[go: up one dir, main page]

WO2009021532A1 - Method and apparatus for a safe communication between two or more computers - Google Patents

Method and apparatus for a safe communication between two or more computers Download PDF

Info

Publication number
WO2009021532A1
WO2009021532A1 PCT/EP2007/007145 EP2007007145W WO2009021532A1 WO 2009021532 A1 WO2009021532 A1 WO 2009021532A1 EP 2007007145 W EP2007007145 W EP 2007007145W WO 2009021532 A1 WO2009021532 A1 WO 2009021532A1
Authority
WO
WIPO (PCT)
Prior art keywords
data
sender
addressee
automatically
reply
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/EP2007/007145
Other languages
French (fr)
Inventor
Mikhail Kolobov
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Individual
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Priority to PCT/EP2007/007145 priority Critical patent/WO2009021532A1/en
Priority to PCT/EP2008/000417 priority patent/WO2009021567A1/en
Publication of WO2009021532A1 publication Critical patent/WO2009021532A1/en
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/101Access control lists [ACL]
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q10/00Administration; Management
    • G06Q10/10Office automation; Time management
    • G06Q10/107Computer-aided management of electronic mailing [e-mailing]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L51/00User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail
    • H04L51/21Monitoring or handling of messages
    • H04L51/212Monitoring or handling of messages using filtering or selective blocking
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic

