NL2002796C2 - Verifying authorized transmission of electronic messages over a network. - Google Patents
Verifying authorized transmission of electronic messages over a network. Download PDFInfo
- Publication number
- NL2002796C2 NL2002796C2 NL2002796A NL2002796A NL2002796C2 NL 2002796 C2 NL2002796 C2 NL 2002796C2 NL 2002796 A NL2002796 A NL 2002796A NL 2002796 A NL2002796 A NL 2002796A NL 2002796 C2 NL2002796 C2 NL 2002796C2
- Authority
- NL
- Netherlands
- Prior art keywords
- message
- verification
- address
- sending
- link code
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L51/00—User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail
- H04L51/21—Monitoring or handling of messages
- H04L51/212—Monitoring or handling of messages using filtering or selective blocking
Description
NL13101-LG/td
Verifying authorized transmission of electronic messages over a network
FIELD OF THE INVENTION
The invention relates to the field of reducing transmission of unsolicited electronic messages, often referred to as spam messages, over a wired and/or wireless network.
5 BACKGROUND OF THE INVENTION j
The advent of global communications networks such as the internet has presented commercial opportunities for reaching vast numbers of potential customers. Electronic messages, and 10 particularly electronic mail ("email"), are becoming increasingly pervasive as a means for disseminating unwanted advertisements and promotions (also denoted as "spam") to network users.
Common techniques utilized to thwart spam involve the employment of filtering systems/methodologies. Machine-learning 15 filters assign to an incoming message a probability that the message is spam. In this approach, features typically are extracted from two classes of example messages (e.g., spam and non-spam messages), and a learning filter is applied to discriminate probabilistically between the two classes. Since many 20 message features are related to content (e.g., whole words and phrases in the subject and/or body of the message), such types of filters are commonly referred to as "content-based filters". j
These types of machine learning filters usually employ exact i i match techniques in order to detect and distinguish spam mes- j 25 sages from good messages.
Other spam filters operate on the basis of IP address or DNS address recognition by verifying the IP/DNS source address of the electronic message.
Unfortunately, often spammers can fool conventional 30 spam filters by e.g. modifying their spam messages to look like good mail or to include a variety of erroneous characters j throughout the message to avoid and/or confuse character recog- \ 2 nition systems. Thus, such conventional spam filters provide limited protection against unsolicited electronic messages.
US 2003/0009698 discloses a method and system for filtering spam. Whenever a message is first received from an 5 unapproved sender, a confirmation request email is sent to the sender's email address requesting the sender to confirm its existence and identity. Until the unapproved sender replies to the confirmation request email, electronic messages received from the unapproved sender are treated as spam. An inclusion list of 10 senders is maintained by the spam filter that includes a list of approved senders. Electronic messages from approved senders are not treated as spam, and are immediately delivered to the user.
A database of valid source addresses for a user is maintained either on the user's computing device or on a mail server, de-15 pending upon the specific application.
Also, US 2005/0188045 discloses a system for eliminating unauthorized email sent to a user on a network. The system employs an email-receiving server connected between the network and the user's email client for receiving email addressed to the 20 user and rejecting those in which the sender address does not match any of sender addresses maintained on an "authorized senders" list (ASL list). The ASL lists are maintained by an ASL j
manager in an ASL database operable with a spam processor mod- J
ule. A redirector module rejects the email if, upon sending a | 25 request for validation to the spam processor module, the j sender's address does not match any authorized sender address on j the ASL list. Email rejected by the redirector module is redirected to a web-based messaging (WBM) module which sends a message to the sender to confirm that the sender is a legitimate j 30 sender of email to the intended recipient. If the sender logs on to confirm their status, the WBM module executes an interaction procedure which can only be performed by a human, in order to ensure that the confirmation procedure is not performed by a mechanical program. The ASL manager maintains the ASL lists based 35 upon sender address data collected from various sources and analysis of various email usage factors, including sent email, 3 f- received email, contact lists maintained by the user, user pref- j erence inputs, third party programs, etc. j
Purgy.com markets anti-spam software ("Xtreem Purgy"). j
When a new message arrives, the software checks if its sender is j 5 on the list of approved senders. If the sender is on the list, the new message is made available to the email program and ends up in a mailbox. If the person who sent the new message is not on the list of approved senders, the software sends back a message (referred to as a "verification request") asking the person 10 to verify that the person's email address is legitimate. Upon |.
