The present disclosure relates generally to message management, and more specifically to using a secure identifier to identify a source of messages to prevent spoofing.
Email is a common form of message-based communication between devices connected via a computer network, such as the Internet. Email messages can include several components, such as a message body and message header. The message header can include fields that identify metadata associated with the message, such as a sender email address, a recipient email address, a time stamp, subject, etc. Messages are typically transmitted over the computer network using a transport protocol, such as the Simple Mail Transfer Protocol (SMTP). A message can be drafted by a user on a user device, such as a computer, smart phone, tablet, or other communication device, in an email client. The email client can communicate with an email server to send and receive messages using an access protocol such as the Post Office Protocol (POP) or the Internet Message Access Protocol (IMAP). Messages are sent using email addresses which identify recipient user(s) and domain name(s) and the sending user. Messages can be stored remotely at an email server, locally on a user device, or in multiple locations.
Spoofing of a source of a sender generally refers to a method of forging the source of data to conceal the identity of the sender or to impersonate a sender. In the context of email messages, email spoofing can include changing the contents of header fields to make it appear that an email was received from a different email address than the actual sender's address. Spoofing presents a security risk, as a malicious user may be able to gain access to an otherwise protected system by appearing to be a known or otherwise authorized user.