Definitions

  • the invention concerns a method for safe communication between two or more computers with avoidance of unwanted data of third parties.
  • the invention also concerns a device for safe communication between two or more computers with avoidance of unwanted data of third parties.
  • the invention further concerns a computer program product including one or more computer-readable media with computer-readable instructions for conducting the necessary steps for a safe communication between two or more computers with avoidance of unwanted data of third parties.
  • Business and private correspondence by means of email are widely known in modern society. A lot of communication, be it business related or private, is conducted with the use of computers. Such business-related and private correspondence include any kind of electronic messages and/or message services, e.g. plain emails, emails with attached data, sms (short message service), mms (multimedia message service), ire (internet rely chat) and/or VoIP (voice over ip).
  • message services e.g. plain emails, emails with attached data, sms (short message service), mms (multimedia message service), ire (internet rely chat) and/or VoIP (voice over ip).
  • Spam is defined as data which is unwanted by the recipients. Such spam includes emails by third parties sent in high quantity to random addresses of potential recipients.
  • the United States patent application US 2003/009698 A1 discloses a possible solution for this problem.
  • the method and system for filtering spam is discloses in this document. Whenever a message is initially received from an unapproved sender, a confirmation request email is sent to the sender's email address, requesting the sender to confirm his existence and identity. Spammers, i.e. the senders of spam data, such as spam emails, typically do not receive reply emails and cannot handle these if they happen to arrive. Therefore, until the unapproved sender replies to the confirmation request email, electronic messages received from unapproved senders are treated as spam.
  • a list of approved senders is maintained by the spam filter. Electronic messages from those approved senders are not treated as spam and are immediately delivered to the user. Generally, a list of valid source addresses for one user is maintained either on the user's computing device or on a mail server, depending upon their specific application.
  • the US document US 2003/009698 A1 also discloses the use of a "tunnel password" and a "CZID".
  • a user A sends for instance an email to B.
  • This email is received in a quarantine part of an inbox of B.
  • An automatic reply including the "CZID" is sent to A by B. If A is having the same spam filter as B according to US 2003/009698 A1 , this new email is then again quarantined by A. A newly generated response upon the receipt of the reply will then again be quarantined by B.
  • the resulting eternal loop iteration can only be penetrated by manual interference by the users A and/or B.
  • the monetary and time related resources of B shall be preserved. Only A shall have to interfere manually, so that his original message comes to the attention of B, without B's manual, i.e. direct interference, so that unwanted data, such as spam, does not come to B's attention.
  • KR 1020040095008 A Therein another method for filtering spam messages is disclosed.
  • a system for blocking spam emails and a method for blocking spam emails is further disclosed in WO 2006/129962 A1.
  • any sort of ID is comprised.
  • the e-mail address of the sender of an email may be such an ID.
  • the automatic reply is brought to the attention of the sender of the initial email, so that after a very short time the originally sent email may be brought to the attention of the original recipient in the later process, as intended by the original sender.
  • the originally sent email will not be brought to the attention of the original recipient.
  • the first recipient does not have to waste time or resources on spam.
  • the original sender exerts influence on the receipt of the original email due to his manually created response, so that it comes to attention of the originally intended recipient, unless this is explicitly not wanted by the recipient.
  • the quarantined data e.g. the email
  • the quarantined data is deleted during such an intermediate step. It is thereby avoided that the quarantined part of the inbox is stuffed by to much unwanted data.
  • the quarantined data is deleted depending on the storage time in this part of the inbox and/or the amount of data in this inbox. Any emails which are too old are therefore deleted after a certain time period, preferably if no response or wrong response is received.
  • step d It is advantageously avoided that the originally sent data is irrevocably lost, if a request to resend the data of step a) is included in the automatic response of step d).
  • step j If 1 upon step j), the ID of the sender of data is automatically entered in a so called "white list", future emails can be directly brought to the attention of the recipient without the need for a prior test procedure with the automated reply and non- automated response.
  • step d) can be repeatedly sent. Repeated sending of the automated response of step d), such as the test message, can be conducted in reply to the incorrect answer to the test message and/or after a set time interval after non-receipt of a response on the test message.
  • a device for safe communication between two or more computers with avoidance of unwanted data of third parties can also be solved by a device for safe communication between two or more computers with avoidance of unwanted data of third parties.
  • a device for sending data such as an email, from a first computer to a second computer; a device for automatically entering the ID of the addressee in a "white list" of a sender if the ID of the sender of the original data is not listed in the "white list" of the addressee; a device for quarantining the received data, such as an email, in a part of an inbox on the addressee-side; a device for sending an automated response to the sender with a non-automatically readable code; a device for automatically identifying the response by the sender of the original data and informing the original sender; a device for manually creating a new code based on the code in the response; a device for creating a reply to the original addressee including the new code; a device for sending the reply to the original addressee; a
  • Such a device includes the necessary means to integrate the necessary steps in a technical entity, such as a computer.
  • the object of the invention is also solved by a computer program product including one or more computer readable-media with computer-readable instructions for conducting their steps according to the previously described method, if run on a computer.
  • Fig. 1 discloses a schematic flow of operation during sending, responding and replying between the two users, namely user A and user B,
  • Fig. 2 discloses a schematic flow of operation between a sender of spam, namely user C, and user B.
  • Fig. 1 discloses a schematic view of a computer of a sender of data, namely user A and a schematic view of a computer of a user receiving data, namely user B.
  • A will be referred therefore to as a sender and B will be referred to as addressee or recipient.
