The present invention is directed, in general, to cryptographic techniques for electronic communications and, more specifically, to a system and method for secure classification of electronic mail.
In recent years, the availability of more efficient, reliable and cost-effective computers and networking tools has allowed many companies and individuals (collectively, xe2x80x9cusersxe2x80x9d) to become involved in an ever-growing electronic community. The immeasurable gains in technology experienced by the computer industry overall have allowed these users to rely on commercially available computers, such as personal computers (xe2x80x9cPCsxe2x80x9d), to meet their information processing and communication needs. To that end, PC manufacturers allow users to equip most PCs with an interface (such as a modem) that may be used for communication over networks, such as the Internet. The Internet is a well-known collection of networks (e.g., public and private voice, data, video and multimedia networks) that cooperate using common protocols to form a worldwide network of networks.
Cooperation often includes the communication of electronic mail (xe2x80x9ce-mailxe2x80x9d) from one user (a xe2x80x9csenderxe2x80x9d) to another (a xe2x80x9crecipientxe2x80x9d). One conventional e-mail protocol employed over the Internet, Standard Mail Transfer Protocol (xe2x80x9cSMTPxe2x80x9d), mandates that each e-mail message body have a header that includes the sender""s e-mail address (a xe2x80x9csource addressxe2x80x9d or a xe2x80x9creturn addressxe2x80x9d) and the recipient""s e-mail address (a xe2x80x9cdestination addressxe2x80x9d). All well-known e-mail protocols mandate inclusion of a source address to allow the recipient to send e-mail back to the sender.
As more users rely on e-mail for daily communication, both for their work and personal use, it is becoming important to be able to classify and sort their e-mail. Classification allows users to treat classes of e-mail messages differently providing for sorting and storing into appropriate folders or deleting them without inspection if desired. The need for classification techniques is growing because certain senders, who are abusing the use of e-mail, are causing the recipients increasing problems. Perhaps the most widespread example of abuse is the mass mailing of unsolicited e-mail messages based on address lists collected from various sources to which recipients have supplied their e-mail addresses for other purposes. The act of sending this xe2x80x9cjunk e-mailxe2x80x9d in large quantity is called xe2x80x9cspammingxe2x80x9d and currently threatens to overwhelm and thwart the process of legitimate e-mail.
Spamming is facilitated by the fact that it is relatively easy to obtain a list of valid e-mail addresses and to use them without the corresponding owner""s consent. Many users provide their e-mail addresses to World Wide Web (xe2x80x9cWWWxe2x80x9d) sites, for newsgroups, or include them in their home pages. Spammers collect e-mail addresses from these places for their use. Finally, the incremental cost of generating a large number of spam messages is relatively low for the spammer, since sending one million copies of a message is almost as easy as sending one thousand copies with current technology.
Spamming creates a problem since a recipient often cannot distinguish between a personal e-mail message and an unsolicited spam message before opening the e-mail. Typically there is no characteristic envelope or sender""s address that facilitates recognition of spam before it is opened. Spam messages often clog the recipient""s mailbox necessitating time-consuming examination prior to removal.
Current e-mail tools may use one or a combination of several methods for detecting and controlling spam. Source address filtering allows a user to establish a list of known spammer e-mail addresses such that these source addresses may be removed automatically. However, many spammers disguise their true addresses by various means and frequently xe2x80x9cmutatexe2x80x9d among various bogus return addresses thereby defeating this filtering process. Another method for detecting spam is keyword filtering, in which the user collects a list of often-used words, which are found in the subject-line or body of junk e-mail messages, and use these keywords to recognize and remove spam messages automatically. This method is heuristic at best and may eliminate some valid or wanted messages. Furthermore, spammers have started to adapt to such filtering by changing the vocabulary of their messages. Moreover, keyword filtering is useless to detect spam messages that are included in other media types, such as image or sound e-mail attachment.
Most e-mail users typically have only a small number of e-mail addresses, for example, one at the office and one for private use at home through an Internet service provider (xe2x80x9cISPxe2x80x9d). Changing the user""s e-mail address is a often tedious and usually a last-resort action when their e-mail is constantly overloaded with spam messages. This change necessitates that the user notify all potential senders, from whom the user expects to receive e-mail messages.
