Method and apparatus for controlling unsolicited messages in a messaging network using an authoritative domain name server

US 8,874,662 B2
Filed: 10/17/2008
Issued: 10/28/2014
Est. Priority Date: 10/17/2008
Status: Active Grant

First Claim

Patent Images

1. A computer-based messaging network for sending electronic mail between end users of the messaging network, the messaging network configured for reducing communication of unsolicited messages sent by at least one sender end user mimicking a valid request for a domain name address in order to send unsolicited electronic mail to a recipient end user, each end user accessing the computer-based messaging network through one of a plurality of network service providers using computers equipped with communications devices for interactive communication through an electronic mail server operated by the respective network service provider into and from the messaging network for sending and receiving electronic messages between end users, each end user having a unique local name associated with the respective network service provider, which local name in combination with a domain name of the network service provider defines a unique electronic mail address that allows end users to send and receive messages, the electronic mail server of the network service provider coordinates sending and delivery of electronic mail for the end users thereof, the network service provider further including one or more DNS servers that maintain a list of domain names and associated network addresses by which the DNS server responds to requests from the respective electronic mail server for the network address of a domain name to which electronic mail is to be sent to an end user, the network also including at least one final authoritative index of the network service providers including the network address at which the network service provider can be reached within the network, the final authoritative index maintained by an authoritative domain name microprocessor computer and validly accessed by the DNS server of the network service provider in the event the DNS server is unable to provide the network address of the domain name to which electronic mail is to be sent, the computer-based messaging network further comprising:

an authoritative domain name microprocessor computer configured (i) for server-side reduction of unsolicited messages communicated through the network in response to receiving a domain name request from one of a plurality of requesters operating within a network served by the authoritative domain name microprocessor computer, said one requester associated with a sender end user to send an electronic message to a recipient end user, the domain name request made by the requester for the purpose of obtaining a network address associated with a domain name of the recipient end user maintained by the authoritative domain name microprocessor computer in the final authoritative index and (ii) for communicating a response to the requester;

at least one sender end user bypassing the DNS server and mimicking a requester and making a domain name request directly to the authoritative domain name microprocessor computer for obtaining a network address associated with a domain name of a recipient end user to receive an unsolicited message from the sender end user;

an analyzer that interrogates the domain name request and in response to the interrogation sets a validity factor to a first indicator if the request passes the interrogation and to a second indicator if the request fails the interrogation, the interrogation at least evaluating the domain name of the requester to determine whether the domain name request originates with the one sender end user mimicking a requester; and

a response generator that determines a response to the domain name request based on the validity factor, whereby the response provides the network address associated with the domain name subject of the request if the request passes the interrogation,whereby the authoritative domain name microprocessor computer responds to domain name requests made by a valid requester and, for reducing on the server-side the volume of unsolicited electronic messages communicated within the messaging network, rejects domain name requests made by the sender end user mimicking a valid domain name request made by the DNS server of one of the network service providers.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods for controlling unsolicited messages in a messaging network using an authoritative domain name (DNS) server, in which a requester intending to send an e-mail message to a recipient queries the DNS server associated with the recipient'"'"'s domain. The response sent from the DNS server is dependent upon a security policy associated with the requester, which results from interrogations to determine the probability that the requester is sending unsolicited messages or spam. A validity factor is set to a first indicator if the request passes or to a second indicator if the request fails. The response from the DNS server provides the network address if the validity factor is set to the first indicator. A suitable not-the-network-address response is sent if the validity factor is set to the second indicator. The authoritative DNS server thereby controls, blocks, or reroutes the message and lightens the load on the recipient'"'"'s mail server and ISP(s).

22 Citations

View as Search Results

26 Claims

1. A computer-based messaging network for sending electronic mail between end users of the messaging network, the messaging network configured for reducing communication of unsolicited messages sent by at least one sender end user mimicking a valid request for a domain name address in order to send unsolicited electronic mail to a recipient end user, each end user accessing the computer-based messaging network through one of a plurality of network service providers using computers equipped with communications devices for interactive communication through an electronic mail server operated by the respective network service provider into and from the messaging network for sending and receiving electronic messages between end users, each end user having a unique local name associated with the respective network service provider, which local name in combination with a domain name of the network service provider defines a unique electronic mail address that allows end users to send and receive messages, the electronic mail server of the network service provider coordinates sending and delivery of electronic mail for the end users thereof, the network service provider further including one or more DNS servers that maintain a list of domain names and associated network addresses by which the DNS server responds to requests from the respective electronic mail server for the network address of a domain name to which electronic mail is to be sent to an end user, the network also including at least one final authoritative index of the network service providers including the network address at which the network service provider can be reached within the network, the final authoritative index maintained by an authoritative domain name microprocessor computer and validly accessed by the DNS server of the network service provider in the event the DNS server is unable to provide the network address of the domain name to which electronic mail is to be sent, the computer-based messaging network further comprising:
- an authoritative domain name microprocessor computer configured (i) for server-side reduction of unsolicited messages communicated through the network in response to receiving a domain name request from one of a plurality of requesters operating within a network served by the authoritative domain name microprocessor computer, said one requester associated with a sender end user to send an electronic message to a recipient end user, the domain name request made by the requester for the purpose of obtaining a network address associated with a domain name of the recipient end user maintained by the authoritative domain name microprocessor computer in the final authoritative index and (ii) for communicating a response to the requester;
  