  • the computers of A and B comprise the necessary programs for exchange of data, especially programs to send, receive and manage emails with or without attachments, such as data clusters.
  • Both computers comprise an entity, in which the data, such as emails, is received. This entity will be referred to as "inbox".
  • the "inbox" the entity in which emails are received, is partitioned in a "quarantine inbox", a "trash inbox” and a "user-direct accessible inbox". Only messages in the "user-direct accessible inbox" can be seen by the user A or B in the respective inbox of the respective computer.
  • Both computers store and manage a so called “white list” and a so called “black list”.
  • Both users A and B employ the system according to the invention, especially a method according to the invention, the device and the computer program product, to avoid the receipt of spam emails and to be notified of emails of some importance, sent by non-spammers.
  • a spammer such a user is defined, who sends so-called spam emails to other users.
  • Fig. 1 a special case is shown, where A, being the sender of information, is not a spammer, but intends to reach B, also being a non-spammer.
  • A sends an email to B with a certain content.
  • Emails and data of senders having their ID listed in the "black list” of B, will be led directly to the "trash inbox" and they are there either deleted directly, deleted after a certain period of time or deleted when the data reaches a certain threshold. Due to the ID of A not being listed in any of the lists of B 1 the email of A is entered in the "quarantine inbox” as a step c). Before step c) or parallel to it, the ID of B is entered in the "white list" of the user A in a step b).
  • step d an automated response is generated and sent per email to A in the next step, namely step d).
  • a code is included in this response.
  • the code is, in the current embodiment, a picture showing a symbol or showing letters.
  • the code namely the picture, is created automatically by the system of B upon receipt of the email of a still unknown sender.
  • step d) The response email of step d) is entered in the "user-direct accessible inbox" of A in a step e). This is due to the fact that the ID of the sender of the response, namely the ID of B, was entered in the "white list" before step d), namely in step b).
  • the automatically created code cannot be identified and further processed by means of a machine alone, but needs human mental abilities to be deciphered.
  • the reply of the embodiment of Fig. 1 sent in step d) also has a request included, to either resend the original email of step a) together with a response to B or either respond to B without resending the original email.
  • the code of the reply have to be integrated in the response.
  • step f) a new code is generated by the user A, by manual means. This may be such that the symbol is now described in a word or the letters included in the picture, possibly a .gif or a .jpg, and now entered in plain text.
  • step g the response email is created and the code of the reply email of step d) is entered.
  • step h the response is forwarded to B.
  • step i the new code is then compared to the code included in the response email. If they correspond to each as expected, a positive output value is created.
  • step j the response email is now entered in the "user-direct accessible inbox", so that the user B can see it and access it directly. Therefore, only emails of senders of human nature can be entered in the "user-direct accessible inbox", as automated sending machinery cannot decipher the response and cannot generate automatically a reply, which meets the criteria of step d). This is especially efficient in such cases, where spammers use automated programs with no inbox at all.
  • the original email sent in step a) is deleted after being saved in the "quarantine inbox” for a certain time or until the "quarantine inbox” reaches a data amount above a pre-defined threshold.
  • Fig. 2 shows the fate of an email sent by a spammer, namely user C, to the user B.
  • the ID of C is already listed in the "black list”.
  • the spammer sends an email to B.
  • This email is automatically entered in the "trash inbox” during step b).
  • the deletion of the spam email follows. This deletion can be done manually or automatically. An automated deletion can depend on the factor time or on the factor data content in the "trash inbox".
  • this message is analysed on the basis of information step 2, if the ID of the sender can be found in the "white list", which can be the answer of user B or the test message of the user B, whereupon it is shown to the user A, whereby the user A answers the message now manually, whereby the information about this new message is also kept in a temporary folder; or
  • step 4) if the analysis of step 4) is negative, the incoming messages analysed on the basis of the information of step 3), whereupon the user A is informed by any means of the non-delivery of the message to the user B, whereby no automatic information is sent to the user B, as this would be useless as the user B cannot receive messages of the user A, be it temporarily or not; and/or
  • steps 4) and 5) if the analysis of steps 4) and 5) is negative, a message from an unknown person C is quarantined and the response (test mail ) is sent automatically,
  • step 6) information about response step 6) also are kept in temporary folder of user A; 8) next incoming message is again analysed, if the ID is present in the "white list", whereby the "white list” contains the ID of the user B, but does not contain the ID of the user C and if the analysis is positive, it is the reply is identified as answer or the test message of the user B, which is then presented to the user A, whereby this step is similar to the step 4); and/or
  • step 8) if the result of the analysis of step 8) is negative, the incoming message, i.e. the reply is analysed on the basis of the information of step 3) and the user A is informed by a means concerning the non-delivery of the message to the user B, whereby this step is similar to the step 5);
  • step 9 whereby additionally upon a negative result of the analysis of step 9), the incoming reply is analysed on the basis of the information of step 7), to the effect that the user C is defined as a spammer, whereby it is not necessary to inform the user A about it, as it is one of the purposes of the invention to protect the user A from spam messages, whereupon the spam message of user C is then deleted from the quarantine inbox;
  • step 11 whereupon additionally if a negative result of the analysis of step 10) results, the incoming message is analysed on the basis of the information of step 6), so that a response of the user C on the test message can be generated, if a correct answer is received, so that a message of user C, which is kept in the quarantine inbox is shown to the user A 1 or, if the answer is incorrect, it is concluded that the user C is a spammer, whereupon the message is deleted.
  • a comparable process is conducted for user B.
  • An automatic response defined as a test message, can be repeatedly sent. Repeated sending of the test message can be conducted in reply to the incorrect answer to the test message and/or after a set time interval after non-receipt of a response on the test message.

