Securing email conversations

US 8,930,689 B2
Filed: 09/28/2011
Issued: 01/06/2015
Est. Priority Date: 09/28/2011
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

determining that at least a portion of a transmission of an outgoing first email from a first email account to at least a second email account is to be encrypted, wherein the first email is to be sent by a first email server associated with the first email account and the second email account is associated with a different second email server;

changing a reply-to address included in the first email and corresponding to the second email account to an address associated with an intermediate device, wherein replies to the first email, intended for delivery to the second email account, are to be sent to the intermediate device prior to being routed to the second email server for delivery to the second email account based on the changed reply-to address to apply encryption to replies to the first email, replies to the first email sent to the intermediate device are sent over encrypted channels, and replies to the first email routed from the intermediate device to the second email server are sent over encrypted channels; and

causing at least a portion of a transmission of the first email to be encrypted and sent to the second email account with the changes to the reply-to address.

View all claims

10 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

At least a portion of a transmission of an outgoing first email from a first email account to at least a second email account is encrypted. Second email address data is changed corresponding to the second email account to cause replies to the first email intended for the second email account to be sent to an intermediate device prior to being routed to the second email account. Replies to the first email are then sent to the intermediate device and sent over one or more encrypted channels. Replies to the first email including the changed email address data are decoded to identify the second email address data associated with the second email account. A reply to the first email is then sent to the second email account based on the identified second email address data.

Citations

25 Claims

1. A method comprising:
- determining that at least a portion of a transmission of an outgoing first email from a first email account to at least a second email account is to be encrypted, wherein the first email is to be sent by a first email server associated with the first email account and the second email account is associated with a different second email server;
  
  changing a reply-to address included in the first email and corresponding to the second email account to an address associated with an intermediate device, wherein replies to the first email, intended for delivery to the second email account, are to be sent to the intermediate device prior to being routed to the second email server for delivery to the second email account based on the changed reply-to address to apply encryption to replies to the first email, replies to the first email sent to the intermediate device are sent over encrypted channels, and replies to the first email routed from the intermediate device to the second email server are sent over encrypted channels; and
  
  causing at least a portion of a transmission of the first email to be encrypted and sent to the second email account with the changes to the reply-to address.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 24)
- - 2. The method of claim 1, wherein the first email is to be sent to both the second email account and at least a third email account, the method further comprising:
    - changing a reply-to address corresponding to the third email account to cause replies to the first email, to include the third email account as a recipient, to be sent to the intermediate device prior to being routed to the third email account; and
      
      causing the encrypted portion of the transmission of the first email to be sent to the third email account with the changes to the reply-to addresses.
  - 3. The method of claim 2, wherein email transmissions are capable of being secured between a first server associated with the first email account and each of a second server associated with the second email account and a third server associated with the third email account, and at least some email transmissions are not secured between the second server and the third server.
  - 4. The method of claim 2, further comprising:
    - receiving at least one copy of a reply to the previously-sent first email from the second email account, the at least one copy including the changed reply-to address corresponding to the third email account;
      
      decoding at least a portion of the changed reply-to address corresponding to the third email account to identify an email address associated with the third email account; and
      
      causing the at least one copy to be forwarded to the third email client over a secured communication channel.
  - 5. The method of claim 1, further comprising changing a reply-to address corresponding to the first email account to cause replies to the first email, intended for delivery to the first email account, to be sent to the intermediate device prior to being routed to the first email account.
  - 6. The method of claim 1, wherein the intermediate device is used to serve email associated with first email account.
  - 7. The method of claim 1, wherein the intermediate device is at least partially independent from an email server of the first email account.
  - 8. The method of claim 1, wherein changing the reply-to address includes encoding a local portion of an email address of the second email account.
  - 9. The method of claim 8, wherein encoding the local portion of the email address of the second email account includes hashing the email address.
  - 10. The method of claim 8, wherein encoding the local portion of the email address of the second email account includes encrypting the email address.
  - 11. The method of claim 8, wherein encoding the local portion of the email address of the second email account includes converting the email address into a text string.
  - 12. The method of claim 1, wherein changing the reply-to address includes changing a domain portion of an email address of the second email account to a particular domain associated with the intermediate device.
  - 13. The method of claim 1, wherein changing the reply-to address includes setting a reply-to email address data field to an email address corresponding to the intermediate device.
  - 14. The method of claim 1, wherein the reply-to address is changed in response to determining that at least a portion of a transmission of an outgoing first email from a first email account to at least a second email account is to be encrypted.
  - 24. The method of claim 1, wherein the further comprising:
    - determining that at least a portion of the transmission of the outgoing first email is to be encrypted, wherein determining that at least a portion of the transmission of the outgoing first email is to be encrypted includes scanning contents of the first email to determine that a particular policy applies to the first email, and the portion of the transmission of the outgoing first email is to be encrypted according to the particular policy.

