US2022067664A1PendingUtilityA1
E-mail message authentication extending standards complaint techniques
Est. expiryMay 9, 2028(~1.8 yrs left)· nominal 20-yr term from priority
H04L 63/08H04L 9/32H04W 12/06H04L 51/04G06Q 10/107H04L 9/3271
63
PatentIndex Score
0
Cited by
0
References
0
Claims
Abstract
A system and method for e-mail authentication. The method includes aggregating a plurality of headers associated with an e-mail message and transmitting the aggregated plurality of headers to a validation service. A validation response is then received from the validation service. The e-mail is authenticated based on the validation response.
Claims
exact text as granted — not AI-modified1 . (canceled)
2 . A computer-implemented method for processing a plurality of email messages corresponding to a plurality of senders, the computer-implemented method comprising:
for each given email message of the plurality of email messages
identifying a FROM: header of the given email message, a domainkeys identified mail (DKIM) header of the given email message, and a corresponding sender from the plurality of senders,
retrieving one or more records associated with the corresponding sender via the Internet, including at least one published domain name service (DNS) record and one or more authentication failure conditions specific to the corresponding sender;
performing multiple authentication checks, wherein the multiple authentication checks comprise comparing content of the FROM: header with a sender policy framework (SPF) entry retrieved as part of the at least one DNS record and a performing an authentication process using the DKIM header and information retrieved as part of the DNS record, and
authenticating the given email message dependent on the performing of the multiple authentication checks and dependent on the one or more authentication failure conditions specific to the corresponding sender; and
for each one of the plurality of senders, generating an authentication report, wherein the authentication report is to identify information, for each one of the email messages corresponding to the one of the plurality of senders where that one of the email messages failed authentication, as to why that one of the email messages failed authentication.
3 . The computer-implemented method of claim 2 wherein authenticating the given email message further comprises:
obtaining instructions designating a sender-specific icon specified by the one of the senders, and
in connection with successful authentication of the given email message, causing visual display of the sender-specific icon in an inbox of a recipient of the given email, in a manner associated with an inbox listing for the given email message.
4 . The computer-implemented method of claim 3 wherein obtaining further comprises obtaining a web link specified by the one of the senders and downloading the icon using the web link.
5 . The computer-implemented method of claim 4 wherein:
the computer-implemented method further comprises, for each one of the plurality of email messages,
accessing at least one record provided by a validation service, and
using the accessed validation record to authenticate the corresponding sender; and
the causing of the visual display of the sender-specific icon is performed dependent on successful authentication of the corresponding sender using the accessed validation record.
6 . The computer-implemented method of claim 2 wherein:
identifying the corresponding sender further comprises
extracting a purported sender identity from a header of the given email message,
transmitting information representing the purported sender identity to a wide area network (WAN) destination, wherein the WAN destination is to screen the purported sender identity to detect a fraudulent sender masquerading as an entity registered in a predetermined database;
receiving a response from the WAN destination which names an entity in the predetermined database, and taking the named entity as the corresponding sender; and
the retrieving of the one or more records, including the at least one domain name service (DNS) record, is performed to obtain a DNS record for the entity named by the response from the WAN destination.
7 . The computer-implemented method of claim 2 wherein:
the comparing of content of the FROM: header with the SPF entry retrieved as part of the at least one DNS record is performed first, relative to performing the authentication process using the DKIM header and the information retrieved as part of the DNS record; and
the authentication process using the DKIM header and the information retrieved as part of the DNS record is performed in a manner dependent on whether the comparing of content of the FROM: header with the SPF entry results in a successful authentication.
8 . The computer-implemented method of claim 2 wherein the computer-implemented method further comprises, in connection with the generating of the authentication report for at least one sender of the plurality of senders:
identifying in the authentication report a first condition of an email message associated with the at least one sender when content of a predetermined header of the email message associated with the at least one sender does not match a specific entry of the DNS record corresponding to the at least one sender, and
identifying in the authentication report a second condition of an email message associated with the at least one sender when the at least one authentication failure conditions specific to the one of the senders is satisfied.
9 . The computer-implemented method of claim 8 wherein the computer-implemented method further comprises sending each generated authentication report to a validation service via a wide area network (WAN), for indirect sharing, by the validation service, of the generated authentication report with a corresponding one of the plurality of senders.
10 . The computer-implemented method of claim 2 wherein generating the authentication report includes identifying an originating IP address for each email message represented in the authentication report.