positive verification the email address is added to the list of I
approved senders meaning that all future messages sent from the verified email address are automatically delivered to the mailbox .
5 [ 15 Although anti-spam software based on verification of j the sender address has reduced the amount of unsolicited elec- ! tronie messages in mailboxes of users, such software is j considered as particularly inconvenient for the sender of the ! electronic message. Such a method is sometimes even considered j 20 inappropriate as it starts from the presupposition that a first i time legitimate sender of electronic messages is a spamming sus- i pect. As a consequence, such anti-spam software has not been distributed amongst a sufficient amount of computers to significantly reduce the amount of electronic spam messages transmitted 25 over networks. This, in turn, results in a large waste of electronic resources by the continuation of transmission of spam messages.
Therefore, there exists a need in the art for an im- | proved method and system for the reduction of electronic spam 30 messages.
SUMMARY OF THE INVENTION
A computer-implemented method of verifying authorized transmission of electronic messages over a network comprising a 35 sending device and a recipient device is proposed. A first electronic message is transmitted over the wired and/or wireless network and a verification request message is received in re- j | ...... .... .....
4 sponse to transmitting the first electronic message. A verification response message is transmitted automatically in response to receiving the verification request message. When the verification response message has been received by a recipient device, 5 the electronic message can be indicated as a non-spam electronic message.
Massive spamming with electronic messages is typically performed from non-existing sender addresses that, as a consequence thereof, cannot receive reply e-mails. Despite this fact, 10 recognized in US 2003/0009698, anti-spam methods relying on verification request messages and verification response messages before electronic messages are indicated as non-spam, require human interaction in order to send a verification response message from a sender device. The applicant has realized that when 15 a sender address of an electronic message is capable of receiving a verification request message, it is likely that that this sender is not a spammer (and the electronic message is not a spam message). As a consequence, an automatic reply facility to send a verification response message in response to the verifi-20 cation request message (automatic authentication) will not significantly reduce the effectiveness of the anti-spam software, whereas the user-friendliness is greatly improved and the penetration of the software in the market is enhanced resulting in a reduction of spam. In case the spammer uses an existing 25 sender address, the address will be flooded with verification request messages and, moreover, the spammer will be traceable.
It is advantageous to link the verification request message and verification response message by a verification mes- j sage link code. The verification message link code is first j i 30 assigned to the first verification request message from a re- j.
i cipient device. Accordingly, the verification response message j can only contain the appropriate verification message link code [ j after receipt of the verification request message. This feature [ eliminates the possibility for a spammer to send a verification | 35 response message after the first electronic message without hav- j ing received a verification request message.
| 5
Advantageously, use of the verification message is continued during subsequent message exchanges between a sending address and a recipient address. The link code is read from the subsequent electronic messages and checked against a stored link i 5 code for an associated sender address in a database in order to | | verify that an initially verified sender address has not been j spoofed afterwards.
It should be noted that the verification facility may be employed both for regular electronic messages and for web- j 10 implemented electronic messages, such as webmail. Verification j may also be employed in the wireless domain, using mobile devices. The method can be applied in server-client and server-server applications, e.g. in a user device or in an intermediary j (virtual) device in a network, e.g. a POP3 server, an IMAP | 15 server, an ISP etc. j
The invention also relates to a sending device, a re- i cipient device, a computer program and a system configured for verifying the authorized transmission of electronic messages over a network. i 20 Hereinafter, embodiments of the invention will be de scribed in further detail. It should be appreciated, however, that these embodiments may not be construed as limiting the scope of protection for the present invention.
