‘Spam’ is the use of electronic messaging systems to send unsolicited bulk messages indiscriminately. ‘Email spoofing’ is email activity where a user alters properties of an email message, such as the ‘From’ and ‘Reply-To’ fields in a message header to make the email appear to be from someone other than the actual sender. Thus, an email message can appear to be sent from the address indicated in the From field, but is actually sent from another source. Email spoofing is commonly used for Spam email and phishing to hide the origin of an email message. ‘Phishing emails’ are email messages purporting to be from a trusted entity that attempt to deceive users into providing account or identify information. For example, an email purports to be from a trusted entity, such as an online auction web service provider eBay, Inc., and the email states that the user needs to provide information, such as credit card numbers, to correct an alleged problem with a user account.
Traditionally, email message filters have been used to help reduce phishing emails and Spam received from email spoofing. Typically, the email message filters flag received email messages based on matching a regular expression, keywords in the message body, or the e-mail address of the sender of the message. Some more advanced email message filters, particularly anti-spam filters, have used statistical approaches to reduce email message Spam received by a user. These conventional approaches, however, often prove to be unreliable and frequently mislabel legitimate email messages as spam. Consequently, users are prevented from receiving messages from authorized senders. Other traditional spam filtering solutions require email transport servers which authenticate each other. However, such implementations can be expensive and require changing existing email transport servers. Another conventional solution requires client support for cryptographic signatures and special software to allow users to ‘sign’ email messages. Email signing, however, has not been universally accepted. Thus, conventional email spam filtering solutions that have been focused on the recipient-side to flag email messages as potential spam are untrustworthy as admissible email messages are often mistakenly flagged as spam. Moreover, other solutions can be costly and require changes to the existing hardware.