Reputation based message processing
First Claim
Patent Images
1. A computer-implemented method, comprising:
- receiving a message through a communications interface, the message comprising information and being a message from and associated with an entity;
receiving a reputation score that is indicative of a reputation for the entity associated with the message;
determining that the reputation score is indeterminate of the reputation of the entity, the reputation score being a value that does not provide an accurate indication of the reputation of the entity as being one of reputable or non-reputable, and in response to the determination;
queuing the message based upon the reputation score being indeterminate, thereby delaying delivery of the message;
collecting additional information associated with the entity that can be used to determine a reputation of the entity as being one of reputable or non-reputable;
receiving an updated reputation score that is indicative of the reputation for the entity associated with the message, the updated reputation score classifying the entity as being one of reputable or non-reputable and determined, in part, from the additional information collected, wherein a non-reputable reputation indicates a tendency by an entity to participate in a particular non-legitimate activity; and
in response to receiving the updated reputation score, processing the queued message based upon updated reputation score, the processing comprising;
delivering the message in response to the updated reputation score indicating the entity is reputable; and
sending, in response to the updated reputation score indicating the entity is non-reputable, the message to a dedicated interrogation engine to analyze the message for threats related to the particular non-legitimate activity in which the entity has exhibited a tendency to participate, and wherein a different dedicated interrogation engine is used for each different non-legitimate activity.
11 Assignments
0 Petitions
Accused Products
Abstract
Methods and systems for processing electronic communications based upon reputation. Reputation of an entity associated with the electronic communication can be generated. The communication can be placed in a queue based upon the reputation. The queued communication can be processed based upon updated information about the entity.
689 Citations
15 Claims
-
1. A computer-implemented method, comprising:
-
receiving a message through a communications interface, the message comprising information and being a message from and associated with an entity; receiving a reputation score that is indicative of a reputation for the entity associated with the message; determining that the reputation score is indeterminate of the reputation of the entity, the reputation score being a value that does not provide an accurate indication of the reputation of the entity as being one of reputable or non-reputable, and in response to the determination; queuing the message based upon the reputation score being indeterminate, thereby delaying delivery of the message; collecting additional information associated with the entity that can be used to determine a reputation of the entity as being one of reputable or non-reputable; receiving an updated reputation score that is indicative of the reputation for the entity associated with the message, the updated reputation score classifying the entity as being one of reputable or non-reputable and determined, in part, from the additional information collected, wherein a non-reputable reputation indicates a tendency by an entity to participate in a particular non-legitimate activity; and in response to receiving the updated reputation score, processing the queued message based upon updated reputation score, the processing comprising; delivering the message in response to the updated reputation score indicating the entity is reputable; and sending, in response to the updated reputation score indicating the entity is non-reputable, the message to a dedicated interrogation engine to analyze the message for threats related to the particular non-legitimate activity in which the entity has exhibited a tendency to participate, and wherein a different dedicated interrogation engine is used for each different non-legitimate activity. - View Dependent Claims (2, 3, 4)
-
-
5. A computer-implemented method, comprising:
-
receiving an electronic communication that is associated with and received from an entity; receiving a reputation associated with the entity associated with the electronic communication; in response to the received reputation of the entity associated with the electronic communication being indeterminate that does not provide an accurate indication of the reputation of the entity as being one of reputable or non-reputable; labeling the electronic communication as a suspicious electronic communication; delaying delivery of the suspicious electronic communication; collecting additional information associated with the entity that can be used to determine a reputation of the entity as being one of reputable or non-reputable; receiving an updated reputation that is indicative of the reputation for the entity associated with the suspicious electronic communication, the updated reputation classifying the entity as being one of reputable or non-reputable and determined, in part, from the additional information collected, wherein a non-reputable reputation indicates a tendency by an entity to participate in a particular non-legitimate activity; and in response to receiving an updated reputation, processing the suspicious electronic communication based on the updated reputation, the processing comprising; delivering the suspicious electronic communication in response to the updated reputation indicating the entity is reputable; and sending, in response to the updated reputation indicating the entity is non-reputable, the suspicious electronic communication to a dedicated interrogation engine to analyze the suspicious electronic communication for threats related to the particular non-legitimate activity in which the entity has exhibited a tendency to participate, and wherein a different dedicated interrogation engine is used for each different non-legitimate activity. - View Dependent Claims (6, 7)
-
-
8. A message interrogation system comprising:
-