25 BRIEF DESCRIPTION OF THE DRAWINGS j
In the drawings: j FIG. 1 provides a schematic illustration of a system according to an embodiment of the invention; ; FIG. 2 shows a message flow chart of messages in the | 30 system of FIG. 1 according to an embodiment of the invention; j
FIG. 3 shows a flow chart illustrating a method of op- I
erating the system of FIG. 1 according to an embodiment of the [ invention; i FIG. 4 shows a flow chart illustrating a method of | 35 sending an electronic message. ! | j 6
DETAILED DESCRIPTION OF THE DRAWINGS
FIG. 1 provides a schematic illustration of a system 1 comprising a sender device 2 and a recipient device 3 connected by a network 4 via servers 5, 6 (which may be internet service 5 providers (ISPs) or a server of an organization). Sender device 2 and recipient device 3 are e.g. personal computers.
In an embodiment of the invention, server 6 comprises a processor module (not shown) for operating a method of verifying the authenticity of electronic messages for recipient devices 3.
10 The method may be employed using software code portions executed by the processor module. Server 6 comprises or has access to a database 7.
The system 1 also comprises a connection to telecommunications system 8 accessible via wireless access network 9 for 15 a mobile recipient device 3.
FIGS. 2 and 3 illustrate a method of operating the system of FIG. 1. It is assumed that a first e-mail is to be transmitted from the sender device 2 to the recipient device 3.
In step 20 a first email is transmitted from sender de-20 vice 2 to server 5 in a manner known as such. The first email contains a sender address and a recipient address. Server 5 forwards the first email over network 4 to server 6 in step 21.
Server 6 stores the email in a spam folder associated ! with the recipient address of recipient device 3. The contents 25 of the spam folder may be inspected by a user of the recipient i device 3. Server 6 verifies in database 7 whether or not the | sender address in the first email is listed on a white list of i the recipient address. The white list contains one or more trusted sender addresses, authenticated by a user of the recipi-30 ent address.
If the sender address is not present on the white list for the recipient address, a verification message link code is assigned and stored in database 7 in association with the sender address. A validity period is also assigned to the link code. A 35 verification request message containing the verification message link code is transmitted from the server 6 to the sender address f of the sending device 2 in steps 22, 23. j ! i I.
7
At the sending device 2, the verification message link code is stored and a verification response message, also containing the link code, is generated and transmitted back automatically without involvement of the user of the sending de-5 vice 2 in steps 24, 25 to the server 6. The steps are performed by software code portions running on the sending device 2. Said software code portions may be part of a dedicated email software program or of a downloadable software tool that operates in combination with an email software program. The receipt of the 10 verification request message and the transmittal of the verification response message, both messages containing the verification message link code, are preferably not visible to the user of the sender device 2.
The server 6 verifies whether the link code in the 15 verification request message and the link code in the verification response message correspond. Assuming that the link code of j the verification response message is received within the valid- ' ity period for the code, the email message is transferred from a j spam folder to an inbox folder if the link codes correspond such j 20 that the email can be made available to the recipient device 3 in step 26. Moreover, the sender address may be put on the white list of the recipient address, either automatically or upon positive confirmation from the recipient address. If the verification response message is not received or if the verification 25 message link code of the verification request message and the verification response message do not correspond, the email is not transferred to the inbox folder.
If it is determined that the first email originates from a sender address that is present on the white list, it is 30 verified whether or not the sender used a program or tool configured for returning verification link codes. This may e.g. be recognized from information in the first email (e.g. in the header of the first e-mail).