  at least one sender end user bypassing the DNS server and mimicking a requester and making a domain name request directly to the authoritative domain name microprocessor computer for obtaining a network address associated with a domain name of a recipient end user to receive an unsolicited message from the sender end user;
  
  an analyzer that interrogates the domain name request and in response to the interrogation sets a validity factor to a first indicator if the request passes the interrogation and to a second indicator if the request fails the interrogation, the interrogation at least evaluating the domain name of the requester to determine whether the domain name request originates with the one sender end user mimicking a requester; and
  
  a response generator that determines a response to the domain name request based on the validity factor, whereby the response provides the network address associated with the domain name subject of the request if the request passes the interrogation,whereby the authoritative domain name microprocessor computer responds to domain name requests made by a valid requester and, for reducing on the server-side the volume of unsolicited electronic messages communicated within the messaging network, rejects domain name requests made by the sender end user mimicking a valid domain name request made by the DNS server of one of the network service providers.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
- - 2. The computer-based messaging network as recited in claim 1, wherein the response generator is configured to provide a response that is not the network address associated with the domain name subject of the request if the validity factor is set to the second indicator.
  - 3. The computer-based messaging network as recited in claim 2, wherein the response comprises a value indicating a server error, a non-existent domain was the subject of the request, or a refused request response by the authoritative domain name microprocessor computer.
  - 4. The computer-based messaging network as recited in claim 1, wherein the response generator is configured to not send a response if the validity factor is set to the second indicator.
  - 5. The computer-based messaging network as recited in claim 1, wherein the response generator is configured to provide a network address associated with an enforcement host name for receiving unsolicited messages from the sender end user if the validity factor is set to the second indicator, whereby the message is transmitted to the enforcement host name of the recipient end user.
  - 6. The computer-based messaging network as recited in claim 1, wherein the interrogation of the domain name request compares an identification of the source of the domain name request with a list of identified sender end users that send unsolicited messages and if a match is determined, the validity factor is set to the second indicator.
  - 7. The computer-based messaging network as recited in claim 1, wherein the interrogation of the domain name request compares the time interval between the current domain name request by the requester and the prior domain name request by the requester and if the time interval is less than a predetermined value, the validity factor is set to the second indicator.
  - 8. The computer-based messaging network in recited in claim 7, wherein the frequency represents a determined ratio of the number of requests made to the authoritative domain name microprocessor computer within a predetermined period.
  - 9. The computer-based messaging network as recited in claim 1, wherein the interrogation of the domain name request compares each of a plurality of data fields in the domain name request to a predetermined criteria, and if any data field fails to satisfy the respective criteria, the validity factor is set to the second indicator.
  - 10. The computer-based messaging network as recited in claim 1, wherein the interrogation of the domain name request evaluates the length of the request to a predetermined maximum packet length and if the length of the request equals the predetermine maximum packet length, the validity factor is set to the second indicator.
  - 11. The computer-based messaging network as recited in claim 1, further comprising a table of domain name requesters requesting a domain name and a requester factor that indicates the frequency of the requester making a request to the domain name microprocessor computer, the analyzer updating the table upon each request made by the requester, and if the requester factor exceeds a predetermined value, the validity factor is set to the second indicator.
  - 12. The computer-based messaging network as recited in claim 1, wherein the analyzer interrogates the domain name request according to an enforcement policy associated with the requester and if the domain name request fails to satisfy the enforcement policy, the validity factor is set to the second indicator.
  - 13. The computer-based messaging network as recited in claim 1, wherein the interrogation compares the requester to a database of authorized requesters and if listed, the validity factor is set to the first indicator.
  - 14. The computer-based messaging network as recited in claim 1, wherein the analyzer further comprises a list of interrogations to be applied against a request for a domain name, each interrogation having a predetermined first score if the request fails the interrogation and a predetermined second score if the request fails the interrogation, and a threshold value that if exceeded by the sum of the scores of the interrogations results in the validity factor set to the second indicator.
  - 15. The computer-based messaging network as recited in claim 14, wherein the predetermined second score is weighted.
  - 16. The computer-based messaging network as cited in claim 1, wherein the analyzer creates a score based on the weighted results of two or more interrogation tests, and sets a validity factor based on a pre-defined risk threshold associated with the domain name of the requester compared with the score.

