Electrical computers and digital processing systems: multicomput – Computer conferencing – Demand based messaging
Reexamination Certificate
1999-04-09
2004-05-04
Thompson, Marc D. (Department: 2152)
Electrical computers and digital processing systems: multicomput
Computer conferencing
Demand based messaging
C709S232000, C709S233000
Reexamination Certificate
active
06732149
ABSTRACT:
FIELD OF THE INVENTION
The present invention relates generally to digital data processors and networks of intercommunicating digital data processors capable of sending and receiving electronic mail and other types of electronic messages. In particular, the present invention relates to a system and method for automatically detecting and handling unsolicited and undesired electronic mail such as Unsolicited Commercial E-mail (UCE), also referred to as “spam.”
BACKGROUND OF THE INVENTION
Every day, millions of Internet users receive unwelcome electronic messages, typically in the form of electronic mail (e-mail). The most familiar example of these messages is Unsolicited Commercial E-mail (UCE), commonly referred to as “spam.” UCE typically promotes a particular good, service or web site, and is sent indiscriminately to thousands, or even millions, of people, the vast majority of whom find the UCE annoying or even offensive. UCE is widely perceived as a significant problem. Articles concerning UCE appear on an almost daily basis on technology news services, such as CNET. Several commercial and shareware products have been written to reduce e-mail users' exposure to UCE. At least one start-up company, Bright Light Technologies, has been founded for the sole purpose of producing and selling technology to detect and filter out UCE. Legal restrictions are being contemplated by several states, and actually have recently been put in place in more than one state.
Other forms of undesired e-mail include rumors, hoaxes and chain letters. Each of these forms of e-mail can proliferate within a network of users very quickly. Rumors can spread with much vigor throughout a user population and can result in wasted time and needless concern. The most successful computer virus hoaxes have a longevity comparable to that of computer viruses themselves, and can cause a good deal of panic. Finally, circulation of chain letters is a phenomenon that is serious enough to be forbidden by company policies or even federal laws.
A somewhat different class of e-mail, the transmission or receipt of which is often undesirable, is confidential e-mail. Confidential e-mail is not supposed to be forwarded to anyone outside of some chosen group. Therefore, there is a concern for controlling the distribution of these messages.
A common characteristic of UCE and electronically-borne rumors, hoaxes, and chain letters is that there is likely to be wide-spread agreement that the content of the message in question (and, thus, transmission thereof) is undesirable (as opposed to merely uninteresting). This, along with the fact that such messages are in electronic form, makes it possible to contemplate various technologies that attempt to automatically detect and render harmless this e-mail.
To date, UCE has been the exclusive focus of such efforts. Existing UCE solutions take a number of different forms. Some are software packages designed to work with existing e-mail packages (e.g., MailJail, which is designed to work with the Eudora mail system) or e-mail protocols (e.g., Spam Exterminator, which works for any e-mail package that supports the POP3 protocol on the Windows 95, Windows 98 or Windows NT platforms). Other solutions are integrated into widely used mail protocols (e.g., SendMail v. 8.8, a recent upgrade of the SendMail mail transfer protocol, which provides a facility for blocking mail relay from specified sites, or alternatively from any site other than those explicitly allowed). Another type of solution is an e-mail filtering service, e.g., the one offered by junkproof corn, which fines users who send UCE. Bright Light Technologies proposes to combine a software product with a service.
However they may be packaged, the vast majority of these solutions are composed of two main steps: recognition and response. In the recognition step, a given e-mail message is examined to determine whether it is likely to be spam. If the message is deemed likely to be spam during the recognition step, then some response is made. Typical responses include automatically deleting the message, labeling it or flagging it to draw the user's attention to the fact that it may be spam, placing it in a lower priority mail folder, etc., perhaps coupled with sending a customizable message back to the sender.
The main technical challenges lie in the recognition step. Two of the most important challenges include keeping the rates of false positives (falsely accusing legitimate mail as spam) and false negatives (failing to identify spam as such) as low as possible. A wide variety of commercial and freeware applications employ combinations and/or variations on the following basic spam detection strategies to address the general problem.
Domain-based Detection
Often, persons who send spam (“spammers”) set up special Internet address domains from which they send spam. One common anti-spam solution is to maintain a blacklist of “spam” domains, and to reject, not deliver or return to the sender any mail originating from one of these domains. When spam begins to issue from a new “spam” domain, that domain can be added to the blacklist.
For example, xmission.com has modified sendmail.cf rules to cause mail from named sites to be returned to the sender. Their text file (http:H/spam.abuse.net/spam/tools/dropbad.txt) lists several domains that are known to be set up solely for use by spammers, including moneyworld.com, cyberpromo.com, bulk-e-mail.com, bigprofits.com, etc. At http://www.webeasy.com:8080/spam/spam_download_table, one can find just over 1000 such blacklisted sites. Recent versions of SendMail (versions 8.8 and above) have been modified to facilitate the use of such lists, and this has been regarded as an important development in the battle against spam.
However, if used indiscriminately, this approach can lead to high rates of false positives and false negatives. For instance, if a spammer were to send spam from the aol.com domain, aol.com could be added to the blacklist. As a result, millions of people who legitimately send mail from this domain would have their mail blocked. In other words, the false positive rate would be unacceptably high. On the other hand, spammers can switch nimbly from a banned domain to a non-banned, newly-created one, or one that is used by many legitimate users, thus leading to many false negatives.
Header-based Detection
A hallmark of spam is that it is sent to an extremely large number of recipients. There are often indications of this in the header of the mail message that can be taken as evidence that a message is likely to be spam. For example, the long list of recipients is typically dealt with by sending to a smaller set of collective names, so that the user's explicit e-mail address does not appear in the To: field.
Ross Rader of Internet Direct (Idirect) has published directions for setting up simple rules based on this characteristic of spam for a variety of popular e-mail programs, including Eudora Light, Microsoft Mail and Pegasus. When a mail message header matches the rule, that mail is automatically removed from the user's inbox and placed in a special folder where it can be examined later or easily deleted without inspection.
However, unless the user of this method puts a great deal of effort into personalizing these detection rules, the false positive rate has the potential to be quite high, so that a large proportion of legitimate e-mail will be classified as spam.
Text-based Kevword Detection
Spam is typically distinguished from ordinary e-mail in that it aggressively tries to sell a product, advocate visiting a pornographic web site, enlist the reader in a pyramid scheme or other monetary scam, etc. Thus, a piece of mail containing the text fragment “MAKE MONEY FAST” is more likely to be spam than one that begins “During my meeting with you last Tuesday.”
Some anti-spam methods scan the body of each e-mail to detect keywords or keyphrases that tend to be found in spam, but not in other e-mail. The keyword and keyphrase lists are often customizable. This method is often c
McGinn & Gibb PLLC
Plieto Beatriz
Thompson Marc D.
Zarick, Esq. Gail H.
LandOfFree
System and method for hindering undesired transmission or... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with System and method for hindering undesired transmission or..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and System and method for hindering undesired transmission or... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3270157