JP2004523012A - A system to filter out unauthorized email - Google Patents

Abstract

A system for excluding unauthorized e-mail sent to a user in a network is provided. The system includes a network and a user. An e-mail receiving server (104) connected to an e-mail client (101) of a user who receives an e-mail transmitted to the user, and the address of the sender is set to an "authorized sender" list ( Emails that do not match any of the sender's addresses stored in the (ASL list) are rejected. The ASL list is stored in the ASL manager (211) in the ASL database (203a) available with the spam processing module. The redirector module (202) rejects the e-mail for sending a confirmation request to the spam processing module if the sender's address does not match any authorized sender address in the ASL list. . The email rejected by the redirector module is forwarded to a web-based message module (WBM) (204, 205), which sends a message to confirm that the sender is a valid email sender for the recipient. To the sender. If the sender logs on to confirm status, the WBM module performs an interactive procedure that can only be performed by humans to ensure that the confirmation action is not performed by a mechanical program. The ASL Manager can collect senders from the analysis of various email usage sources, including emails sent, emails received, contact lists saved by users, user preferences, third party programs, etc. Manages ASL list based on address data.

Description

[0001]
TECHNICAL FIELD OF THE INVENTION
The present invention relates to a system for rejecting unwanted email, and more particularly to a system that must identify all email as being sent by an authorized sender in order for the email to be accepted.
[0002]
[Prior art]
Unsolicited or unauthorized e-mail (eg, junk e-mail) is a significant source of trouble for users of global networks, such as the current public Internet. Once a person's e-mail address is known in the network system, it is easily copied in a computerized list, and the user is not authorized to send e-mail or is not It can be sent electronically to unlimited people who are not rare.
[0003]
The user's e-mail box may be flooded with e-mail without such authorization. Unauthorized or unsolicited e-mail is commonly referred to in the industry as the word "spam," a popular word sold by Homel under the trademark "Spam." It is not reminiscent or detrimental to some meat canned products. The user will have a predetermined e-mail address for a commercial information service provider (ISP) service, but the service of the provider will limit the amount of e-mail that can be accepted and / or stored, or the amount of e-mail received To the user. Users also waste significant time opening and re-viewing such unwanted emails. Unauthorized emails can also infect a user's computer system or use a virus or virus that can be used as an unauthorized point to enter a local network that handles user emails. It will be sent by an unscrupulous person who encloses the harmful software agent in the email.
[0004]
[Problems to be solved by the invention]
All, if not most, modern software for managing spam reception is based on using a known list of spam sources or a list of spammers (spammers). Such conventional spam management software operates based on receiving all email as legitimate if the sender is not identified as being on an exclusion list and the email can pass the filter.
[0005]
While this method is good only as a confirmation list, it cannot guarantee that users will not receive spam. Spammer lists must be updated frequently and spam management software or services must be distributed to all subscribers in a timely manner. Familiar spammers can frequently change their source internet addresses and break attempts to keep the exclusion list up to date. They can also send unsolicited e-mail through another organization's Internet server to pass through as harmless or spoof the source of the e-mail with a widely recognized name. The user's email address will also be known to many people in public chat rooms or public bulletin boards. Unsolicited emails sent by individuals do not leave a footprint on the spammers list, as sending emails by individuals is not technically spam.
[0006]
Therefore, a first object of the present invention is to change the source address frequently, or by spammers sending e-mails through other servers to disguise them, or not requested or authorized by the user An object of the present invention is to provide a spam management system that cannot be broken by sending an e-mail by an individual. In particular, it is an object of the present invention that the system rejects all e-mail as unauthorized unless the sender is deemed to be on the user's acceptance list.
[0007]
[Means for Solving the Problems]
In accordance with the present invention, a system for rejecting unauthorized email sent to a user in a network comprises:
(A) an email client addressed to the user's particular email address and for delivering to the user the receipt of an email sent over the network;
(B) an e-mail receiving server connected between the network and an e-mail client for receiving e-mail addressed to a specific e-mail address of the user, the authority to send e-mail to the user; An e-mail receiving server having an authorized sender list (ASL) module for storing an ASL list of e-mail addresses of external users given the
(C) if the sender's e-mail address is not stored in the ASL list for the user, together with an ASL module for refusing to receive e-mail sent to the user's e-mail address Operable email rejection module.