Landscapes

  • Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Human Resources & Organizations (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Strategic Management (AREA)
  • Entrepreneurship & Innovation (AREA)
  • Computing Systems (AREA)
  • Quality & Reliability (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Economics (AREA)
  • Marketing (AREA)
  • Operations Research (AREA)
  • Data Mining & Analysis (AREA)
  • Tourism & Hospitality (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

The present invention relates to an apparatus and a method for a safe communication between two or more computers with avoidance of unwanted data of third parties, wherein the following steps are executed: Sending data, such as an email, from a first computer to a second computer; automatically entering the ID of the addressee in a 'white list' of the sender; quarantining the received data, such as the email, in a part of an inbox on the addressee side if the ID of the sender of the data of step a) is not listed in the 'white list' of the addressee; sending an automated response to the sender with a non-automatically readable code; identifying the response by the sender of the data of step a) and informing of the sender of the data of step a); manually creating a new code based on the code of step d) by the sender of step a); creating a reply to the addressee of step a) by the sender of step a) including a new code based on step f); sending the reply of step g) to the addressee of step a); automatically identifying the reply of step g) by the addressee of step a); and automatically informing the addressee of step a) of the reply of step g).

Description

Method and apparatus for a safe communication between two or more computers Description
The invention concerns a method for safe communication between two or more computers with avoidance of unwanted data of third parties. The invention also concerns a device for safe communication between two or more computers with avoidance of unwanted data of third parties. The invention further concerns a computer program product including one or more computer-readable media with computer-readable instructions for conducting the necessary steps for a safe communication between two or more computers with avoidance of unwanted data of third parties.
Business and private correspondence by means of email are widely known in modern society. A lot of communication, be it business related or private, is conducted with the use of computers. Such business-related and private correspondence include any kind of electronic messages and/or message services, e.g. plain emails, emails with attached data, sms (short message service), mms (multimedia message service), ire (internet rely chat) and/or VoIP (voice over ip).
Since communication between computers is very common and the accessibility of computers, e.g. via the internet, is widely known and almost everywhere possible, a problem arose in the last decades. More and more unwanted data is received by the recipients. A widely known problem is therefore the appearance of spam.
Spam is defined as data which is unwanted by the recipients. Such spam includes emails by third parties sent in high quantity to random addresses of potential recipients.
It is known that such spam includes viruses, worms or so called Trojans, thus the risk of endangering the integrity of the recipient's computer. Apart from this imminent danger, the recipient has to ensure that important data sent to him is not discarded. This consideration results in a loss of time, since all the data received has to be evaluated to find out which data is spam and which is not. On the one hand, there is a strong longing to discard such spam - e.g. spam email. On the other hand, it has to be made sure that data, which is not of the spam category, is not discarded and therefore does come to the attention of the recipient. A consequence of such unintended deletion of non-spam data results in high economic losses.
In the state of the art, a solution for this problem has been sought. It has been attempted to find solutions to avoid so-called spam, so it does not get the attention of the recipients and is deleted. It has also been attempted to find a solution against the unintended deletion of non-spam.
The United States patent application US 2003/009698 A1 discloses a possible solution for this problem. The method and system for filtering spam is discloses in this document. Whenever a message is initially received from an unapproved sender, a confirmation request email is sent to the sender's email address, requesting the sender to confirm his existence and identity. Spammers, i.e. the senders of spam data, such as spam emails, typically do not receive reply emails and cannot handle these if they happen to arrive. Therefore, until the unapproved sender replies to the confirmation request email, electronic messages received from unapproved senders are treated as spam.
A list of approved senders is maintained by the spam filter. Electronic messages from those approved senders are not treated as spam and are immediately delivered to the user. Generally, a list of valid source addresses for one user is maintained either on the user's computing device or on a mail server, depending upon their specific application. The US document US 2003/009698 A1 also discloses the use of a "tunnel password" and a "CZID".
The document however does not address the problem which arises when both the sender and the recipient of the data have such a spam filtering device.
In this case, a user A sends for instance an email to B. This email is received in a quarantine part of an inbox of B. An automatic reply including the "CZID" is sent to A by B. If A is having the same spam filter as B according to US 2003/009698 A1 , this new email is then again quarantined by A. A newly generated response upon the receipt of the reply will then again be quarantined by B. The resulting eternal loop iteration can only be penetrated by manual interference by the users A and/or B.
It is an object of the invention to avoid manual interference of the first recipient of the email or data. The monetary and time related resources of B shall be preserved. Only A shall have to interfere manually, so that his original message comes to the attention of B, without B's manual, i.e. direct interference, so that unwanted data, such as spam, does not come to B's attention.
Related prior art is also disclosed in KR 1020040095008 A. Therein another method for filtering spam messages is disclosed.
A system for blocking spam emails and a method for blocking spam emails is further disclosed in WO 2006/129962 A1.
The solution for the above identified problem is presented by using a method for a safe communication between two or more computers with avoidance of unwanted data of third parties with the steps of: a) sending data, such as an email / message, from a first computer to a second computer; b) automatically entering the ID (address) of the addressee in a so-called "white list" of the sender of step a); c) quarantining the received data, such as the email, in a part of an inbox on the addressee-side if the ID of the sender of the data of step a) is not listed in the "white list" of the addressee; d) sending an automatic response from addressee to the sender with a non-automatically readable code (test message); e) automatically identifying a response step d) by the sender of step a) and informing the sender of data of step a); f) manually creating a new code based on the code of step d) by the sender of the data of step a); g) creating a reply to the addressee of step a) by the sender of step a), including the new code of step f); h) sending the reply of step g) to the addressee of step a); i) automatically identifying the reply of step g) by the addressee of step a); and/or j) automatically informing the addressee of step a) of the reply of step g).
