Bounce management in a trusted communication network
First Claim
1. A private network processing hub that receives and processes messages submitted by a plurality of independent member networks and handles bounced messages intended for said plurality of independent member networks, said private network processing hub and said independent member networks combining to form a private network, said private network processing hub comprising:
- a message transfer agent that receives an original message from a member network of said plurality of independent member networks, said original message being sent from an original sender to a recipient, said message transfer agent further creating a tracking identifier indicating that said original message was routed through said private network processing hub, and inserting said tracking identifier into said original message prior to sending said original message to said recipient; and
a bounce management module that receives a second message and determines that said second message is a bounced message, said bounce management module further determining that said bounced message was generated in response to said original message by examining said bounced message to ascertain if said bounced message includes said tracking identifier, if said bounced message includes said tracking identifier then said bounced message is an authenticated bounced message and is delivered to said member network, if said bounced message does not include said tracking identifier then said bounced message is considered a malicious message and is rejected by said private network processing hub and is not delivered to said member network, wherein the tracking identifier is inserted into the original message by rewriting a MAIL FROM field in the original message, wherein the MAIL FROM field is rewritten by replacing a domain name in the MAIL FROM field with a Variable Envelope Return Path (VERP) address that includes the tracking identifier, and wherein the VERP address is used to filter incoming messages, wherein the bounce management module is further configured to determine an action to take responsive to receiving the authenticated bounced message, wherein the action is specified in a policy associated with the member network of the original sender.
15 Assignments
0 Petitions
Accused Products
Abstract
An embodiment of a method handles bounced messages in a private network processing hub that is configured to handle messages submitted by a plurality of member networks that are registered with the private network processing hub, and wherein the private network processing hub and the plurality of member networks form a private network. The method may include receiving a first message from a member network or from an unregistered network within the private network processing hub, and determining whether the first message is a bounced message generated in response to an original message sent by the private network processing hub by searching the first message for a tracking identifier that was generated by the private network processing hub and inserted into the original message. The determining operation may include searching for the tracking identifier among a plurality of stored tracking identifiers. A system is described that carries out the method.
174 Citations
18 Claims
-
1. A private network processing hub that receives and processes messages submitted by a plurality of independent member networks and handles bounced messages intended for said plurality of independent member networks, said private network processing hub and said independent member networks combining to form a private network, said private network processing hub comprising:
-
a message transfer agent that receives an original message from a member network of said plurality of independent member networks, said original message being sent from an original sender to a recipient, said message transfer agent further creating a tracking identifier indicating that said original message was routed through said private network processing hub, and inserting said tracking identifier into said original message prior to sending said original message to said recipient; and a bounce management module that receives a second message and determines that said second message is a bounced message, said bounce management module further determining that said bounced message was generated in response to said original message by examining said bounced message to ascertain if said bounced message includes said tracking identifier, if said bounced message includes said tracking identifier then said bounced message is an authenticated bounced message and is delivered to said member network, if said bounced message does not include said tracking identifier then said bounced message is considered a malicious message and is rejected by said private network processing hub and is not delivered to said member network, wherein the tracking identifier is inserted into the original message by rewriting a MAIL FROM field in the original message, wherein the MAIL FROM field is rewritten by replacing a domain name in the MAIL FROM field with a Variable Envelope Return Path (VERP) address that includes the tracking identifier, and wherein the VERP address is used to filter incoming messages, wherein the bounce management module is further configured to determine an action to take responsive to receiving the authenticated bounced message, wherein the action is specified in a policy associated with the member network of the original sender. - View Dependent Claims (2, 3, 4, 5, 6, 7, 10, 11, 12)
-
-
8. A method for handling bounced messages using a private network processing hub, said private network processing hub receiving and processing messages submitted by a plurality of member network that are registered with said private network processing hub, said private network processing hub and said plurality of member networks combining to form a private network, said method comprising:
-
receiving an original message from a member network of said plurality of member networks at said private network processing hub, said original message being sent from an original sender to a recipient; generating a tracking identifier by said private network processing hub that indicates that said original message was routed through said private network processing hub; inserting said tracking identifier into said original message by said private network processing hub prior to sending said original message to said recipient; receiving a second message at said private network processing hub from one of said member networks of said plurality of member networks or from an unregistered network; determining by said private network processing hub that said second message is a bounced message; examining said bounced message by said private network processing hub to ascertain if said bounced message includes said tracking identifier; determining by said private network processing hub whether said bounced message is an authenticated bounced message or a malicious message such that said bounced message is an authenticated bounced message that was generated in response to said original message if said bounced message includes said tracking identifier and said bounced message is considered a malicious message if said bounced message does not include said tracking identifier then said bounced message; delivering from said private network processing hub to said member network said authenticated bounced message if said bounced message is determined to be said authenticated bounced message; rejecting said malicious message by said private network processing hub and not delivering said malicious message from said private network hub to said member network if said bounced message is determined to be said malicious message, wherein the tracking identifier is inserted into the original message by rewriting a MAIL FROM field in the original message, wherein the MAIL FROM field is rewritten by replacing a domain name in the MAIL FROM field with a Variable Envelope Return Path (VERP) address that includes the tracking identifier, and wherein the VERP address is used to filter incoming messages; and determining an action to take responsive to the authenticated bounced message, wherein the action is specified in a policy associated with the member network of the original sender. - View Dependent Claims (9, 13, 14, 15, 16)
-
-
17. A non-transitory machine-readable storage medium that stores instructions for a private network processing hub to perform processes to handle bounced messages, said private network processing hub receiving and processing messages submitted by a plurality of member networks that are registered with said private network processing hub, said private network processing hub and said plurality of member networks combining to form a private network, said processes comprising:
-
receiving an original message from a member network of said plurality of member networks at said private network processing hub, said original message being sent from an original sender to a recipient; generating a tracking identifier that indicates that said original message was routed through said private network processing hub; inserting said tracking identifier into said original message prior to sending said original message to said recipient; receiving a second message at said private network processing hub from one of said member networks of said plurality of member networks or from an unregistered network; determining that said second message is a bounced message; examining said bounced message to ascertain if said bounced message includes said tracking identifier; determining whether said bounced message is an authenticated bounced message or a malicious message such that said bounced message is an authenticated bounced message that was generated in response to said original message if said bounced message includes said tracking identifier and said bounced message is considered a malicious message if said bounced message does not include said tracking identifier then said bounced message; delivering from said private network processing hub to said member network said authenticated bounced message if said bounced message is determined to be said authenticated bounced message; rejecting said malicious message and not delivering said malicious message from said private network hub to said member network if said bounced message is determined to be said malicious message, wherein the tracking identifier is inserted into the original message by rewriting a MAIL FROM field in the original message, wherein the MAIL FROM field is rewritten by replacing a domain name in the MAIL FROM field with a Variable Envelope Return Path (VERP) address that includes the tracking identifier, and wherein the VERP address is used to filter incoming messages; and determining an action to take responsive to the authenticated bounced message, wherein the action is specified in a policy associated with the member network of the original sender. - View Dependent Claims (18)
-
Specification