11 . The computer-implemented method of claim 2 wherein each of the plurality of senders has been validated prior to the performance of the computer-implemented method, and wherein identifying the corresponding sender comprises accessing a list of validated senders and selecting the corresponding sender from the accessed list.
12 . An apparatus comprising instructions stored on a nontransitory computer-readable storage medium, the instructions, when executed, to cause at least one computer to:
for each given email message of the plurality of email messages
identify a FROM: header of the given email message, a domainkeys identified mail (DKIM) header of the given email message, and a corresponding sender from the plurality of senders,
retrieve one or more records associated with the corresponding sender via the Internet, including at least one published domain name service (DNS) record and one or more authentication failure conditions specific to the corresponding sender;
perform multiple authentication checks, wherein the multiple authentication checks comprise performance of a comparison of content of the FROM: header with a sender policy framework (SPF) entry retrieved as part of the at least one DNS record and performance of performing an authentication process using the DKIM header and information retrieved as part of the DNS record, and
authenticate the given email message dependent on the performance of the multiple authentication checks and dependent on the one or more authentication failure conditions specific to the corresponding sender; and
for each one of the plurality of senders, generate an authentication report, wherein the authentication report is to identify information, for each one of the email messages corresponding to the one of the plurality of senders where that one of the email messages failed authentication, as to why that one of the email messages failed authentication.
13 . The apparatus of claim 12 wherein the instructions, when executed, are further to cause the at least one computer to:
obtain instructions designating a sender-specific icon specified by the one of the senders, and
in connection with successful authentication of the given email message, cause visual display of the sender-specific icon in an inbox of a recipient of the given email, in a manner associated with an inbox listing for the given email message.
14 . The apparatus of claim 13 wherein the instructions, when executed, are further to cause the at least one computer to obtain a web link specified by the one of the senders and to download the icon using the web link.
15 . The apparatus of claim 14 wherein the instructions, when executed, are further to cause the at least one computer to, for each one of the plurality of email messages:
access at least one record provided by a validation service;
use the accessed validation record to authenticate the corresponding sender; and
cause the visual display of the sender-specific icon dependent on successful authentication of the corresponding sender using the accessed validation record.
16 . The apparatus of claim 12 wherein the instructions, when executed, are further to cause the at least one computer to:
extract a purported sender identity from a header of the given email message,
transmit information representing the purported sender identity to a wide area network (WAN) destination, wherein the WAN destination is to screen the purported sender identity to detect a fraudulent sender masquerading as an entity registered in a predetermined database;
receive a response from the WAN destination which names an entity in the predetermined database, and taking the named entity as the corresponding sender; and
perform the retrieving of the one or more records, including the at least one domain name service (DNS) record, to obtain a DNS record for the entity named by the response from the WAN destination.
17 . The apparatus of claim 12 wherein the instructions, when executed, are further to cause the at least one computer to:
perform the comparison of content of the FROM: header with the SPF entry retrieved as part of the at least one DNS record is performed first, relative to performance relative of the authentication process using the DKIM header and the information retrieved as part of the DNS record; and
perform the authentication process using the DKIM header and the information retrieved as part of the DNS record in a manner dependent on whether the comparison of content of the FROM: header with the SPF entry results in a successful authentication.
18 . The apparatus of claim 12 wherein the instructions, when executed, are further to cause the at least one computer to:
identify in the authentication report a first condition of an email message associated with the at least one sender when content of a predetermined header of the email message associated with the at least one sender does not match a specific entry of the DNS record corresponding to the at least one sender, and
identify in the authentication report a second condition of an email message associated with the at least one sender when the at least one authentication failure conditions specific to the one of the senders is satisfied.
19 . The apparatus of claim 18 wherein the instructions, when executed, are further to cause the at least one computer to send each generated authentication report to a validation service via a wide area network (WAN), for indirect sharing, by the validation service, of the generated authentication report with a corresponding one of the plurality of senders.
20 . The apparatus of claim 12 wherein the instructions, when executed, are further to cause the at least one computer to identify, in each generated authentication report, an originating IP address for each email message represented in the authentication report.
21 . The apparatus of claim 12 wherein each of the plurality of senders has been validated and wherein the instructions, when executed, are further to cause the at least one computer to access a list of the validated senders, to select the one of the plurality of senders from the accessed list.Cited by (0)
No later patents cite this yet.
References (0)
No backward citations on record.