In the art of checking email for Spam messages, one standard tool that is commonly used is a compiled data list defining user-approved contact email addresses, which is a list commonly known in the art as a whitelist. A whitelist is a list of user contacts typically taken from a user's email address book and used to validate incoming email by comparing the sender (From:) address of the email to the addresses in the list. For example, if an email arrives for the user and the From: address is found in the user's whitelist of trusted contacts, then that particular email is typically allowed through to the user's inbox. If the sender's address is not in the whitelist then some other process may have to be used to make a determination of possible spam.
One drawback to current whitelisting techniques for Spam detection is that Spammers may forge From: addresses to work around white lists. Typically those (spammers) who email large quantities of Spam don't use their actual address as a return address, because their actual addresses may already be suspect.
Given an Email with a From: address, packets in the flow for the email will largely have arrived at the destination by the same path, which path is recorded in headers of the packets, as is well-known in the art. Packets may, in a straightforward process, be checked for delivery path, and delivery data may be extracted and recorded in a variety of ways.
Therefore, what is clearly needed in the art is a method and apparatus for monitoring delivery paths for emails, and using extracted data to provide trust characteristics for paths relative to source data such as From: addresses.