Electrical computers and digital processing systems: multicomput – Computer conferencing – Demand based messaging
Reexamination Certificate
1998-09-15
2002-08-13
Harrell, Robert B. (Department: 2152)
Electrical computers and digital processing systems: multicomput
Computer conferencing
Demand based messaging
C709S223000, C709S245000
Reexamination Certificate
active
06434600
ABSTRACT:
TECHNICAL FIELD
The present invention relates to methods and systems for securely delivering electronic mail to hosts having dynamic IP addresses. More particularly, the present invention relates to methods and systems for securely delivering electronic mail to mail servers having dynamic IP addresses utilizing the Simple Mail Transfer Protocol (SMTP).
BACKGROUND OF THE INVENTION
Hosts connected to a TCP/IP network communicate with each other using internet protocol (IP) addresses. An IP address is a number uniquely identifying a network connection. Available Internet IP addresses have become limited in number due to inefficient address assignment and an increase in the number of hosts connected to the Internet. As a result, Internet service providers (ISPs) may be unwilling to allocate static IP addresses to customers without charging substantial fees. A static or fixed IP address does not change for a given network connection. For example, each time a customer with a static IP address accesses the Internet through an ISP, the customer has the same IP address. Instead of allocating static IP addresses to customers, some ISPs allocate dynamic IP addresses. A dynamic IP address is temporarily assigned to a user, or, more specifically, to the network connection of a user's machine. For example, when a customer accesses the Internet through an ISP, the customer may be given a dynamic IP address. When the customer terminates the connection with the ISP, the dynamic IP address may be assigned to another customer. When the first customer accesses the Internet a second time through the same ISP, he or she may or may not receive the same IP address used in the first connection. Thus, dynamic IP addresses allow owners of static IP addresses to maximize the value of each address by temporarily allocating the address to multiple customers.
SMTP is the dominant Internet standard for delivering electronic mail. SMTP allows mail for multiple users to be delivered to a single SMTP server. SMTP is an IP-based protocol. In order to deliver electronic mail, a delivering mail server retrieves the IP address of a receiving mail server. The SMTP protocol was designed to route mail to a server permanently connected to a network using a static IP address. Delivering mail to a mail server that randomly connects to a network with a dynamic IP address cannot be done securely using SMTP according to conventional mail delivery techniques. Alternatively, an SMTP server having a dynamic IP address cannot securely retrieve mail. For example, in order for a delivering SMTP server to determine where to deliver electronic mail, the delivering SMTP server determines the IP address of the receiving SMTP server. In order to determine the IP address of the receiving SMTP server, the delivering SMTP server may access a Domain Name System (DNS) server. A DNS server stores a database of resource records containing information relating to hosts, including IP addresses of the hosts.
Determining the IP address of the receiving SMTP server is a two step process. First, the delivering SMTP server queries the DNS server for the name of the receiving SMTP server. The query includes the domain name of the domain for which the receiving SMTP server receives mail. The DNS server searches its resource records for a mail exchange or MX record corresponding to the domain name in the query. An MX record specifies the name of a mail exchanger, i.e., the receiving SMTP server, responsible for receiving mail for a given domain. The DNS server sends an MX record specifying the name of the receiving SMTP server to the delivering SMTP server.
The next step is determining the IP address corresponding to the mail exchanger name specified in the MX record received by the delivering SMTP server. Accordingly, the delivering SMTP server queries the DNS server for the IP address corresponding to the name of the mail exchanger extracted from the MX record. The DNS server stores additional resource records, known as address or A records, that pair IP addresses with host names. Thus, if the DNS server stores the A record for the mail exchanger, the A record is transmitted to the delivering SMTP server, which can then initiate an SMTP connection to the IP address specified by the A record and deliver the mail. However, when the receiving SMTP server has a dynamic IP address, the DNS server may not have the A record for the receiving SMTP server because conventional DNS servers are not dynamically updated when a host receives a dynamic IP address. More particularly, no mechanism exists in the conventional Domain Name System for dynamically or automatically updating A records in a DNS server. Updating may be performed manually, for example, using a keyboard. However, such a process is time-consuming, labor-intensive, and unsuitable in a computing environment where dynamic IP addresses change frequently. Thus, conventional DNS servers may store A records containing static IP addresses only.
Since SMTP was originally designed to route mail between mail servers permanently connected to a network using fixed IP addresses, the fact that conventional DNS servers were not dynamically updatable was of little consequence. Conventional DNS servers stored the A records for the permanently connected mail servers. Mail delivery to the permanently connected mail servers was reasonably secure because delivering mail servers verified the addresses of receiving mail servers by accessing DNS servers before delivering mail. As long as the records stored in the DNS servers were secure, mail delivery occurred to the intended recipients.
However, in order to reduce network access fees, it has become desirable for a receiving mail server not to maintain a permanent connection to a network. For example, a receiving mail server may access a network periodically to retrieve mail queued by a delivering mail server. One conventional mechanism for receiving queued mail for a domain is the SMTP TURN command. In order to retrieve mail using the TURN command, the receiving mail server first establishes an SMTP connection with the delivering mail server. Next, the receiving mail server issues the TURN command followed by the domain name for which the receiving mail server receives mail. The delivering mail server then delivers queued mail for the domain name specified in the TURN command without verifying the IP address of the receiving mail server. The SMTP connection initiated by the receiving mail server is essentially reversed and used by the delivering mail server to deliver mail. The TURN command is not secure because a user can initiate an SMTP connection, issue the TURN command, and retrieve mail for a domain for which he or she is not authorized to retrieve mail.
Because of the security problems associated with the TURN command, the SMTP ETRN command was developed as a more secure method for retrieving queued mail. In order to utilize the ETRN command to retrieve mail, the receiving mail server first initiates an SMTP connection with the delivering mail server. Next, the receiving mail server issues the ETRN command followed by the domain name for which mail delivery is requested. In response to the ETRN command, the delivering mail server queries a DNS server for the mail exchanger and then for the IP address of the mail exchanger. Because the delivering mail server queries the DNS server to determine where to deliver mail, mail retrieval using the ETRN command is more secure than mail retrieval using the TURN command. However, if the receiving mail server has a dynamic IP address, the DNS server may not store the A record for the receiving mail server. As a result, the IP address cannot be determined and mail retrieval using the ETRN command fails. An alternative is to use the TURN command, which is not secure. Thus, according to conventional delivery techniques, electronic mail could not be securely delivered to an SMTP server having a dynamic IP address.
SUMMARY OF THE INVENTION
As used herein, the term “server” refers to a program executing on a machine, such as
Lambert Bruno
Waite Ryan W. J.
Cardone Jason D.
Harrell Robert B.
Microsoft Corporation
LandOfFree
Methods and systems for securely delivering electronic mail... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Methods and systems for securely delivering electronic mail..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Methods and systems for securely delivering electronic mail... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2882243