[0008]
In a preferred embodiment, the ASL module of the system checks the ASL list for a match with an ASL database for storing an ASL list of authorized sender addresses for each subscriber of the system. And an ASL manager for creating, maintaining and updating ASL lists. The redirector module rejects the email with respect to sending a request for confirmation to the spam processing module if the sender's address does not match any authorized sender address found on the ASL list. I do. Email rejected by the redirector module is forwarded to a web-based messaging module (WBM), which notifies the sender to confirm that the sender is a legitimate email sender to the recipient. Send If the sender logs on to check the status, the WBM module performs an interaction procedure that can only be performed by humans to ensure that the checking action is not performed by a mechanical program. The ASL Manager can collect senders from the analysis of various email usage sources, including emails sent, emails received, contact lists saved by users, user preferences, third party programs, etc. Manages ASL list based on address data.
[0009]
The invention includes software components that enable performing these functions as well as related methods for performing the above functions.
[0010]
BEST MODE FOR CARRYING OUT THE INVENTION
Hereinafter, other objects, features, and advantages of the present invention will be described in detail with reference to the drawings.
[0011]
Unlike existing spam management approaches that receive all e-mails, unless they are listed on the exclusion list as not authorized, the basic principle of the present invention is that If it is not listed in the inclusion list, reject all emails. In this way, it is possible to exclude emails sent from unauthorized spammers, as well as individuals sending emails that the user does not want. Unlike known email filtering systems, the present invention does not attempt to filter out unwanted email after it has been received. Rather, it completely rejects the email at the earliest entry level. Thus, the present invention assumes that a user treats an entire email as unauthorized unless the sender is found on the "authorized senders" list in order to receive the email. Will be implemented. This means that spammers can immediately change their source address or apparent identity, and individuals in public can obtain and ask for other users' email addresses. Provide an inherently powerful and 100% effective spam management solution in an environment where no e-mail can be sent.
[0012]
The following is a detailed description of one preferred embodiment of a system for implementing the concepts of the present invention. In this embodiment, the spam management system is based on a continuous analysis of the user's email usage, such as to whom and how often the outgoing email was addressed to other users, and based on the user's known List of "authorized senders" by collecting high-level user contact data, such as lists showing contacts or people maintained by the user and deemed authorized, or peers identified in the file Clarify intelligently. The list of "authorized senders" can also be updated and processed at any time by the user to add or remove authorized senders. Become. Although certain components are provided and configured to work together in a manner described and described using this particular implementation, the full scope of the invention is to be understood by other suitable It should be understood that variations and modifications are included.
[0013]
FIG. 1A is a block diagram of a standard e-mail system for e-mail sent and received over the Internet, and is used to describe a conventional method for filtering e-mail from spammers. The system follows standard industry protocols for processing electronic mail over the Internet and is called SMTP. Users typically subscribe to Internet access and related services, including email services, with the ISP of choice. The user accesses the Internet through the ISP using a dial-up or high-speed line connection and a standard browser. The browser may be a standard such as the Outlook ™ email client distributed by Microsoft, headquartered in Bellevue, Washington, or the Netscape ™ email client distributed by AOL / Netscape, headquartered in Fairfax, Virginia. And works with it. The ISP works on the Internet at the address of a website that corresponds to a domain name that can be addressed by the user. The service function of the ISP works for many subscribers through one or more servers. Generally, email server 102 is used to handle email service functions. E-mail sent from the Internet to the ISP is received by the SMTP server 102b, which performs various administrative functions such as whether the address is an authorized subscriber of the ISP, and the e-mail is sent to the ISP. It is placed in a storage space reserved for the user, called box 102a. Users can send e-mail by creating their respective e-mail with their e-mail client and uploading it to the SMTP server 102b at the ISP that sends the e-mail to the recipient on the Internet. .
[0014]
Traditional anti-spam management could be implemented with an SMTP server and / or email client. Many ISPs implement an exclusion list of spammers known at the SMTP server. In addition, these ISPs allow users to generally filter out unwanted emails from certain senders they know. For example, the user's email client may allow the user to enter an email sender address that does not require the SMTP server to reject the email before the email received by the SMTP server enters the user's inbox. Elimination function. In addition, independent software companies sell sophisticated e-mail processing programs that work with the user's e-mail client. For example, some processing programs have the ability to categorize received e-mails into item file folders, and e-mails from unauthorized senders may be "other" or "authorized". Not in the file folder.