a computer system having one or more computer devices and a communications interface operable to receive a query associated with a message; instructions stored in a computer storage device, the instructions executable by a computer system and defining; a reputation module operable to retrieve reputation information related to an entity associated with the message, the reputation module being further operable to identify the entity as having an indeterminate reputation that does not provide an accurate indication of the reputation of the entity as being one of reputable or non-reputable; a flagging module operable to instruct a message processing module to queue the message, wherein the queue is operable to hold the message without delivery; a reputation information collection module being operable to collect reputation information related to the entity associated with the message that can be used to determine a reputation of the entity as being one of reputable or non-reputable, wherein a non-reputable reputation indicates a tendency by an entity to participate in a particular non-legitimate activity; and the reputation module being further operable to derive an updated reputation based upon the collected reputation information and to communicate the updated reputation to a message transfer agent through the communications interface; wherein the message processing module is operable to process the message based upon the updated reputation, the processing comprising; forwarding the message to a recipient in response to the updated reputation indicating the entity is reputable; and sending, in response to the updated reputation indicating the entity is non-reputable, the message to a dedicated interrogation engine to analyze the message for threats related to the particular non-legitimate activity in which the entity has exhibited a tendency to participate, and wherein a different dedicated interrogation engine is used for each different non-legitimate activity. - View Dependent Claims (9, 10, 11, 12)
-
-
13. A system comprising:
-
a computer system having one or more computer devices and a communications interface operable to receive an electronic message, the electronic message being associated with and sent from an entity; instructions stored in a computer storage device, the instructions executable by a computer system and defining; a message processing module operable to process the electronic message to identify the entity and to send a reputation query to a reputation module to identify a reputation of the entity associated with the electronic message; a queuing module operable to place electronic messages into a queue based upon the reputation of the entity associated with the electronic message being an indeterminate reputation that does not provide an accurate indication of the reputation of the entity as being one of reputable or non-reputable; a reputation information collection module being operable to collect reputation information related to the entity associated with the electronic message that can be used to determine a reputation of the entity as being one of reputable or non-reputable, wherein a non-reputable reputation indicates a tendency by an entity to participate in a particular non-legitimate activity; and a reprocessing module operable to periodically query the reputation module for an updated reputation for the entity associated with the electronic message, the reprocessing module being further operable to process the electronic message based upon the updated reputation of the entity associated with the electronic message indicating the entity being one of reputable or non-reputable, the processing comprising; forwarding the electronic message to a recipient in response to the updated reputation indicating the entity is reputable; and sending, in response to the updated reputation indicating the entity is non-reputable, the electronic message to a dedicated interrogation engine to analyze the electronic message for threats related to the particular non-legitimate activity in which the entity has exhibited a tendency to participate, and wherein a different dedicated interrogation engine is used for each different non-legitimate activity.
-
-
14. At least one non-transitory, machine accessible storage medium having instructions stored thereon, the instructions when executed on a machine, cause the machine to:
-
receive a message through a communications interface, the message comprising information and being a message from and associated with an entity; receive a reputation score that is indicative of a reputation for the entity associated with the message; determine that the reputation score is indeterminate of the reputation of the entity, the reputation score being a value that does not provide an accurate indication of the reputation of the entity as being one of reputable or non-reputable, and in response to the determination; queue the message based upon the reputation score being indeterminate, thereby delaying delivery of the message; collect additional information associated with the entity that can be used to determine a reputation of the entity as being one of reputable or non-reputable; receive an updated reputation score that is indicative of the reputation for the entity associated with the message, the updated reputation score classifying the entity as being one of reputable or non-reputable and determined, in part, from the additional information collected, wherein a non-reputable reputation indicates a tendency by an entity to participate in a particular non-legitimate activity; and in response to receipt of the updated reputation score, process the queued message based upon updated reputation score to; deliver the message in response to the updated reputation score indicating the entity is reputable; and send, in response to the updated reputation score indicating the entity is non-reputable, the message to a dedicated interrogation engine to analyze the message for threats related to the particular non-legitimate activity in which the entity has exhibited a tendency to participate, and wherein a different dedicated interrogation engine is used for each different non-legitimate activity.
-
-
15. At least one non-transitory, machine accessible storage medium having instructions stored thereon, the instructions when executed on a machine, cause the machine to:
-
receive an electronic communication that is associated with and received from an entity; receive a reputation associated with the entity associated with the electronic communication; in response to the received reputation of the entity associated with the electronic communication being indeterminate in that the received reputation does not provide an accurate indication of the reputation of the entity as being one of reputable or non-reputable; label the electronic communication as a suspicious electronic communication; delay delivery of the suspicious electronic communication; collect additional information associated with the entity that can be used to determine a reputation of the entity as being one of reputable or non-reputable; receive an updated reputation that is indicative of the reputation for the entity associated with the suspicious electronic communication, the updated reputation classifying the entity as being one of reputable or non-reputable and determined, in part, from the additional information collected, wherein a non-reputable reputation indicates a tendency by an entity to participate in a particular non-legitimate activity; and in response to receipt of the updated reputation, processing the suspicious electronic communication based on the updated reputation to; deliver the suspicious electronic communication message in response to the updated reputation indicating the entity is reputable; and send, in response to the updated reputation indicating the entity is non-reputable, the suspicious electronic communication message to a dedicated interrogation engine to analyze the suspicious electronic communication for threats related to the particular non-legitimate activity in which the entity has exhibited a tendency to participate, and wherein a different dedicated interrogation engine is used for each different non-legitimate activity.
-
Specification