If the sender does not use such a program or tool, the 35 first email is transferred from the spam folder to the inbox folder of the recipient address. If the sender is recognized to use such a program or tool, it is subsequently verified if a i | t; i j f i 8 verification message link code is known for this sender address j s in e.g. the white list. If such a code is not present, a link j code is assigned to the sender address and the verification pro- ] cedure may be initiated. The email is transferred from the spam j 5 folder to the inbox folder of the recipient address. j
It is assumed that the user of the sending device 2 now I
i transmits a second email to the recipient device 3 in steps 27, j 28. The sending device operates a program or tool for automati- j cally returning a verification message link code. The second j 10 email contains the verification message link code obtained pre- j viously. The sender address of sending device 2 is assumed to be j present on the white list associated with the recipient address.
Server 6, upon receipt of the second email, again verifies whether the sender address is on the white list and that 15 the sender device used a program or tool for automatically returning a verification message link code. Moreover, server 6 verifies whether the link code in the second email corresponds j to the link code stored in database 7 associated with the sender address. If the link code read from the second e-mail corre- j 20 sponds to the stored link code, the second email is stored in !
the inbox folder of the recipient device 3 and is made available in step 29. Otherwise, the email will not be transferred to the inbox folder. I
FIG. 4 is a flow chart for the situation of transmit- | 25 ting an email using the program or tool according to an j embodiment of the invention. If the user of recipient device 3 j desires to reply to the first or second email with a third j email, server 6 places the verification message link code in the ! third email if the user of the sending device is on the white j j 30 list and a code is known for this user address. The third email 1 is forwarded in steps 31, 32 to the (original) sender device 2. j
The verification message link code in the third email is checked, e.g. by sender device 2, against the link code received in step 22, 23 and, upon positive verification, the third email 35 is placed in the inbox folder of the sending device 2.
The ongoing use of the assigned verification message r link code during subsequent message exchanges prevents a spammer 9 to use a sender address that has been put on the white lists of many recipients. White lists not necessarily contain (only) individual trusted sender addresses, but may (also) contain trusted domains. An example is the entry *@skef.com indicating 5 that all sender addresses of this domain are trusted sender addresses.
It should be appreciated that one or more of the above-mentioned steps at the server 6, may also be applied locally at the recipient device 3 or at the server 5.
10 It may not always be advisable to rely on the judgement of a single recipient in order to put a sender address on a white list. Accordingly, e.g. for large organizations, the white list may be a shared white list for the organization (or a part of the organization). Sender addresses are only put on the 15 shared white list if a predetermined number of authentications is obtained from within the organization. A counter may be em- j
ployed for recording the number of received individual I
authentications. Authentications may be generated as a result of putting a sender address on personal white lists of people or 20 groups within the organization.
Recipients are allowed to manually enter sender ad- j dresses on the white list. Also, if recipients initiate j
electronic messages themselves, the addressees of these messages I
are put on the white list automatically.
25 It should be appreciated that the method may also be j employed without the use of a white list. In such an embodiment, j each sent electronic message is verified by the mechanism of receiving a verification request message and automatically transmitting a verification response message, both preferably j 30 containing the verification message link code. j.