[0015]
FIG. 1B shows a conceptual overview of the system according to the invention. As before, a standard e-mail client 101 is connected to an e-mail server 104 for sending e-mail to the Internet via an SMTP server 104b and inbox 104a, and receiving e-mail from them. However, with this modified email server 104, an authorized sender list (ASL) manager obtains the recipient's email address from the email sent by the user, as shown in block 105. Similarly, the sender's email address is obtained from the email sent to the user as shown in block 106. The ASL manager analyzes the obtained sender and recipient email addresses and adds the email address or removes the address from an "authorized sender" list called the ASL list or ASL database. To do so, it uses certain predefined rules (described in detail below). As indicated by block 107, all other emails are rejected as "unauthorized" while the ASL list receives emails only from senders on the ASL list, It is then used by the SMTP server 104B to put the received e-mail into the user's inbox 104a.
[0016]
Referring to FIG. 2, the flow to the operational steps of the spam prevention system of the present invention will be described. Certain terms used in the description are defined as follows.
[0017]
Spam cap: an example of the spam management system of the present invention
Subscriber: A person who subscribes to the ISP email service using the spam management system of the present invention.
Friend: an email sending source authorized by a spam management system to send email to subscribers
Spammers: E-mail sources that are not allowed to send e-mail to subscribers, such as manuals or computerized e-mail list mailing programs that repeatedly send large amounts of e-mail through the Internet. It is generally understood that you are using unknown or unknown or unauthorized parties.
Contact: An email transmission source that has been identified by the system as a subscriber's legitimate communicator is allowed to send email to the subscriber by the system.
Suspect: email source not yet identified as either a spammer or contact
[0018]
E-mail sent from the Internet (103) is sent to the ISP e-mail address in block 201, called the spam-cap e-mail address (SKE), for the subscriber. The received e-mail must first pass through the redirector 202. The redirector 202 must send a request for confirmation for email from a spam processor 203 that contains an authorized senders list (ASL) 203b and maintains a spam database (SPDB) 203a. SPDB databases and ASL lists are central to spam caps because they contain a list of people authorized to send email to each subscriber of the system. The spam processor 203 responds with either an email address that is not authorized on the ASL list, ie, a spammer, or an authorized address on the ASL list, ie, a friend. Send If the response is a spammer, as shown in block 204, a redirector 202 sends a standard error message to the sending server, e.g., that the user written to the address does not exist, Reject the email.
[0019]
As an improvement to the system, the web-based messenger (WBM) process at block 205 may be implemented if the rejected email is from a person who is not authorized but is not listed as a spammer on the ASL list. , Can be set up to provide amendment procedures. The unauthorized email would not actually come from a person who was previously processed in the anti-spam system, but from a person who has a legitimate reason to reach the subscriber. The WBM process 205 is set up as part of a spam management system to which emails are forwarded. For rejected email recipients, the WBM process assigns an ID code and expiration date for each email and stores it in the WBM database. The WBM process then sends an error response email to the email sender that is now being treated as a suspect. For example, the error message is:
"Email you sent to your address was rejected by this site as being sent from a sender address that was not authorized to be the source of spam emails. If you would like proof that you have a legitimate reason to send your email to, go to the WBM site and check your status as a contact. "
[0020]
The WBM may have a separate website address for interaction with the suspect, or may be set up to receive and recognize email responses from the suspect. If a suspect receives an error response email, if they are legitimate contacts for the subscriber, they may choose to go to the WBM site or send a response email to identify themselves as legitimate contacts. If performed before the expiration date, the WBM process adds a special codeword, such as "contact", to the subject field of the forwarded email, as shown in block 206, and is authorized. Retransmit the e-mail to the sender mailbox (ASM) 209. The sender address of the email retransmitted via this process is also stored (as indicated by the line connected to block 210) and the ASL manager 211 should upgrade the status of the suspect to a friend, and Registered for further analysis to determine if it should be added to ASL 203b. If the suspect does not respond, this fact is also sent to the ASL manager for further analysis. Spammers use automated programs to send batch emails, then spend human response time to log on to regular WBM sites or send answer emails to confirm their legitimate status The additional confirmation step can effectively eliminate spammers.
