Abstract: An embodiment of a method handles bounced messages in a private network processing hub that is configured to handle messages submitted by a plurality of member networks that are registered with the private network processing hub, and wherein the private network processing hub and the plurality of member networks form a private networks. The method may include receiving a first message from a member network or from an unregistered network within the private network processing hub, and determining whether the first message is a bounced message generated in response to an original message sent by the private network processing hub by searching the first message for a tracking identifier that was generated by the private network processing hub and inserted into the original message. The determining operation may include searching for the tracking identifier among a plurality of stored tracking identifiers. A system is described that carries out the method.

Abstract: A system includes a processing node configured to send authorized inbound messages to registered enterprise networks. An authorized message is a message that includes trusted source indicia. Trusted source indicia indicates that the message was sent by one or more of the processing node or an authenticated message transfer node associated with one of the registered enterprise networks. The system may further include an administration node configured to maintain registration of a plurality of message transfer nodes associated with the enterprise networks. A method includes receiving outbound messages from an authenticated message transfer node of an enterprise network, screening the messages for threats to determine whether to send the messages to associated recipients, applying a first message identifier to each message, wherein the first message identifier can be used to track the message and, for each message, sending the message to the associated recipient if no threats are detected in the message.

Abstract: A method for identifying e-mail messages as being unwanted junk or spam. The method includes receiving an e-mail message and then identifying contact and link data, such as URL information, within the content of the received e-mail message. A blacklist including contact information and/or link information previously associated with spam is accessed, and the e-mail message is determined to be spam or to likely be spam based on the contents of the blacklist. The contact or link data from the received e-mail is compared to similar information in the blacklist to find a match, such as by comparing URL information from e-mail content with URLs found previously in spam. If a match is not identified, the URL information from the e-mail message is processed to classify the URL as spam or “bad.” The content indicated by the URL information is accessed and spam classifiers or statistical tools are applied.