By an ID, any sort of ID is comprised. The e-mail address of the sender of an email may be such an ID. By this method, a user does not get emails from unknown persons, as long as such persons have not verified that they are real human and not some kind of machine that manually replies on the automatic response. The automatic reply is brought to the attention of the sender of the initial email, so that after a very short time the originally sent email may be brought to the attention of the original recipient in the later process, as intended by the original sender. As long as the authentication of the original sender has not been verified by the automatic system installed at the original recipient's side, the originally sent email will not be brought to the attention of the original recipient. The first recipient does not have to waste time or resources on spam. The original sender exerts influence on the receipt of the original email due to his manually created response, so that it comes to attention of the originally intended recipient, unless this is explicitly not wanted by the recipient.
Favourable solutions are claimed in the dependent claims.
In between the quarantining of the received data, such as the email, in a part of an inbox on the addressee-side and the sending of an automated response to sender of a non-automatically readable code, the quarantined data, e.g. the email, is deleted during such an intermediate step. It is thereby avoided that the quarantined part of the inbox is stuffed by to much unwanted data.
The quarantined data is deleted depending on the storage time in this part of the inbox and/or the amount of data in this inbox. Any emails which are too old are therefore deleted after a certain time period, preferably if no response or wrong response is received.
It is advantageously avoided that the originally sent data is irrevocably lost, if a request to resend the data of step a) is included in the automatic response of step d).
To avoid the receipt of the data of a known sender of spam for good, it is advantageous if the IDs of certain senders are entered in a so-called "black list". Comparing the ID of the senders to the IDs listed in the respective "black list" results in that data of known spammers can be easily found and deleted, so that such data is not brought to the attention of the recipient. It is therefore an advantage, if the data sent by senders with IDs included in the "black list" is deleted. However, manual interference is avoided if the deletion of such unwanted data is automatically conducted before step c).
If1 upon step j), the ID of the sender of data is automatically entered in a so called "white list", future emails can be directly brought to the attention of the recipient without the need for a prior test procedure with the automated reply and non- automated response.
When the ID of the sender of data is automatically compared to the IDs included in the "white list" and the data is brought to the direct attention of the addressee of step a), time can be economized. It has to be made sure that data, which is not of the spam category, is not discarded and therefore does come to the recipient.
It provides an additional advantage if an additional filtration of incoming messages is made before the data is brought to the direct attention of the addressee of step a), depending on results of a filtration data can automatically be deleted, kept in a special folder or inform the addressee of step a).
It is advantageous if a method is used wherein information about sent messages are kept in a temporary folder for a certain time and are used in the following for the analysis of arriving messages concerning the notification of failed delivery, wherein delivery failure messages are either removed or delivered to the initial sender of data, if expressly wished and wherein the automatic response is consequently not sent to avoid another rebounce.
It is advantageous if the automated response of step d) can be repeatedly sent. Repeated sending of the automated response of step d), such as the test message, can be conducted in reply to the incorrect answer to the test message and/or after a set time interval after non-receipt of a response on the test message.
The above identified object can also be solved by a device for safe communication between two or more computers with avoidance of unwanted data of third parties. A device for sending data, such as an email, from a first computer to a second computer; a device for automatically entering the ID of the addressee in a "white list" of a sender if the ID of the sender of the original data is not listed in the "white list" of the addressee; a device for quarantining the received data, such as an email, in a part of an inbox on the addressee-side; a device for sending an automated response to the sender with a non-automatically readable code; a device for automatically identifying the response by the sender of the original data and informing the original sender; a device for manually creating a new code based on the code in the response; a device for creating a reply to the original addressee including the new code; a device for sending the reply to the original addressee; a device for automatically identifying the reply through the original addressee; and a device for automatically informing the original addressee of the reply.
Such a device includes the necessary means to integrate the necessary steps in a technical entity, such as a computer.
The object of the invention is also solved by a computer program product including one or more computer readable-media with computer-readable instructions for conducting their steps according to the previously described method, if run on a computer.
In the following, the invention will be described with the help of some figures. The figures show the following:
Fig. 1 discloses a schematic flow of operation during sending, responding and replying between the two users, namely user A and user B,
Fig. 2 discloses a schematic flow of operation between a sender of spam, namely user C, and user B.
Fig. 1 discloses a schematic view of a computer of a sender of data, namely user A and a schematic view of a computer of a user receiving data, namely user B. A will be referred therefore to as a sender and B will be referred to as addressee or recipient. The computers of A and B comprise the necessary programs for exchange of data, especially programs to send, receive and manage emails with or without attachments, such as data clusters. Both computers comprise an entity, in which the data, such as emails, is received. This entity will be referred to as "inbox". The "inbox", the entity in which emails are received, is partitioned in a "quarantine inbox", a "trash inbox" and a "user-direct accessible inbox". Only messages in the "user-direct accessible inbox" can be seen by the user A or B in the respective inbox of the respective computer.
Both computers store and manage a so called "white list" and a so called "black list".
It is possible that only the computer system of the user B has these three lists and partitions the inbox in the "user-direct accessible inbox", the "trash inbox" and the "quarantine inbox". In the current case, shown in figure 1 , both systems of A and B are identical in this respect, however.
Both users A and B employ the system according to the invention, especially a method according to the invention, the device and the computer program product, to avoid the receipt of spam emails and to be notified of emails of some importance, sent by non-spammers. As a spammer, such a user is defined, who sends so-called spam emails to other users.
In Fig. 1 a special case is shown, where A, being the sender of information, is not a spammer, but intends to reach B, also being a non-spammer.
As a first step, namely step a), A sends an email to B with a certain content.
B has so far not entered the ID of A in any of his lists, namely the "white list", the "black list".