[0021]
If the spam processor sends an acknowledgment that the sender is a friend, the redirector 202 checks the status of the subscriber and saves the e-mail in the subscriber's inbox, ASM 209. Send an e-mail to an SMTP reception manager such as Thus, the user can collect his e-mail from the ASM inbox (using standard Internet protocols such as POP3 or IMAP4) through the user e-mail client 101 on his computer. All email from senders who are not recognized as authorized to the system has been rejected, so that the user's email is 100% free of spam. Similarly, the SMTP reception manager registers the reception information of the e-mail from the friend, and transmits the e-mail to the ASL 203b for further analysis.
[0022]
The user sends the e-mail created and transmitted on the e-mail client 101 via the standard SMTP protocol to the e-mail server of the ISP. The ISP's SMTP server is responsible for providing the user with the e-mail address in the system and sending the user's e-mail to the recipient's e-mail address on the Internet in the spam cap system. , Is provided to intervene in the normal e-mail transmission process. The SMTP transmission manager 212 copies header information from all outgoing emails, sends the data to the ASL manager 211, and sends the email to its intended destination. ASL manager 212 performs one of the key functions in the present invention. This manager analyzes the headers of emails sent and data from other data sources 213 maintained by the ISP email server system, such as email logs and lists provided to the user. Based on its analysis routine (described in more detail below), the ASL manager 211 is authorized to examine and populate the SPDB database and ASL list, and to send email to email addresses and subscribers. Update with other data about the sender. The spam cap system also includes a user retention module (UMM) 214 that interacts with the user information and uploads the information to the spam cap to further improve spam cap email operations for the user.
[0023]
3A and 3B show a standard SMTP email sending process (prior art) in comparison to the modified email sending process used in the present invention. As shown in FIG. 3A, in a standard e-mail transmission process, the e-mail sent from the user's e-mail client to the ISP's e-mail server is checked for correct syntax, alias expansion, etc. and the recipient e-mail address ( Pre-processing, possibly one or more), such as checking to verify the list. The server email manager sequentially obtains each recipient email address, sets up a connection with the destination SMTP server, and attempts to prove that the recipient email address is correct. If the negotiation is not successful, an error message is returned to the sending SMTP server. If the negotiation is successful, the sending server sends the message body to the destination server and performs an appropriate "close connection" operation. As shown in FIG. 3B, in the modified e-mail transmission system of the present invention, the e-mail transmitted from the client is pre-processed, the recipient is confirmed, and the connection with the destination server is normally attempted. . For successful negotiations, the spam-cap SMTP transmission manager 212 copies the successful recipient email address and sends the data to the ASL manager 211. With the assumption that the subscriber is authorized by the subscriber to receive e-mail from anyone who has sent the e-mail, the appropriate e-mail address of the person to whom the e-mail has been sent will be Is added to the ASL list of the person authorized to send e-mail to the person. The transmitted e-mail data may, for example, promote the person's authorized status from a temporary status to a permanent status if more than one email is sent by the subscriber to the same person. Used for further analysis by the ASL manager.
[0024]
4A and 4B show a standard SMTP email receiving process (prior art) in comparison to a modified email receiving process used in the present invention. As shown in FIG. 4A, in a standard email receiving process, an email is received by a SMTP server from a sender source over the Internet, and the server stores the email in the user's inbox. As shown in FIG. 4B, in the modified e-mail receiving process of the present invention, the received e-mail is redirected to determine whether the sender's address is that of an authorized person on the ASL list. It is subjected to processing by 202. If so, the SMTP server sends the e-mail of the sender's address in the address registration step 210 for the SMTP reception manager 208 to send to the ASL manager 211, and then sends the user's Keep the email in your inbox. Even if the sender is already on the ASL authorization list, the received e-mail data will not be changed if the authorized person's e-mail is received on the fly and not modified by the user, for example. Used for further analysis by the ASL manager, such as promoting a given status from a temporary status to a permanent status.
[0025]
FIG. 5, which is a flowchart of the process, illustrates the operation of the spam processor 203. Block 501, a request from the call routine of the redirector 202, seeks authentication regardless of whether the email came from an authorized sender. This request identifies parameters from whom and to whom the email is sent. Spam processor 203 uses the destination address to look up the user's ASL list 203b in SPDB database 203a, as shown in block 502. The lookup procedure reads the next ASL record on the user's ASL list, checks for a match from the email source address (authorized person), and if there is no match for the correct record, The next record is read, and if a match is found, a match is performed by issuing a TRUE VALUE, as shown in block 504, otherwise returning for the next record. The process proceeds along a loop 503. In block 505, if a value is issued, the output value is set to the friend in block 505. If the value is not issued after the entire list has been processed, the value is output to the spammer. The function of setting the value is performed. At block 506, the return value is sent as a message to the calling routine, i.e., redirector 202. If the return value is a spammer, a standard error message is included. As a default option, if an ASL for the user is not found, the system may temporarily receive e-mail until an ASL list has been created for the user, and the system sets the friend value as shown in block 507. Return to The request processing routine is executed using the industry standard PERL programming syntax, incorporating a PERL interpreter to execute the processing rules.
