Abstract: A door-in-door refrigerator includes a door having an inner door and an outer door. When the inner and outer doors are in open positions, food items stored in a main refrigerated compartment are accessible. When the inner and outer doors are in closed positions, the door seals the refrigerated compartment, and food items stored in the main refrigerated compartment are not accessible. When the inner door is in a closed position and the outer door is in an open position, food items stored in a storage structure coupled to the door are accessible. A latch includes a trigger that moves in a direction substantially parallel to a handle. Movement of the trigger shifts the latch between a latched position, in which pulling on the handle causes the inner and outer doors to open, and an unlatched position, in which pulling on the handle causes the outer door to open while the inner door remains closed.

Abstract: A door-in-door refrigerator includes a door having an inner door and an outer door. When the inner and outer doors are in open positions, food items stored in a main refrigerated compartment are accessible. When the inner and outer doors are in closed positions, the door seals the refrigerated compartment, and food items stored in the main refrigerated compartment are not accessible. When the inner door is in a closed position and the outer door is in an open position, food items stored in a storage structure coupled to the door are accessible. A latch includes a trigger that moves in a direction substantially parallel to a handle. Movement of the trigger shifts the latch between a latched position, in which pulling on the handle causes the inner and outer doors to open, and an unlatched position, in which pulling on the handle causes the outer door to open while the inner door remains closed.

Abstract: Systems and methods are provided that enable probabilistic application of data traffic scanning in an effort to catch malicious software or code being carried by the data traffic. The methodology and systems operate by monitoring data traffic in an data network via an interface with the data network, calculating a first conditional probability that content in first given data traffic being monitored is malicious, calculating a second conditional probability that content in second given data traffic being monitored is malicious, ranking the first and second conditional probabilities resulting in ranked conditional probabilities, and performing at least one of anti-virus (AV) or anti-malware (AM) scanning of the content of the first or second given data traffic depending on whose conditional probability is ranked higher in the ranked conditional probabilities.

Abstract: A computer system can evaluate electronic messages based on probabilistic analysis, including Bayesian analysis. In one embodiment, a data processing system comprises logic configured for perform training a probabilistic filter using first properties of one or more first network resource identifiers obtained from a whitelist; training the probabilistic filter using second properties of one or more second network resource identifiers obtained from a blocklist; testing third properties of a third network resource identifier using the probabilistic filter, resulting in creating a probability output; and adding the third network resource identifier to the blocklist when the probability output is greater than a specified threshold. The blocklist can be communicated to messaging gateways in the field for local use in evaluating messages that contain spam or other threats.

Abstract: A method of validating queries for reputation scores of message senders comprises receiving, from a first host computer, a DNS format query to obtain a reputation score associated with a second host computer, wherein the query includes an authentication code; validating the authentication code; and only when validating the authentication code is successful, performing a DNS lookup in a reputation database and returning a DNS response that provides the reputation score associated with the second host computer.

Abstract: A method and apparatus for managing connections and messages at a server by associating different actions for both different senders and different recipients is disclosed. The server manages connections from different senders by receiving incoming connections from the different senders and determining sender identifiers for the incoming connections. The server inspects a mapping of sender identifiers to actions to identify which action should be applied to each incoming connection. The server applies the actions, such as accepting the connection, rejecting the connection, relaying the connection, or refusing the connection. Also, the server manages electronic messages for different recipients by determining recipient identifiers for the electronic messages. The server inspects a mapping of recipient identifiers to actions to identify which action should be applied for the recipients of the email messages.

Abstract: Early detection of computer viruses and other message-borne threats is provided by applying heuristic tests to message content and examining sender reputation information when no virus signature information is available. As a result, a messaging gateway can suspend delivery of messages early in a virus outbreak, providing sufficient time for updating an anti-virus checker that can strip virus code from the messages. A dynamic and flexible threat quarantine queue is provided with a variety of exit criteria and exit actions that permits early release of messages in other than first in, first-out order. A message scanning method is described in which early exit from parsing and scanning can occur by matching threat rules only to selected message elements and stopping rule matching as soon as a match on one message element exceeds a threat threshold.