If emails of senders being listed in the "white list" are received, these emails are directly put in the "user-direct accessible inbox", so that the user can read them immediately.
Emails and data of senders having their ID listed in the "black list" of B, will be led directly to the "trash inbox" and they are there either deleted directly, deleted after a certain period of time or deleted when the data reaches a certain threshold. Due to the ID of A not being listed in any of the lists of B1 the email of A is entered in the "quarantine inbox" as a step c). Before step c) or parallel to it, the ID of B is entered in the "white list" of the user A in a step b).
As a result of the email of A being entered in the "quarantine inbox" of B in step c) an automated response is generated and sent per email to A in the next step, namely step d). In this reply email, a code is included in this response. The code is, in the current embodiment, a picture showing a symbol or showing letters. The code, namely the picture, is created automatically by the system of B upon receipt of the email of a still unknown sender.
The response email of step d) is entered in the "user-direct accessible inbox" of A in a step e). This is due to the fact that the ID of the sender of the response, namely the ID of B, was entered in the "white list" before step d), namely in step b).
In the response, the automatically created code cannot be identified and further processed by means of a machine alone, but needs human mental abilities to be deciphered.
The reply of the embodiment of Fig. 1 sent in step d) also has a request included, to either resend the original email of step a) together with a response to B or either respond to B without resending the original email. However, in both cases, the code of the reply have to be integrated in the response. In step f), a new code is generated by the user A, by manual means. This may be such that the symbol is now described in a word or the letters included in the picture, possibly a .gif or a .jpg, and now entered in plain text.
Anyhow, in step g), the response email is created and the code of the reply email of step d) is entered.
In step h), the response is forwarded to B. On the side of B, in step i), the new code is then compared to the code included in the response email. If they correspond to each as expected, a positive output value is created.
As a result, in step j), the response email is now entered in the "user-direct accessible inbox", so that the user B can see it and access it directly. Therefore, only emails of senders of human nature can be entered in the "user-direct accessible inbox", as automated sending machinery cannot decipher the response and cannot generate automatically a reply, which meets the criteria of step d). This is especially efficient in such cases, where spammers use automated programs with no inbox at all.
Even human senders of spam cannot reach B, if they are listed in the "black list" of B. The receipt of spam emails by B will, therefore, be considerably minimized.
The effort of B for identifying automated spam emails stays consequently very low. On the other side, the user A needs only a minimum of effort to send response with or without his original message in which he enters a new code received in the automatic response of user B (test mail).
In a variant, the original email sent in step a) is deleted after being saved in the "quarantine inbox" for a certain time or until the "quarantine inbox" reaches a data amount above a pre-defined threshold.
Fig. 2 shows the fate of an email sent by a spammer, namely user C, to the user B. The ID of C is already listed in the "black list". In step a), the spammer sends an email to B. This email is automatically entered in the "trash inbox" during step b). In step c), the deletion of the spam email follows. This deletion can be done manually or automatically. An automated deletion can depend on the factor time or on the factor data content in the "trash inbox".
Information about sent messages are kept in a temporary folder on the computer or server of user A and B. This information are used to identify arriving emails concerning the notification of failed delivery. The case of user A for receiving messages shall be detailed further:
After user A sent message to B only three opportunities exist to receive messages for user A, namely
1) the answer of B or the test message of the user B,
2) receipt of a delivery failure message in reply to the sent message to the user B, or
3) the receipt of a message, an unknown correspondent C.
A method with different possibilities is the consequence:
1) Sending a message from user A to user B;
2) automatically entering the ID of the B in a "white list" of user A;
3) keeping the information about message of the first step in a temporary folder;
4) if user A receives any message, this message is analysed on the basis of information step 2, if the ID of the sender can be found in the "white list", which can be the answer of user B or the test message of the user B, whereupon it is shown to the user A, whereby the user A answers the message now manually, whereby the information about this new message is also kept in a temporary folder; or
5) if the analysis of step 4) is negative, the incoming messages analysed on the basis of the information of step 3), whereupon the user A is informed by any means of the non-delivery of the message to the user B, whereby no automatic information is sent to the user B, as this would be useless as the user B cannot receive messages of the user A, be it temporarily or not; and/or
6) if the analysis of steps 4) and 5) is negative, a message from an unknown person C is quarantined and the response (test mail ) is sent automatically,
7) information about response step 6) also are kept in temporary folder of user A; 8) next incoming message is again analysed, if the ID is present in the "white list", whereby the "white list" contains the ID of the user B, but does not contain the ID of the user C and if the analysis is positive, it is the reply is identified as answer or the test message of the user B, which is then presented to the user A, whereby this step is similar to the step 4); and/or
9) if the result of the analysis of step 8) is negative, the incoming message, i.e. the reply is analysed on the basis of the information of step 3) and the user A is informed by a means concerning the non-delivery of the message to the user B, whereby this step is similar to the step 5);
10) whereby additionally upon a negative result of the analysis of step 9), the incoming reply is analysed on the basis of the information of step 7), to the effect that the user C is defined as a spammer, whereby it is not necessary to inform the user A about it, as it is one of the purposes of the invention to protect the user A from spam messages, whereupon the spam message of user C is then deleted from the quarantine inbox;
11) whereupon additionally if a negative result of the analysis of step 10) results, the incoming message is analysed on the basis of the information of step 6), so that a response of the user C on the test message can be generated, if a correct answer is received, so that a message of user C, which is kept in the quarantine inbox is shown to the user A1 or, if the answer is incorrect, it is concluded that the user C is a spammer, whereupon the message is deleted.
A comparable process is conducted for user B.
The above detailed methods take care of the case that a typing error in the response occurs. Also the situation is possible, e.g. because of temporary failure of a post server when the sender of an initial email will not receive a first test message. An automatic response, defined as a test message, can be repeatedly sent. Repeated sending of the test message can be conducted in reply to the incorrect answer to the test message and/or after a set time interval after non-receipt of a response on the test message.