[0026]
In FIG. 6, the process flow illustrates the detailed operation of a web-based messenger (WBM) routine for handling an email rejected by the redirector 202 (see FIG. 2). The WBM process is performed through interaction with the rejected sender at another website address. Corresponding to step 204 of FIG. 2, in phase 1, the WBM process is initialized at block 601 with ASL rules that return a value to reject the email as sent from redirector 202. At block 602, a unique ID number is assigned to the email in the WBM database and has a fixed expiration date, such as 48 hours. At block 603, a return message is added to the spammer's email body along with the unique ID code to notify the spammer to go to the WBM web page if they wish to continue contacting the subscriber. Will be sent to your email address. Then, as shown as Phase 2, the WBM waits for the Smapper to go to the WBM site to complete the process. At block 604, the spammer accesses the WBM website and agrees with the terms and conditions displayed for the term. At block 605, the WBM process verifies that the response time to the email corresponding to the spammer has not expired. The WBM then follows the test process to ensure that the responding spammer is not being executed by a mechanical program. For example, at block 606, the non-standard font style words are displayed as graphic images, and at block 607, prompt the spammer to type the words that appear in the graphic. A mechanical program would not be able to read a graphic image of an unidentified font word.
[0027]
At block 608, if the WBM process determines that the correct word has already been typed, the status of the spammer is promoted to a suspect on the user's ASL list. At block 609, the WBM process presents a form that allows the suspect to enter a short message to send to the subscriber. For example, the suspect may require the subscriber to confirm that the anti-spam management device has been updated to be able to send email. At block 610, e-mail by sending directly to the ASM e-mail box for the subscriber, along with changes to the header containing the codeword or flag, such as adding the word "contact" to the subject field. And a message is sent. The codeword is identified in the ASM email registration step in FIG. 2 to distinguish the forwarded email from other emails that have been determined to be authorized emails. Next, at block 611, the subscriber can now read the suspect's email. If the subscriber sends a response to the e-mail, the status of the suspect is automatically promoted to a friend via UMM 214, or the subscriber passes the status to the friend via interaction with the ISP e-mail server. Upgrade manually. At block 612, if the e-mail is determined by the subscriber to be e-mail from someone to be rejected lacking the WBM error response option, the subscriber may optionally, via the UMM 214, permanently Downgrade your status to a spammer.
[0028]
The block diagram of FIG. 7A illustrates a standard SMTP send and receive email processing process (prior art) in comparison to FIG. 7B which shows a modified redirector process for processing received email. In a standard process, the sending SMTP 701 requests a connection to the receiving SMTP 702 to respond to the connection if available. The sending SMTP then performs work in its outgoing email loop that sends it to the recipient's email address. At block 703, the sending SMTP verifies or denies whether the recipient exists or if it has the authority to process the e-mail for that user. If confirmed, the sending SMTP sends the message body, indicating the end of the message. At block 704, the receiving SMTP receives the message body and sends it to the recipient's (or recipients if one or more emails were sent at the SMTP server address) email box.
[0029]
In FIG. 7B, the sending SMTP 701 and the receiving SMTP 702 perform their own normal connection settings and check for a valid recipient email address. However, in a modified process performed in connection with the spam processor 705, the sender's source address is stored by the spam processor for later use, as shown in block 706. At block 707, the sender's source address and the recipient's destination address are sent to the spam processor 705 in response to a confirmation request from the previously described redirector. After examining the recipient's ASL list to determine if the sender is authorized at block 708, the spam processor returns to the friend's response or sapammer's response with an accompanying error message. If the response is a friend, the output is sent to the sending SMTP, confirming that the email can be received, and the email is sent to the receiving SMTP as usual. At block 709, the recipient SMTP may place the email in the recipient's mailbox and, if denied, include a message noting that the sender is authorized on the ASL list as one of his friends. If the response is a spammer, an error message is returned to the sending SMTP that the recipient does not exist or that the receiving SMTP is not authorized to receive the email. Optionally, if the response from the spam processor indicates that the sender's status is an unknown sender (as opposed to having the verified status of the spammer), optionally, the receiving SMTP Send the email via the WBM process as previously described (as shown in block 710).
