Patents Assigned to Fraudmarc Inc.
-
Patent number: 11805151Abstract: Embodiments of the present disclosure provide a first set of methods, computer-readable media, and system configured for: receiving a configuration for a domain name system (DNS) to log all queries; publishing a customized sender policy framework (SPF) policy to the DNS, the customized SPF policy comprising a macro-endowed mechanism; logging a plurality of received SPF customized queries; accessing a log comprising the plurality of received SPF customized queries; extracting data from each of the received SPF customized queries, the data being populated by the macro mechanism associated with the SPF customized query; populating a datastore with extracted data comprising at least one of the following: a username, a IP address, and a domain, as extracted from each received SPF customized query; and providing, based on the extracted data, an indication of outbound emails sent from the domain. In various embodiments, email authorizations and restrictions may be based thereon.Type: GrantFiled: August 28, 2020Date of Patent: October 31, 2023Assignee: Fraudmarc Inc.Inventors: Keith Wayne Coleman, Richard Duncan
-
Patent number: 11716403Abstract: Sender Policy Framework (SPF) is one of the most widely used methods of distinguishing electronic mail that is authorized by the purported sending domain from unauthorized mail. SPF policies are published into a domain's DNS and then looked up and evaluated by mail receivers. Due to the complexity and limitations of the SPF specification, implementation mistakes are widespread. This problem is compounded by the common practice of nesting SPF policies which introduces hidden risks, particularly exceeding DNS lookup limits. To address these issues, inline service provider designation may be configured to capture the benefits of existing techniques without their associated costs. Additionally, the domain owner may enjoy simplified SPF service provider onboarding and policy failover redundancy to protect against SPF service provider disruptions, thus improving policy availability uptime.Type: GrantFiled: May 30, 2022Date of Patent: August 1, 2023Assignee: Fraudmarc Inc.Inventors: Keith Wayne Coleman, Richard Duncan
-
Patent number: 11706178Abstract: Sender Policy Framework (SPF) is a widely used method of distinguishing authorized email from unauthorized email. SPF policies are published into a domain's DNS and then looked up and evaluated by mail receivers. Due to the complexity and limitations of the SPF specification, implementation mistakes and risks are widespread. This problem is compounded by the common practice of nesting SPF policies which introduces hidden risks, particularly exceeding DNS lookup limits. Embodiments of the present disclosure enable new SPF techniques such as selectively inactivating parts of a policy by introducing a virtual-all term, designed to secure against the third-party term inclusions in the policy. When the primary policy is online, the virtual-all term may serve as a terminate policy evaluation much like a traditional “all” term. If the primary policy is offline, a “fail open” may be produced, allowing policy evaluation to proceed into previously inactivated segment of the policy.Type: GrantFiled: October 3, 2022Date of Patent: July 18, 2023Assignee: Fraudmarc Inc.Inventors: Keith Wayne Coleman, Richard Duncan
-
Patent number: 11558200Abstract: A method consistent with embodiments of the present disclosure may begin with retrieving a message to be electronically transmitted. The method may proceed with digitally securing the message by generating a first digital signature for the message. The first digital signature may be added to a list of digital signatures for inclusion in the message. A list of allowed anticipated changes may be retrieved. In accordance to embodiments disclosed herein, the message may be pre-signed for the allowed anticipated changes. Pre-signing the message may comprise editing the message with each allowed anticipated change, generating a subsequent digital signature for the message edited with the allowed anticipated change, and adding the subsequent digital signature to the list of digital signatures for inclusion in the electronic message. This process may be repeated for each allowed anticipated change in the allowed anticipated changes.Type: GrantFiled: January 25, 2021Date of Patent: January 17, 2023Assignee: Fraudmarc Inc.Inventors: Richard Duncan, Keith Wayne Coleman
-
Patent number: 11463392Abstract: Sender Policy Framework (SPF) is a widely used method of distinguishing authorized email from unauthorized email. SPF policies are published into a domain's DNS and then looked up and evaluated by mail receivers. Due to the complexity and limitations of the SPF specification, implementation mistakes and risks are widespread. This problem is compounded by the common practice of nesting SPF policies which introduces hidden risks, particularly exceeding DNS lookup limits. Embodiments of the present disclosure enable new SPF techniques such as selectively inactivating parts of a policy by introducing a virtual-all term, designed to secure against the third-party term inclusions in the policy. When the primary policy is online, the virtual-all term may serve as a terminate policy evaluation much like a traditional “all” term. If the primary policy is offline, a “fail open” may be produced, allowing policy evaluation to proceed into previously inactivated segment of the policy.Type: GrantFiled: October 18, 2021Date of Patent: October 4, 2022Assignee: Fraudmarc Inc.Inventors: Keith Wayne Coleman, Richard Duncan
-
Patent number: 11349945Abstract: Sender Policy Framework (SPF) is one of the most widely used methods of distinguishing electronic mail that is authorized by the purported sending domain from unauthorized mail. SPF policies are published into a domain's DNS and then looked up and evaluated by mail receivers. Due to the complexity and limitations of the SPF specification, implementation mistakes are widespread. This problem is compounded by the common practice of nesting SPF policies which introduces hidden risks, particularly exceeding DNS lookup limits. To address these issues, inline service provider designation may be configured to capture the benefits of existing techniques without their associated costs. Additionally, the domain owner may enjoy simplified SPF service provider onboarding and policy failover redundancy to protect against SPF service provider disruptions, thus improving policy availability uptime.Type: GrantFiled: October 18, 2021Date of Patent: May 31, 2022Assignee: Fraudmarc Inc.Inventors: Keith Wayne Coleman, Richard Duncan
-
Patent number: 11063986Abstract: Embodiments of the present disclosure provide a first set of methods, computer-readable media, and system configured for: receiving a configuration for a domain name system (DNS) to log all queries; publishing a customized sender policy framework (SPF) policy to the DNS, the customized SPF policy comprising a macro-endowed mechanism; logging a plurality of received SPF customized queries; accessing a log comprising the plurality of received SPF customized queries; extracting data from each of the received SPF customized queries, the data being populated by the macro mechanism associated with the SPF customized query; populating a datastore with extracted data comprising at least one of the following: a username, a IP address, and a domain, as extracted from each received SPF customized query; and providing, based on the extracted data, an indication of outbound emails sent from the domain. In various embodiments, email authorizations and restrictions may be based thereon.Type: GrantFiled: August 28, 2020Date of Patent: July 13, 2021Assignee: FRAUDMARC INC.Inventors: Keith Wayne Coleman, Richard Duncan
-
Patent number: 10904012Abstract: A method consistent with embodiments of the present disclosure may begin with retrieving a message to be electronically transmitted. The method may proceed with digitally securing the message by generating a first digital signature for the message. The first digital signature may be added to a list of digital signatures for inclusion in the message. A list of allowed anticipated changes may be retrieved. In accordance to embodiments disclosed herein, the message may be pre-signed for the allowed anticipated changes. Pre-signing the message may comprise editing the message with each allowed anticipated change, generating a subsequent digital signature for the message edited with the allowed anticipated change, and adding the subsequent digital signature to the list of digital signatures for inclusion in the electronic message. This process may be repeated for each allowed anticipated change in the allowed anticipated changes.Type: GrantFiled: July 12, 2020Date of Patent: January 26, 2021Assignee: Fraudmarc Inc.Inventors: Richard Duncan, Keith Wayne Coleman