Claims

Claims
1. Method for a safe communication between two or more computers with avoidance of unwanted data of third parties, with the following steps:
a) Sending data, such as an email, from a first computer to a second computer;
b) automatically entering the ID of the addressee in a "white list" of the sender;
c) quarantining the received data, such as the email, in a part of an inbox on the addressee side if the ID of the sender of the data of step a) is not listed in the "white list" of the addressee;
d) sending an automated response to the sender with a non-automatically readable code;
e) identifying the response by the sender of the data of step a) and informing of the sender of the data of step a);
f) manually creating a new code based on the code of step d) by the sender of step a);
g) creating a reply to the addressee of step a) by the sender of step a) including a new code based on step f);
h) sending the reply of step g) to the addressee of step a);
i) automatically identifying the reply of step g) by the addressee of step a); and
j) automatically informing the addressee of step a) of the reply of step g).
2. Method according to claim 1 , wherein, as an intermediate step c) - between the steps c) and d) - the quarantined data, e.g. the email, is deleted.
3. Method according to claim 2, wherein the data is deleted dependent on the storage time in the relevant part of the inbox and/or the amount of data in this part of the inbox, wherein the data of step c) is received.
4. Method according to claim 3, wherein in the response of step d) a request to resend the data of step a) is included.
5. Method according to one of the claims 1 to 4, wherein the ID of senders is entered in a so-called "black list".
6. Method according to claim 5, wherein the data sent of senders with ID included in the "black list" is deleted.
7. Method according to claim 6, wherein the step of claim 6 is automatically conducted before step c).
8. Method according to one of the claims 1 to 7, wherein after step j) the ID of the sender of data is automatically entered in a so-called "white list".
9. Method according to claim 1 to 8, wherein the ID of the sender of data is automatically compared to the IDs included in the "white list" and the data is brought to the direct attention of the addressee of step a).
10. Method according to one of the claims 1 to 9, wherein an additional filtration of incoming messages is made before the data is brought to the direct attention of the addressee of step a), depending on results of a filtration data can automatically be deleted, kept in a special folder or inform the addressee of step a).
11. Method according to one of the claims 1 to 9, wherein automated failure of delivery is identified, whereupon no reply according to step d) is sent.
12. Method according to one of the claims 1 to 11 , wherein information about test emails and emails sent by the sender of the original data are kept in a temporary folder for a certain time and are used in the following for the analysis of arriving emails concerning a notification of failed delivery, wherein delivery failure messages are either removed or delivered to the initial sender of data, if expressly wished and wherein the response of step d) is consequently not sent.
13. Method according to claim 1 , wherein the automated response of step d) can be repeatedly sent.
14. Device for a safe communication between two or more computers with avoidance of unwanted data of third parties comprising
a device for sending data, such as an email, from a first computer to a second computer;
a device for automatically entering the ID of the addressee in a "white list" of the sender;
a device for quarantining a received data, such as the email, in a part of an inbox on the addressee side if the ID of the sender of the original data is not listed in the "white list" of the addressee;
a device for sending an automated response to the original sender with an automatically non-readable code;
a device for automatically identifying the response by the original sender of the data, and informing of the original sender data;
a device for manually creating a new code based on the code of the automatically non-readable code by the original sender of data; 1
a device for creating a reply to the original addressee, sending the data from a first computer to a second computer, including a new code which was manually created;
a device for sending the reply to the original addressee;
a device for automatically identifying the reply by the addressee of the original data being sent; and
a device for automatically informing the addressee of the original data sent.
15. A computer program product including one or more computer-readable media with computer-readable instructions for conducting the steps of a method according to one of the claims 1 to 12, if run on a computer.
PCT/EP2007/007145 2007-08-13 2007-08-13 Method and apparatus for a safe communication between two or more computers Ceased WO2009021532A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
PCT/EP2007/007145 WO2009021532A1 (en) 2007-08-13 2007-08-13 Method and apparatus for a safe communication between two or more computers
PCT/EP2008/000417 WO2009021567A1 (en) 2007-08-13 2008-01-21 Method and apparatus for a safe communication between two or more computers