[0030]
In FIG. 8, a schematic diagram shows the structure and operation of the ASL manager previously described as a component (ASL manager) 211 with reference to FIG. Preferably, the ASL manager comprises an ASL on-demand processor 801 and an ASL scheduler processor 802 that interact with the ASL rules processor 803 and exchange data with the spam processor database (SPDB) 203a. The email address sent to and received from the SMTP transmission manager 212 and the SMTP reception manager 208 are processed by the ASL on-demand processor 801 which executes the appropriate rules in association with the ASL rule processor 803. It can also process content from a variety of other sources, including various third-party plug-ins, create, populate, and update ASL lists stored in SPDB 203a. For example, content may be added by a user to a desktop contact manager, such as Microsoft Outlook ™ Address Book, by inputting a user address while working with an e-mail client, or entering a user address from a website while working with an associated browser. The received address, or other contact list, may be received from a "drag and drop manager" to preferably handle other address inputs generated by third party software while working with the user's client program.
[0031]
ASL scheduler processor 802 is used to perform scheduled tasks for various analysis and maintenance functions. This allows for an extremely rich search by constantly improving the "authorized senders" list of subscribers' ASL lists, mail logs, and other data files for accuracy and validity. For example, the processor function may include an ASL email log analyzer for analyzing an ASL email log database 803a of emails sent and received by the subscriber, to downgrade the authorization status of senders with whom the subscriber frequently communicates. Or expiration date analyzers to eliminate, high-level analyzers to upgrade or permanently mark the authorization status of senders whose subscribers are communicating frequently, friends or spammers based on various factors A fuzzy logic analyzer for making qualitative decisions and other third party analyzers for analyzing data generated by third party plug-ins and programs to improve the ASL list can be included.
[0032]
ASL rules processor 803 contains rules (in the ASL manager rules database) that determine how to add, update, and modify the ASL list maintained by SPDB database 203a. The rule processor may have an architecture that accepts and interoperates with third party databases 803b and application programs 803c using the collective power of developers in the network communication industry to improve and extend the spam cap system. it can. The ultimate result of this architecture is the creation of extremely rich and highly detailed ASL databases that users will need beyond and beyond the elimination of spam emails for dynamic and intelligent processing of emails. Enable.
[0033]
FIG. 9 shows a detailed implementation of an example of processing user contact data into a specific form of sending / receiving email and the actions performed by the ASL manager. The basic flow consists of a step 901 comprising a loop through each line of an ASL list (called a table) that compares the source addresses obtained from the incoming emails for a match decision, Or determining if the status flag is set, executing the corresponding state rule maintained on the table, returning 902 the return value, and the corresponding state indicated on the condition table based on the return value It consists of a step 903 which executes the rule and persists with the final return value from this action. To follow one example of going through this process flow, step 901 includes a sender address john @ home. com, and step 902 notes the expiration state "before 12/1/2003" and returns a condition of "TRUE" if today's date is within the indicated expiration date. Performing the "previous" state on the table, step 903 notes (if the state is TRUE) that the sender status action is friend, and (unnecessary element) returns the friend's final Perform a "friend" action on the action table to return the target return value.
[0034]
The specific programming syntax or execution logic of ASL manager rule processing can be changed in any suitable way, depending on the developer of the spam processor application. The following examples of some options illustrate a wide range of approaches that can be used.
[0035]
Match email address or address pattern
(A) Default: exact match
(B) Special e-mail address: john @ company. com
(C) UNIX standard wildcard matching
-Microsoft. com = any one from “Microsoft.com”
Microsoft = any of Microsoft in it
• mil = any e-mail from the military
(D) Consistency with the known "black hole list" by using the% BLACKHOLE% symbol
If match is TRUE, use conditions and parameters to execute
Use second action and parameters to execute if condition is TRUE
Use last date subscriber sent email to this address
Use the last date email was sent to the subscriber's address
Use the date the record was created
Examples of conditions that can be used
(A) Expiration date: Use the address given by 2/12/2004
(B) Date range: Use addresses given from 4/1/2004 to 5/2/2004
(C) Specific repetition time: the first week of every month at another time, for example, newsletter @ magazine. com
(D) Links to external software designed to take into account additional user-defined criteria; this takes third-party applications into account.
