with the authentication server.
  - 23. The system of claim 22, wherein the authentication server is provided by the address provider.
  - 24. The system of claim 22, wherein the authentication server is provided by a third party that is associated with the address provider and one or more different address providers.
  - 25. The system of claim 18, wherein the database comprises a first list of client e-mail addresses associated with the address provider and a second list of approved senders associated with the address provider.
  - 26. The system of claim 25, wherein the sender is authorized by the address provider to obtain the intended recipient'"'"'s e-mail address if the intended recipient'"'"'s e-mail address is on the first list of client e-mail addresses.
  - 27. The system of claim 25, where the sender is authorized by the address provider to obtain the intended recipient'"'"'s e-mail address if the sender is on the second list of approved senders.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Gary S. Shuster
Original Assignee
Gary S. Shuster
Inventors
Shuster, Gary Stephen
Primary Examiner(s)
Chankong, Dohm
Assistant Examiner(s)
UTREJA, NEERAJ K

Application Number

US11/745,290
Publication Number

US 20080282344A1
Time in Patent Office

1,758 Days
Field of Search

709/206
US Class Current

709/206
CPC Class Codes

H04L 51/212 using filtering or selectiv...

E-mail authentication

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

58 Citations

27 Claims

Specification

Solutions

Use Cases

Quick Links

E-mail authentication

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

58 Citations

27 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links