The verification message link code may be a unique j { code. The code may contain of first block of characters from j i which a sender address may be derived and a second block of i' I- characters indicative of the number of received electronic mes- j 35 sages. j j I- f s
Claims (16)
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
PCT/NL2008/050254 WO2009131437A1 (en) | 2008-04-25 | 2008-04-25 | Verifying authorized transmission of electronic messages over a network |
NL2008050254 | 2008-04-25 |
Publications (2)
Publication Number | Publication Date |
---|---|
NL2002796A1 NL2002796A1 (en) | 2009-10-27 |
NL2002796C2 true NL2002796C2 (en) | 2011-04-04 |
Family
ID=40263472
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
NL2002796A NL2002796C2 (en) | 2008-04-25 | 2009-04-24 | Verifying authorized transmission of electronic messages over a network. |
Country Status (3)
Country | Link |
---|---|
EP (1) | EP2272223A1 (en) |
NL (1) | NL2002796C2 (en) |
WO (1) | WO2009131437A1 (en) |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20030009698A1 (en) * | 2001-05-30 | 2003-01-09 | Cascadezone, Inc. | Spam avenger |
US20060031338A1 (en) * | 2004-08-09 | 2006-02-09 | Microsoft Corporation | Challenge response systems |
FR2907292A1 (en) * | 2006-10-16 | 2008-04-18 | France Telecom | MESSAGE CONTROL TO BE TRANSMITTED FROM A TRANSMITTER DOMAIN TO A RECEIVER DOMAIN |
-
2008
- 2008-04-25 EP EP08741675A patent/EP2272223A1/en not_active Ceased
- 2008-04-25 WO PCT/NL2008/050254 patent/WO2009131437A1/en active Application Filing
-
2009
- 2009-04-24 NL NL2002796A patent/NL2002796C2/en not_active IP Right Cessation
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20030009698A1 (en) * | 2001-05-30 | 2003-01-09 | Cascadezone, Inc. | Spam avenger |
US20060031338A1 (en) * | 2004-08-09 | 2006-02-09 | Microsoft Corporation | Challenge response systems |
FR2907292A1 (en) * | 2006-10-16 | 2008-04-18 | France Telecom | MESSAGE CONTROL TO BE TRANSMITTED FROM A TRANSMITTER DOMAIN TO A RECEIVER DOMAIN |
Also Published As
Publication number | Publication date |
---|---|
NL2002796A1 (en) | 2009-10-27 |
WO2009131437A1 (en) | 2009-10-29 |
EP2272223A1 (en) | 2011-01-12 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US8073912B2 (en) | Sender authentication for difficult to classify email | |
US7529802B2 (en) | Method for performing multiple hierarchically tests to verify identity of sender of an email message and assigning the highest confidence value | |
US6546416B1 (en) | Method and system for selectively blocking delivery of bulk electronic mail | |
US20030212791A1 (en) | Method and system for authorising electronic mail | |
US20060004896A1 (en) | Managing unwanted/unsolicited e-mail protection using sender identity | |
US20080313704A1 (en) | Electronic Message Authentication | |
US20070204026A1 (en) | Method For Blocking Unwanted E-Mail Based On Proximity Detection | |
US20040236838A1 (en) | Method and code for authenticating electronic messages | |
US7516184B2 (en) | Method and system for a method for evaluating a message based in part on a registrar reputation | |
US20060026246A1 (en) | System and method for authorizing delivery of E-mail and reducing spam | |
US20080172468A1 (en) | Virtual email method for preventing delivery of unsolicited and undesired electronic messages | |
US20070204043A1 (en) | Method, system and apparatus for rejecting unauthorized or SPAM e-mail messages. | |
US20090300128A1 (en) | E-mail authentication protocol or map | |
US20080177843A1 (en) | Inferring email action based on user input | |
US20090177673A1 (en) | Method for predelivery verification of an intended recipient of an electronic message and dynamic generation of message content upon verification | |
US20230007011A1 (en) | Method and system for managing impersonated, forged/tampered email | |
NL2002796C2 (en) | Verifying authorized transmission of electronic messages over a network. | |
KR20060124489A (en) | System for blocking spam mail and method of the same | |
US20070192420A1 (en) | Method, apparatus and system for a keyed email framework | |
Orman | From Whom?: SMTP Headers Hold the Clues | |
US20070180034A1 (en) | Method and system for filtering communication | |
Engelberth et al. | Mail-shake | |
Bishop | Spam and the CAN-SPAM Act | |
Tung et al. | PISA Anti-Spam Project Group | |
AU2003203794A1 (en) | A method and system for authorising electronic mail |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AD1A | A request for search or an international type search has been filed | ||
V1 | Lapsed because of non-payment of the annual fee |
Effective date: 20121101 |