Accordingly, what is needed in the art is a way to recognize and delete spam messages automatically and reliably.
To address the above-discussed deficiencies of the prior art, the present invention provides a system for, and method of generating an extended electronic mail (e-mail) address for use between a sender and a recipient and systems and methods for classifying e-mail messages based on the destination extended address. The present invention requires that all e-mail messages contain a source address and a destination address. In one embodiment, the system includes: (1) an extension generator module, associated with the sender, that generates a valid extended source address that is based on the identity of the recipient, (2) an e-mail transmitter, associated with the extension generator module, that transmits the e-mail message containing the valid extended source address to the recipient and (3) a message receiver module, associated with the extension generator module, that classifies incoming e-mail messages based on their destination address.
The destination address should be a valid extended address that was previously generated by the extension generator. When the recipient replies to the sender, the destination address of the reply e-mail message is the sender""s source address. In other words, the extended source addresses of the messages that the sender transmits may be used later as destination addresses in the messages that the sender receives.
In one embodiment of the present invention, the sender must apply to the recipient for a valid extended destination address. If the sender does not thereafter address the message to a valid extended destination address, the recipient""s message receiver module will reject the message and will thus not present it to the recipient.
The present invention therefore introduces the broad concept of generating and verifying e-mail addresses between particular parties as a prerequisite to establishing general e-mail communication. Preferably, application for an extended destination address by the sender entails an economic cost, perhaps embodied in the computer time required to be spent to generate the address. It is believed that mass e-mailers (xe2x80x9cspammersxe2x80x9d) will be loathe to spend the computational time necessary to apply for a suitably large list of extended destination addresses.
In one embodiment of the present invention, the system further includes a destination lookup module, associated with the extension generator module, that stores the extended destination address for future use. Thus, once the sender applies to the recipient for an extended destination address and receives one from the recipient, this extended destination address may be stored and used for all future messages sent to the same recipient until it is revoked by the recipient. Alternatively, extended destination addresses may be designed for one-time use. The destination lookup module may further store a shared key employable to generate the valid extended source address.
In one embodiment of the present invention, the sender may instruct his message receiver module to dispose of messages sent by a particular recipient by revoking the extended destination address that the sender has previously included in the message that he has sent to that recipient. Thus, the message receiver module acts as a filter, disposing of unwanted e-mail messages, and accepting other e-mail messages.
In one embodiment of the present invention, the system further includes a handshake module, associated with the extension generator module and containing the e-mail transmitter, that applies to the recipient for a valid extended destination address after receiving a first rejection message from the recipient.
In one embodiment of the present invention, the handshake module computes a time-consuming cost function, and submits the results of this computation in order to apply to the recipient for a valid extended destination address.
In one embodiment of the present invention, the system further includes a hypertext transfer protocol (HTTP) proxy, associated with the sender and containing the extension generator module, that computes the extended source address when the sender is asked to provide a valid e-mail address for registration at a World Wide Web site. The present invention is therefore applicable in a Web-surfing environment.
In one embodiment of the present invention, the system further includes a state information database containing a counter corresponding to the recipient, the extended source address further being based on a value of the counter. The function of the state information database and its associated counters will be described in detail below.
In one embodiment of the present invention, the system further includes a hypertext transfer protocol (HTTP) server, coupled to the state information database, that controls the extension generator module and allows manual applications for valid extended addresses.
The present invention may be employed by the sender, by the recipient, or both. If it is used by only one party, then the other party must apply manually to receive a valid extended destination address to assure that the e-mail will be indeed delivered to the other side.
When the recipient replies to the sender, the destination address of the reply e-mail message is the sender""s source address. In other words, the extended source addresses of the messages that the sender transmits are used later as destination addresses in the messages that the sender receives. This allows the sender to classify incoming e-mail messages based on the destination addresses included in those messages.
The foregoing has outlined, rather broadly, preferred and alternative features of the present invention so that those skilled in the art may better understand the detailed description of the invention that follows. Additional features of the invention will be described hereinafter that form the subject of the claims of the invention. Those skilled in the art should appreciate that they can readily use the disclosed conception and specific embodiment as a basis for designing or modifying other structures for carrying out the same purposes of the present invention. Those skilled in the art should also realize that such equivalent constructions do not depart from the spirit and scope of the invention in its broadest form.