[0036]
Example of a message invoked by a given secondary action
(A) Standard "error"
(B) Custom with a variable alternative sentence in the message body. For example
% Username% is substituted with the sender's email address
% Subid% is the subscriber's ID code
% Date% is today's date
(C) "Hello,% user name%, .http was you are identified as spam: Go to /www.spamkapu.com/subscriber=%subid%, we are you if you are really people Welcome you. "
(D) Custom text: "Unconditionally reject all email addresses from US Online."
(E) Send a predetermined message in the error response
(F) Send a predetermined e-mail as an e-mail
(G) Open the file and send its contents by e-mail
(H) Open the file and send its contents as an error response
(I) Set sender status to spammer or friend
(J) Create a unique ID that expires after a short period (24-48 hours). This ID is used by the suspect to access the WBM and become a contact.
(K) Give SMTP default error message
(L) Link and execute external software designed to take into account additional user defined actions.
[0037]
【The invention's effect】
In sum, the present invention provides a spam email rejection method that analyzes the sender address of incoming emails and determines whether to reject or receive according to a controlled list of authorized senders. This is a significant development from existing anti-spam processing systems that receive all emails in an attempt to remove only emails with sender addresses that are recognized as known spammer addresses. The method of the present invention does not remove unauthorized email, but rather rejects all email except authorized ones. The ASL manager in the system obtains and analyzes sender and recipient usage patterns for outgoing and incoming emails to improve the "authorized senders" list. Analysis of this data provides a solid basis for rule-based decisions on whether a sender address is considered to be a spammer. This data creates a list of "authorized senders" of friends, as opposed to a list of known spammers, whereby unsolicited or unsolicited emails are sent to subscriber emails. You will never get to the box.
[0038]
It is understood that many other modifications and variations are possible in light of the above description of the teaching principles of the present invention. All such modifications and variations are considered to be within the spirit and scope of the invention, as defined by the following claims.
[Brief description of the drawings]
FIG. 1A shows an overview of a system according to the invention; FIG. 1B shows a standard Internet e-mail system using a conventional method for eliminating e-mail from spammers (prior art) compared to FIG. 1B. FIG.
FIG. 2 is a flowchart illustrating the best mode of a spam prevention and management system of the present invention.
FIG. 3A is a block diagram showing a standard SMTP email sending process (prior art) compared to FIG. 3B showing a modified email sending process according to the present invention.
FIG. 4A is a block diagram illustrating a standard SMTP email receiving process (prior art) compared to FIG. 4B illustrating a modified email receiving process according to the present invention.
FIG. 5 is a flowchart illustrating a spam prevention function of processing a routine in the best mode for carrying out the present invention;
FIG. 6 is a flow diagram illustrating the detailed processing of a web-based messenger (WBM) routine for processing an email initially rejected by the spam prevention and management method.
FIG. 7A is a block diagram illustrating a standard SMTP send / receive email processing process (prior art) compared to FIG. 7B showing a modified redirector process for processing received email.
FIG. 8 is a schematic diagram showing the structure and operation of an ASL manager in the best mode for implementing a spam management system.
FIG. 9 shows a detailed implementation of an embodiment relating to the processing of outgoing / incoming e-mails and user contact data for a specific form of operation performed by the ASL manager.