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/EP2007/007145 WO2009021532A1 (en) 2007-08-13 2007-08-13 Method and apparatus for a safe communication between two or more computers

Publications (1)

Publication Number Publication Date
WO2009021532A1 true WO2009021532A1 (en) 2009-02-19

Family

ID=39402741

Family Applications (2)

Application Number Title Priority Date Filing Date
PCT/EP2007/007145 Ceased WO2009021532A1 (en) 2007-08-13 2007-08-13 Method and apparatus for a safe communication between two or more computers
PCT/EP2008/000417 Ceased WO2009021567A1 (en) 2007-08-13 2008-01-21 Method and apparatus for a safe communication between two or more computers

Family Applications After (1)

Application Number Title Priority Date Filing Date
PCT/EP2008/000417 Ceased WO2009021567A1 (en) 2007-08-13 2008-01-21 Method and apparatus for a safe communication between two or more computers

Country Status (1)

Country Link
WO (2) WO2009021532A1 (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2004088943A2 (en) * 2003-03-26 2004-10-14 America Online, Inc. Identifying and using indentities of communication partners deemed to be known to a user
WO2005096584A1 (en) * 2004-03-30 2005-10-13 Imencro Software Sa A filter and a method of filtering electronic messages
WO2005096572A1 (en) * 2004-03-26 2005-10-13 Hisham Arnold El-Emam Method for monitoring the transmission of electronic messages
WO2006129962A1 (en) * 2005-05-31 2006-12-07 Nurivision Co., Ltd. System for blocking spam mail and method of the same

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2004088943A2 (en) * 2003-03-26 2004-10-14 America Online, Inc. Identifying and using indentities of communication partners deemed to be known to a user
WO2005096572A1 (en) * 2004-03-26 2005-10-13 Hisham Arnold El-Emam Method for monitoring the transmission of electronic messages
WO2005096584A1 (en) * 2004-03-30 2005-10-13 Imencro Software Sa A filter and a method of filtering electronic messages
WO2006129962A1 (en) * 2005-05-31 2006-12-07 Nurivision Co., Ltd. System for blocking spam mail and method of the same

Also Published As

Publication number Publication date
WO2009021567A1 (en) 2009-02-19

Similar Documents

Publication Publication Date Title
US8285804B2 (en) Declassifying of suspicious messages
US8751808B2 (en) Method and system for sharing trusted contact information
JP4976678B2 (en) Validating inbound messages
US8112483B1 (en) Enhanced challenge-response
CN100476852C (en) A Method of Anti-Spam E-mail
US20030212791A1 (en) Method and system for authorising electronic mail
US20080313704A1 (en) Electronic Message Authentication
AU2009299539B2 (en) Electronic communication control
US20100287244A1 (en) Data communication using disposable contact information
JP2007528686A (en) Spam blocking system and method
KR102176564B1 (en) Managing method for impersonation, forgery and alteration mail and system
US7627635B1 (en) Managing self-addressed electronic messages
Moore Recommendations for automatic responses to electronic mail
WO2009021532A1 (en) Method and apparatus for a safe communication between two or more computers
CN110324231A (en) The non-based reminding method for knowing well Email
GB2474661A (en) Electronic mail system and method
JP2004523012A (en) A system to filter out unauthorized email
Jamnekar et al. Review on effective email classification for spam and non spam detection on various machine learning techniques
US10374997B2 (en) System and method for spam prevention with generalized email address
KR20080093084A (en) Spam blocking system
Valeeva SPAM AND ANTI-SPAM METHODS
WO2013097329A1 (en) Mail filtering information saving method, mail server and e-mail system
US20070180034A1 (en) Method and system for filtering communication
Luo et al. Using E-mail Authentication and Disposable E-mail Addressing for Filtering Spam
Kaur et al. A Hybrid approach for enhancing the capability of Spam Filter

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 07801634

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 07801634

Country of ref document: EP

Kind code of ref document: A1