15. A method comprising:
- receiving at least one copy of a user-generated reply to a previously-sent first email, the reply to be sent to a first email account hosted at a first email server, the at least one copy including encoded reply-to email address data associated with the first email account, wherein the encoded reply-to email address data causes the at least one copy to be routed to the intermediate device over a first secured communication channel to apply encryption to the at least one copy of the reply to the first email prior to the at least one copy being routed to the first email server;
  
  decoding at least a portion of the encoded reply-to email address data to identify an email address associated with the first email account; and
  
  forwarding the at least one copy from the intermediate device to the first email server over a second secured communication channel for delivery to the first email account based on the identified email address.
- View Dependent Claims (16, 17, 18, 22, 23)
- - 16. The method of claim 15, wherein at least a portion of the encoded reply-to email address data is encrypted and decoding the portion of the encoded email address data includes decrypting the encrypted portion of the encoded reply-to email address data.
  - 17. The method of claim 15, wherein at least a portion of the encoded reply-to email address data is a hash of the email address associated with the first email client.
  - 18. The method of claim 15, wherein the encoded reply-to email address data was generated in response to a determination that the first email was to be transmitted at least partially over a secured communication channel.
  - 22. The method of claim 15, wherein the user-generated reply was at least partially generated in response to a user selection of a reply-all action to the first email at a second email client.
  - 23. The method of claim 18, wherein generating the encoded reply-to email address comprises replacing, in the first email, an original reply-to address addressing the first email account with the encoded reply-to email address.

19. At least one non-transitory, machine-accessible storage medium having instructions stored thereon, the instructions when executed on a machine, cause the machine to:
- determine that at least a portion of a transmission of an outgoing first email from a first email account to at least a second email account is to be encrypted, wherein the first email is to be sent by a first email server associated with the first email account and the second email account is associated with a different second email server;
  
  change a reply-to address included in the first email and corresponding to the second email account to an address associated with an intermediate device, wherein replies to the first email, intended for delivery to the second email account, are to be sent to the intermediate device prior to being routed to the second email server for delivery to the second email account based on the changed reply-to address to apply encryption to replies to the first email, replies to the first email sent to the intermediate device are sent over encrypted channels, and replies to the first email routed from the intermediate device to the second email server are sent over encrypted channels; and
  
  cause at least a portion of a transmission of the first email to be encrypted and sent to the second email account with the changes to the reply-to address.

20. A system comprising:
- at least one processor device;
  
  at least one memory element; and
  
  an email security engine, adapted when executed by the at least one processor device to;
  
  determine that at least a portion of a transmission of an outgoing first email from a first email account to at least a second email account is to be encrypted, wherein the first email is to be sent by a first email server associated with the first email account and the second email account is associated with a different second email serve;
  
  change a reply-to address included in the first email and corresponding to the second email account to an address associated with an intermediate device, wherein replies to the first email, intended for delivery to the second email account, are to be sent to the intermediate device prior to being routed to the second email server for delivery to the second email account based on the changed reply-to address to apply encryption to replies to the first email, replies to the first email sent to the intermediate device are sent over encrypted channels, and replies to the first email routed from the intermediate device to the second email server are sent over encrypted channels; and
  
  cause at least a portion of a transmission of the first email to be encrypted and sent to the second email account with the changes to the reply-to address.
- View Dependent Claims (21)
- - 21. The system of claim 20, further comprising an email server, the email server comprising the email security engine.

25. A system comprising:
- means to determine that at least a portion of a transmission of an outgoing first email from a first email account to at least a second email account is to be encrypted, wherein the first email is to be sent by a first email server associated with the first email account and the second email account is associated with a different second email server;
  
  means to change a reply-to address included in the first email and corresponding to the second email account to an address associated with an intermediate device, wherein replies to the first email, intended for delivery to the second email account, are to be sent to the intermediate device prior to being routed to the second email server for delivery to the second email account based on the changed reply-to address to apply encryption to replies to the first email, replies to the first email sent to the intermediate device are sent over encrypted channels, and replies to the first email routed from the intermediate device to the second email server are sent over encrypted channels; and
  
  causing at least a portion of a transmission of the first email to be encrypted and sent to the second email account with the changes to the reply-to address.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
McAfee, LLC
Original Assignee
McAfee, Inc. (McAfee, LLC)
Inventors
Liebmann, Nicholas, McKerrell, Graeme, Neal, Peter
Primary Examiner(s)
TRAN, ELLEN C

Application Number

US13/247,239
Publication Number

US 20130080775A1
Time in Patent Office

1,196 Days
Field of Search

713/168, 713/150, 713/153, 713/154
US Class Current

713/154
CPC Class Codes

H04L 51/214   using selective forwarding

H04L 51/48   Message addressing, e.g. ad...

H04L 63/0428   wherein the data content is...

H04L 63/0471   applying encryption by an i...

Securing email conversations

First Claim

10 Assignments

0 Petitions

Accused Products

Abstract

Citations

25 Claims

Specification

Solutions

Use Cases

Quick Links

Securing email conversations

First Claim

10 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

25 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links