Claims (20)

Operable with an e-mail receiving server (104) connected between the network and an e-mail client (101), to filter out unauthorized e-mails sent to the user over the network and to provide the user with a unique A system for receiving email addressed to a unique email address,
(A) having an authorized sender list (ASL) module (203, 211) that maintains an ASL list (203b) of email addresses of senders authorized to send email to users; An e-mail receiving server,
(B) if the sender's email address is not maintained on the ASL list for the user, with the ASL module (203) for rejecting the receipt of email addressed to the user's email address; An operable email rejection module (202);
A system comprising: An ASL database (203b) storing an ASL list of authorized sender addresses for each subscriber of the system;
A spam processing module (203) for checking the ASL list for matches;
And
An ASL manager (211) that creates, maintains and updates ASL lists;
The system of claim 1, comprising: The e-mail rejection module (202) receives an e-mail transmission message indicating the sender's source address, indicating the destination address of the recipient, and transmitting the intended recipient to the sender's source address. A request for confirmation is sent to the spam processor module to determine if the destination address matches the authorized sender address maintained on the corresponding ASL list, and the authorized sender address 3. The method according to claim 2, wherein if a match is found, the e-mail is received, and if no match with the authorized sender address is found on the ASL list, the e-mail is rejected. system. A web-based message (WBM) module that forwards the rejected email and sends the message to the sender's address to verify that the sender is the legitimate sender of the email for the intended recipient The system of claim 3, further comprising: The WBM module includes another web site where the notified sender can log on and verify that the sender is a legitimate sender of the e-mail via an interaction that can only be performed by a person. The system according to claim 4. The interaction is performed by a mechanical program by including displaying a graphic image of the word in a non-standard font and inputting a word corresponding to the graphic image of the word by the user. 6. The system according to claim 5, wherein the system is adapted to confirm that the request has not been made. Once the sender has been identified as a legitimate sender of the email for the intended recipient user, a code indicating that the email was rejected by the redirector module but was validated by the WBM module 5. The system of claim 4, wherein the WBM module sends an email to an email user's email box. 4. The system of claim 3, further comprising: an e-mail receiving manager for obtaining a source / destination address of the e-mail sent from the e-mail client and sending it to an ASL manager for later analysis. 3. The system of claim 2, further comprising an email sending manager for obtaining a source / destination address of the email sent from the email client and sending it to an ASL manager for later analysis. The ASL manager can control incoming mail, outgoing mail, user input to the email service function for the email client, input from the user browser of the website, user desktop organizer, other contact lists, and third party A rule processor for processing a predetermined address collection rule, updating an ASL list using data obtained from one e-mail address source selected from a group of e-mail address sources consisting of a plurality of address program inputs. Item 3. The system according to Item 2. ASL Manager obtained from one analysis source selected from the analysis group consisting of User Email Registration Analysis, Expiration Date Analysis, Low / High Email Volume Analysis, Fuzzy Logic Analysis, and Third Party Data Analysis The system of claim 2, wherein a rules processor is maintained for processing predetermined analysis rules that update the ASL list using the data. ASL Manager always status authorized as friend, status authorized as friend within date range, status authorized as friend before expiration date, and always rejected as spammer An ASL list indicating one sender address status selected from a group of statuses, a status rejected as a spammer matching the blacklist, and a status rejected as a spammer sent with the error message. 3. The system of claim 2 for maintaining. (A) maintaining a sender list (ASL list) authorized to send e-mail to the user and authorized to the e-mail address of the external user;
(B) refuse to receive emails sent to the user's email address if the sender's email address is not maintained on the ASL list for the user;
A method of filtering unauthorized emails addressed to a user's unique email address and sent to the user over a network. Further forwarding the rejected email to a website for sending a message notifying the sender to the intended recipient to confirm that the sender is a legitimate sender of the email. The method according to claim 13, wherein 15. The method of claim 14, further comprising performing a human-only interaction with the notified sender at the website. Maintaining the ASL list includes sources such as incoming mail, outgoing mail, user input to the email service function, input from the user browser of the website, user desktop organizer and other contact lists, and third party address program input 14. The method of claim 13, comprising updating the ASL list with data obtained from any of the following. Maintaining the ASL list uses data obtained from analysis of any of the following factors: user email registration analysis, expiration date analysis, low / high email volume analysis, fuzzy logic analysis, third party data analysis 14. The method of claim 13, including updating an ASL list. In an e-mail server system, which eliminates e-mails sent over the network and not authorized to be addressed to a unique e-mail address for users of the system,
(A) a sender list (ASL) module (203, 211) authorized to maintain an ASL list of email addresses of senders authorized to send email to users;
(B) an email rejection module (202) operable with the ASL module to reject email recipients addressed to a user's email address;
An e-mail server system comprising: The ASL module includes, for each subscriber of the system, an ASL database that stores an ASL list of authorized sender addresses, a spam processor module that checks the ASL list for matches, and creates and maintains an ASL list. 20. The e-mail server system according to claim 19, further comprising an ASL manager for updating. Receiving an e-mail transmission message indicating the sender's source address and the recipient's destination address, and the sender's source address on the ASL list corresponding to the intended recipient's destination address Sends a request for confirmation to the spam processor module to determine if the retained authorized sender address matches, and if a match is found with the authorized sender address Further comprising an e-mail rejection module for receiving an e-mail and rejecting the e-mail if no match with the authorized sender address is found on the ASL list. The electronic mail server system according to claim 19.

Images