17. A method of blocking communication of unsolicited messages in a computer-based messaging network configured for sending messages from sender end users to recipient end users with an authoritative domain name microprocessor computer configured to restrict transmission of an unsolicited message from a sender end user to a recipient end user, each end user accessing the computer-based messaging network through one of a plurality of network service providers using computers equipped with communications devices for interactive communication through an electronic mail server operated by the respective network service provider into and from the messaging network for sending and receiving electronic messages between end users, each end user having a unique local name associated with the respective network service provider, which local name in combination with a domain name of the network service provider defines a unique electronic mail address that allows end users to send and receive messages, the electronic mail server of the network service provider coordinates sending and delivery of electronic mail for the end users thereof, the network service provider further including one or more DNS servers that maintain a list of domain names and associated network addresses by which the DNS server responds to requests from the respective electronic mail server for the network address of a domain name to which electronic mail is to be sent to an end user, the network also including at least one final authoritative index of the network service providers including the network address at which the network service provider can be reached within the network, the final authoritative index maintained by an authoritative domain name microprocessor computer validly accessed by the DNS server of the network service provider in the event the DNS server is unable to provide the network address of the domain name to which electronic mail is to be sent, the method of the computer-based messaging network further comprising the steps of:
- (a) providing in a messaging network an authoritative domain name microprocessor computer configured for (i) receiving a domain name request from a requester end user associated with a sender of a message to a recipient end user, the domain name request made for the purpose of obtaining a network address associated with the domain name of the recipient end user which network address is maintained by the authoritative domain name microprocessor computer in the final authoritative index and for communicating a response to the requester, and (ii) reducing on the server-side unsolicited messages communicated through the network;
  
  (b) analyzing the domain name request based on an enforcement policy and in response setting a validity factor to a first indicator if the request passes the enforcement policy and to a second indicator if the request fails the enforcement policy, the enforcement policy at least evaluating the domain name of the requester to determine whether the domain name request originates with a sender end user that is mimicking a requester making a valid domain name request; and
  
  (c) returning a response to the domain name request based on the validity factor, the response comprising a network address associated with the domain name when the validity factor is set to the first indicator and the response comprising not the network address if the validity factor is set to the second indicator,whereby the validity factor set as the first indicator permits the message to be sent to the recipient end user and when set as the second indicator prevents the message from being sent to the recipient end user,whereby the authoritative domain name microprocessor computer responds to domain name requests made by a valid requester and, for reducing on the server-side the volume of unsolicited electronic messages communicated within the messaging network, rejects requests made by the sender end user mimicking a valid domain name request by the requester associated with a network service provider.
- View Dependent Claims (18, 19, 20, 21, 22, 23, 24, 25, 26)
- - 18. The method as recited in claim 17, wherein the step (c) returning comprises returning a response indicating a server error, a non-existent domain was subject of the request, or a refused request, if the validity factor is set to the second indicator.
  - 19. The method as recited in claim 17, wherein the step (c) returns a network address associated with an enforcement host name for receiving unsolicited messages from the sender end user if the validity factor is set to the second indicator, whereby the message is transmitted to the enforcement host name of the recipient end user.
  - 20. The method as recited in claim 17, wherein the enforcement policy in step (b) comprises comparing an identification of the source of the domain name request with a list of identified senders of unsolicited messages.
  - 21. The method as recited in claim 17, wherein the enforcement policy in step (b) comprises comparing the time interval between the current domain name request by the requester and the prior domain name request by the requester, and if the time interval is less than a predetermined value, setting the validity factor to the second indicator.
  - 22. The method as recited in claim 17, wherein the enforcement policy in step (b) comprises comparing each of a plurality of data fields in the domain name request to a predetermined criteria, and if any data field fails to satisfy the respective criteria, setting the validity factor to the second indicator.
  - 23. The method as recited in claim 17, wherein the enforcement policy in step (b) comprises comparing the length of the request to a predetermined maximum packet length, and if the lengths are equal, setting the validity factor to the second indicator.
  - 24. The method as recited in claim 17, wherein the enforcement policy in step (b) comprises comparing a table of domain name requesters requesting a domain name and a requester factor that indicates the frequency of the requester making a request to the authoritative domain name microprocessor computer, the analyzer updating the table upon each request made by the requester, and if the requester factor exceeds a predetermined value, setting the validity factor to the second indicator.
  - 25. The method as recited in claim 17, wherein the enforcement policy in step (b) comprises comparing the requester to a database of authorized requesters and if listed, the validity factor is set to the first indicator.
  - 26. The method as cited in claim 17, wherein the analyzer in step (b) creates a score based on the weighted results of two or more interrogation tests conducted according to the enforcement policy, and sets the validity factor based on a pre-defined risk threshold associated with the domain name of the requester compared with the score.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Oracle International Corporation (Oracle Corporation)
Original Assignee
Alan Graham, Christine Graham
Inventors
Graham, Alan, Graham, Christine
Primary Examiner(s)
MACILWINEN, JOHN MOORE JAIN

Application Number

US12/253,922
Publication Number

US 20100100957A1
Time in Patent Office

2,202 Days
Field of Search

709/206
US Class Current

709/206
CPC Class Codes

G06Q 10/107   Computer-aided management o...

H04L 51/212   using filtering or selectiv...

H04L 51/48   Message addressing, e.g. ad...

H04L 63/0227   Filtering policies mail mes...

H04L 63/1441   Countermeasures against mal...

Method and apparatus for controlling unsolicited messages in a messaging network using an authoritative domain name server

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

22 Citations

26 Claims

Specification

Solutions

Use Cases

Quick Links

Method and apparatus for controlling unsolicited messages in a messaging network using an authoritative domain name server

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

22 Citations

26 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links