Spam whitelisting for recent sites
First Claim
Patent Images
1. A method for detecting unwanted messages, comprising:
- (a) receiving, by a spam filter residing on one or more of an Internet Service Provider (“
ISP”
), a proxy server, a gateway, an e-mail server, and a client, an electronic message addressed to a first client, the electronic message comprising a header and body, the header comprising source and destination addresses;
(b) generating a browser log, wherein the browser log stores at least one Universal Resource Locator (“
URL”
) for a visited web site from at least one web browsing session;
(c) in response to receiving the electronic message, retrieving the browser log;
(d) comparing, by the spam filter, at least one of (i) a string of characters from the source address to a string of characters in a listing and (ii) a in the body of the electronic message with the at least one URL in the browser log; and
(e) when at least one of the string of characters from the source address and the URL matches at least part of a URL in the browser log, determining, by the spam filter, that the electronic message has a greater probability of being wanted than not being wanted by a first user of the first client, wherein determining comprises;
determining, by the spam filter, a first score based on a comparison of a first set of rules with the electronic message;
when the compared at least one of (i) a string of characters and (ii) URL matches at least part of the source address, adjusting, by the spam filter, the first score by a second determined amount to produce a second score, the second score indicating a lower probability of the electronic message being spam than the first score,when a match exists in step (e2), determining, by the spam filter, whether information other than an email address was provided by the first user during a session with a website corresponding to the matched URL; and
when information was provided by the first user during the session, adjusting, by the spam filter, one of the first and second scores by a third determined amount to produce a third score, the third score indicating a lower probability of the electronic message being spam than the first and second scores.
23 Assignments
0 Petitions
Accused Products
Abstract
The present invention is directed to spam filters which consider browser-generated information, such as a browser log, in determining whether an electronic message, such as an e-mail, is or is not spam.
69 Citations
17 Claims
-
1. A method for detecting unwanted messages, comprising:
-
(a) receiving, by a spam filter residing on one or more of an Internet Service Provider (“
ISP”
), a proxy server, a gateway, an e-mail server, and a client, an electronic message addressed to a first client, the electronic message comprising a header and body, the header comprising source and destination addresses;(b) generating a browser log, wherein the browser log stores at least one Universal Resource Locator (“
URL”
) for a visited web site from at least one web browsing session;(c) in response to receiving the electronic message, retrieving the browser log; (d) comparing, by the spam filter, at least one of (i) a string of characters from the source address to a string of characters in a listing and (ii) a in the body of the electronic message with the at least one URL in the browser log; and (e) when at least one of the string of characters from the source address and the URL matches at least part of a URL in the browser log, determining, by the spam filter, that the electronic message has a greater probability of being wanted than not being wanted by a first user of the first client, wherein determining comprises; determining, by the spam filter, a first score based on a comparison of a first set of rules with the electronic message; when the compared at least one of (i) a string of characters and (ii) URL matches at least part of the source address, adjusting, by the spam filter, the first score by a second determined amount to produce a second score, the second score indicating a lower probability of the electronic message being spam than the first score, when a match exists in step (e2), determining, by the spam filter, whether information other than an email address was provided by the first user during a session with a website corresponding to the matched URL; and when information was provided by the first user during the session, adjusting, by the spam filter, one of the first and second scores by a third determined amount to produce a third score, the third score indicating a lower probability of the electronic message being spam than the first and second scores. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A system for detecting unwanted messages, comprising:
-
an input operable to receive an electronic messages, including a first electronic message addressed to a first client, the first electronic message comprising a header and body, the header comprising source and destination addresses; and a spam filter operable to; retrieve a browsing history including at least one Universal Resource Locator (“
URL”
) associated with a previous web browsing session;compare at least one of (i) a string of characters from the source address and (ii) a in the body with the at least one URL stored in the browsing history associated with the first client; when the compared at least one of (i) a string of characters and (ii) URL matches at least part of a URL in the browser history, determine that the first electronic message has a greater probability of being wanted than not being wanted by a first user of the first client, wherein the in determining the first electronic message has a greater probability of being wanted, the spam filter is further operable to; determining a first score based on a comparison of a first set of rules with the first electronic message; when the compared at least one of (i) a string of characters and (ii) URL matches at least part of the source address, adjusting the first score by a second determined amount to produce a second score, the second score indicating a lower probability of the first electronic message being spam than the first score; when a match exists, determining whether information other than an email address was provided by the first user during a session with a website corresponding to the matched URL; and when information was provided by the first user during the session, adjusting one of the first and second scores by a third determined amount to produce a third score, the third score indicating a lower probability of the first electronic message being spam than the first and second scores. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
-
17. A method for detecting unwanted messages, comprising:
-
receiving, by a spam filter residing on one or more of an Internet Service Provider (“
ISP”
), a proxy server, a gateway, an e-mail server, and a client, an electronic message addressed to a first client, the electronic message comprising a header and body, the header comprising source and destination addresses;comparing, by the spam filter, at least one of (i) a string of characters from the source address and (ii) a Universal Resource Locator (“
URL”
) in the body with a listing of URLs derived from at least one browsing session conducted by the first client, wherein the URL listing is a browser log; andwhen the compared at least one of (i) a string of characters and (ii) URL matches at least part of a URL in the listing, determining, by the spam filter, that the electronic message has a greater probability of being wanted than not being wanted by a first user of the first client, wherein determining comprises; determining, by the spam filter, a first score based on a comparison of a first set of rules with the electronic message; when the compared at least one of (i) a string of characters and (ii) URL matches at least part of the source address, adjusting, by the spam filter, the first score by a second determined amount to produce a second score, the second score indicating a lower probability of the electronic message being spam than the first score; when a match exists, determining whether information other than an email address was provided by the first user during a session with a website corresponding to the matched URL; and when information was provided by the first user during the session, adjusting one of the first and second scores by a third determined amount to produce a third score, the third score indicating a lower probability of the electronic message being spam than the first and second scores.
-
Specification