US2019312729A1PendingUtilityA1
E-mail message authentication extending standards complaint techniques
Est. expiryMay 9, 2028(~1.8 yrs left)· nominal 20-yr term from priority
H04W 12/06H04L 51/04H04L 63/08H04L 9/3271H04L 9/32G06Q 10/107
57
PatentIndex Score
0
Cited by
0
References
0
Claims
Abstract
A system and method for e-mail authentication. The method includes aggregating a plurality of headers associated with an e-mail message and transmitting the aggregated plurality of headers to a validation service. A validation response is then received from the validation service. The e-mail is authenticated based on the validation response.
Claims
exact text as granted — not AI-modified1 . (canceled)
2 . A computer-implemented method of processing an e-mail, comprising:
receiving the e-mail from a sender; processing one or more headers of the e-mail to extract information representing the sender; transmitting the extracted information to a validation service, wherein the validation service is to filter the extracted information for one or more spoofed domains and is to return a validation response that identifies a registered sender based on the extracted information, the registered sender representing a legitimate, known entity; retrieving a published domain record of the registered sender; authenticating the e-mail dependent on whether the extracted information corresponds to the retrieved, published domain record; and transmitting a message reporting failed authentication to the validation service dependent on whether the extracted information does not correspond to the retrieved, published domain record; wherein the message is to identify the registered sender, the extracted information, and a reason for failed authentication.
3 . The computer-implemented method of claim 2 , wherein:
transmitting the message comprises reporting via the message a condition where the e-mail originates with a spoofed domain; and the message identifies the spoofed domain.
4 . The computer-implemented method of claim 2 , wherein:
the published record comprises a sender policy framework (SPF) record; authenticating comprises identifying whether the e-mail was sent from a machine specified by the SPF record; and transmitting the message comprises reporting a condition where the e-mail originates with a domain of the registered sender the email but was not sent from the machine specified by the SPF record.
5 . The computer-implemented method of claim 4 , wherein:
the extracted information represents a FROM: header of the e-mail; and determining comprises ascertaining whether the FROM: header corresponds to the machine.
6 . The computer-implemented method of claim 5 , wherein:
the extracted information represents an identified value comprising at least one of a purported responsible authority (PRA) value, a domain keys (DK) value, a domain keys identified mail (DKIM) value and a mail from (MFROM) value; ascertaining comprises determining that the FROM: header does not correspond to the machine, but determining from the extracted information that the e-mail was sent by an entity corresponding to identified value.
7 . The computer-implemented method of claim 6 , wherein:
the extracted information comprises each of the PRA value, the DK value, the DKIM value and the MFROM value; and transmitting the message is performed in response to a determination that the email was not sent by an entity corresponding to any of the PRA value, the DK value, the DKIM value or the MFROM value.
8 . The computer-implemented method of claim 7 , wherein the message further identifies each of the PRA value, the DK value and the DKIM value.
9 . The computer-implemented method of claim 2 , wherein authenticating the e-mail comprises causing an e-mail client of an e-mail recipient to display a confidence icon to the e-mail recipient, the confidence icon to indicate whether the e-mail was successfully authenticated.
10 . The computer-implemented method of claim 2 , wherein authenticating the e-mail comprises causing an e-mail client of an e-mail recipient to display a confidence icon as part of a FROM: field, the confidence icon to indicate that the e-mail was successfully authenticated.
11 . An apparatus comprising instructions stored on non-transitory computer-readable media, the instructions when executed to cause at least one computing device to:
receive the e-mail from a sender; process one or more headers of the e-mail to extract information representing the sender; transmit the extracted information to a validation service, wherein the validation service is to filter the extracted information for one or more spoofed domains and is to return a validation response that identifies a registered sender based on the extracted information, the registered sender representing a legitimate, known entity; retrieve a published domain record of the registered sender; authenticate the e-mail dependent on whether the extracted information corresponds to the retrieved, published domain record; and transmit a message reporting failed authentication to the validation service dependent on whether the extracted information does not correspond to the retrieved, published domain record; wherein the message is to identify the registered sender, the extracted information, and a reason for failed authentication.
12 . The apparatus of claim 11 , wherein:
the instructions, when executed, are to further cause the at least one computing device to report via the message a condition where the e-mail originates with a spoofed domain; and the message identifies the spoofed domain.
13 . The apparatus of claim 11 , wherein:
the published record comprises a sender policy framework (SPF) record; the instructions, when executed, are to further cause the at least one computing device to identify whether the e-mail was sent from a machine specified by the SPF record, and to report a condition where the e-mail originates with a domain of the registered sender the email but was not sent from the machine specified by the SPF record.
14 . The apparatus of claim 13 , wherein:
the extracted information represents a FROM: header of the e-mail; and the instructions, when executed, are to further cause the at least one computing device to ascertain whether the FROM: header corresponds to the machine.
15 . The apparatus of claim 14 , wherein:
the extracted information represents an identified value comprising at least one of a purported responsible authority (PRA) value, a domain keys (DK) value, a domain keys identified mail (DKIM) value and a mail from (MFROM) value; the instructions, when executed, are to further cause the at least one computing device to determine that the FROM: header does not correspond to the machine, but to determine from the extracted information that the e-mail was sent by an entity corresponding to identified value.
16 . The apparatus of claim 15 , wherein:
the extracted information comprises each of the PRA value, the DK value, the DKIM value and the MFROM value; and transmission of the message is performed in response to a determination that the email was not sent by an entity corresponding to any of the PRA value, the DK value, the DKIM value or the MFROM value.
17 . The apparatus of claim 16 , wherein the message further identifies each of the PRA value, the DK value and the DKIM value.
18 . The apparatus of claim 11 , wherein the instructions, when executed, are to further cause at least one computing device to cause an e-mail client of an e-mail recipient to display a confidence icon to the e-mail recipient, the confidence icon to indicate whether the e-mail was successfully authenticated.
19 . The apparatus of claim 11 , wherein the instructions, when executed, are to further cause an e-mail client of an e-mail recipient to display a confidence icon as part of a FROM: field, the confidence icon to indicate that the e-mail was successfully authenticated.
20 . A computer-implemented method of processing an e-mail, comprising:
receiving the e-mail from a sender; processing one or more headers of the e-mail to extract information representing the sender; transmitting the extracted information to a validation service, wherein the validation service is to filter the extracted information for one or more spoofed domains and is to return a validation response that identifies a registered sender based on the extracted information, the registered sender representing a legitimate, known entity; retrieving a published domain record of the registered sender; authenticating the e-mail dependent on whether the extracted information corresponds to the retrieved, published domain record; and transmitting a message reporting failed authentication to the validation service dependent on whether the extracted information does not correspond to the retrieved, published domain record; wherein
the published record comprises a sender policy framework (SPF) record,
authenticating comprises identifying whether the e-mail was sent from a machine specified by the SPF record, and whether the e-mail was sent from an entity represented by at least one of purported responsible authority (PRA) value, a domain keys (DK) value, a domain keys identified mail (DKIM) value and a mail from (MFROM) value, and
the message is to identify the registered sender, the extracted information, and a reason for failed authentication.
21 . The computer-implemented method of claim 20 , wherein:
transmitting the message comprises reporting via the message a condition where the e-mail originates with a spoofed domain; and the message identifies the spoofed domain.Cited by (0)
No later patents cite this yet.
References (0)
No backward citations on record.