Trusted communication network

摘要

A system includes a processing node configured to send authorized inbound messages to registered enterprise networks. An authorized message is a message that includes trusted source indicia. Trusted source indicia indicates that the message was sent by one or more of the processing node or an authenticated message transfer node associated with one of the registered enterprise networks. The system may further include an administration node configured to maintain registration of a plurality of message transfer nodes associated with the enterprise networks. A method includes receiving outbound messages from an authenticated message transfer node of an enterprise network, screening the messages for threats to determine whether to send the messages to associated recipients, applying a first message identifier to each message, wherein the first message identifier can be used to track the message and, for each message, sending the message to the associated recipient if no threats are detected in the message.

主权项

1. An apparatus for limiting bounce attacks, comprising:
a processing node provided on a computer system having a processor and a computer-readable memory that: receives an outbound message; filters said outbound message for threats to determine whether to send said outbound message to at least one message recipient of said outbound message; in response to determining said outbound message is trusted: applies a trusted message identifier to said outbound message that identifies said outbound message as a trusted message prescreened for a security threat and having been originated from an authenticated private network member; inserts a message tracking identifier (ID), a bounce tracking message ID, and a sender authentication tracking message ID into the outbound message, wherein the message tracking ID is generated using a hash of portions of the outbound message; stores at least the bounce tracking message ID among one or more bounce tracking message IDs at the processing node; and sends the outbound message to the at least one message recipient of said outbound message; distinguishes whether a bounce back message is authorized and corresponds to one of the outbound messages sent by the processing node by determining whether bounce tracking message ID in the bounce back message corresponds to one of the bounce tracking message IDs stored at the processing node, wherein the bounce back message is a non-delivery report; and generates a reputation metric associated with each member network of a plurality of registered member networks, wherein said reputation metric is based at least in part on threats detected in messages sent from said plurality of member networks.