Today, creating and sending e-mail using a fake sender's address is trivial. One simply issues selected commands to a Simple Mail Transfer Protocol (SMTP) server to send a message with virtually any email address in a From: field of the message. The reasons for sending fake email include enabling the sender to deliver adware, spyware, viruses, and/or spam to an unsuspecting recipient. The end result is that many people have experienced receiving email messages with forged or faked From address information. Forging and/or faking email addresses is now so rampant of a problem that a large number of email system administrators sometimes will simply block all email from popularly forged domains.
There have been numerous attempts to solve this problem. One such approach employs domain-based email authentication using public keys advertised in a Domain Name Server (DNS). This approach is known as DomainKeys, and has been described in detail in U.S. Pat. No. 6,986,049, entitled “Method and System for Authenticating a Message Sender Using Domain Keys,” to Mark Delany, issued on Jan. 10, 2006, which is incorporated herein by reference. DomainKeys (DK) are also described in several Requests for Comments (RFCs) available through the Internet Engineering Task Force (IETF), including RFCs: 4870 and 4871 (entitled “DomainKeys Identified Mail (DKIM) Signatures”), each of which are also incorporated herein by reference.
Briefly, DomainKeys is a message authentication system that enables a domain owner to prove that a message, such as an email message, originated from an authorized user within their domain by using a private key component to digitally sign each outbound message. Using a public key component, the recipient system can check the validity of the digital signature accompanying the incoming message and thus prove (authenticate and verify) that the message originated from a sender address authorized by the domain owner.
Unfortunately, while DomainKeys is useful to indicate that an email message is from a given domain, it does not appear to provide any indication that an unsigned message is forged or whether it is from a domain that the message says it is from. Other email authentication mechanisms, such as Sender Policy Framework (SPF), and the like, appear to have similar deficiencies. Therefore, it is with respect to these considerations and others that the present invention has been made.