Abstract: A method and apparatus for managing connections, email messages, and directory harvest attacks at a server is disclosed. The server maintains a count of a parameter and compares the count to a specified maximum value, such that when the specified maximum value is met or exceeded, an action is taken by the server to limit the connections, email messages, or directory harvest attack. Actions include controlling the number of connections to the server from senders, controlling the flow of email messages injected to the server by senders, and controlling when rejection response messages are sent for invalid recipient email addresses to thwart a directory harvest attack. Senders are identified by one or more sender identifiers, which can be used to group senders together so that the same maximum value is applied collectively to all senders in the group.

Abstract: In one embodiment, detecting unwanted electronic mail messages based on probabilistic analysis of referenced resources comprises receiving a whitelist and a blocklist each having a plurality of network resource identifiers that have appeared in prior messages; retrieving a particular network resource identifier; generating a list of properties for the particular network resource identifier; training a probabilistic filter using the properties; and repeating the retrieving, generating and training for all the network resource identifiers in the whitelist and blocklist. Thereafter, when an electronic mail message is received and contains a URL or other network resource identifier, a spam score or threat score can be generated for the message by testing properties of the network resource identifier using the trained probabilistic filter.

Abstract: Techniques are provided for determining a reputation of a message sender by obtaining two or more lists from two or more list providers; determining which lists of the two or more lists indicate the message sender; and determining a reputation score for the message sender based on which lists of the two or more lists indicate the message sender. Techniques are also provided for indicating that a message is unsolicited based on a reputation score.

Abstract: Early detection of computer viruses is provided by collecting information about suspicious messages and generating virus outbreak information. In one embodiment, a method comprises receiving the virus outbreak information that has been determined by receiving message information for messages that have characteristics associated with computer viruses, wherein the messages were determined by a virus-check component as not comprising a virus, and mapping the message information received in a specified time period to the virus outbreak information; and when the virus outbreak information indicates initiation of a virus attack, performing a message flow control action for additional messages that have the same characteristics associated with computer viruses as the first messages. As a result, a messaging gateway can suspend delivery of messages early in a virus outbreak, providing sufficient time for updating an anti-virus checker that can strip virus code from the messages.

Abstract: Controlling a message quarantine is disclosed. A message scanning method is described in which early exit from parsing and scanning can occur by matching threat rules only to selected message elements and stopping rule matching as soon as a match on one message element exceeds a threat threshold.

Abstract: In one embodiment, a method comprises computer-implemented steps of receiving a plurality of electronic mail messages containing sender address information that is non-trusted. For each electronic mail message, information about the message is stored, and one or more receiving node identifiers in association with respective connected node identifiers is created, wherein the receiving node identifier identifies receiving mail server that received the particular message and the connected node identifier identifies a connected mail server that directly connected to the receiving node identifier to send the particular message directly to the receiving mail server. For each electronic mail message a receiving node identifier that has a largest number of connected node identifiers associated therewith is selected, and a connected node identifier that is associated with the one particular receiving node identifier that sent the particular message to the associated receiving node is selected and stored.

Abstract: Described is an insulated non-halogenated, heavy metal free vehicular cable comprising an inner core of a copper based metal wire having a cross sectional area of at least about 0.1 mm2, and an outer insulation, covering the length of the inner core, comprised of a thermoplastic polyphenylene ether composition that has no halogen or heavy metal added thereto, the insulated cable capable of meeting the testing standard ISO 6722.

Abstract: Determining whether to quarantine a message is disclosed. A dynamic and flexible threat quarantine queue is provided with a variety of exit criteria and exit actions that permits early release of messages in other than first in, first-out order.

Abstract: Controlling a message quarantine is disclosed. A message scanning method is described in which early exit from parsing and scanning can occur by matching threat rules only to selected message elements and stopping rule matching as soon as a match on one message element exceeds a threat threshold.

Abstract: Early detection of computer viruses and other message-borne threats is provided by applying heuristic tests to message content and examining sender reputation information when no virus signature information is available. As a result, a messaging gateway can suspend delivery of messages early in a virus outbreak, providing sufficient time for updating an anti-virus checker that can strip virus code from the messages. A dynamic and flexible threat quarantine queue is provided with a variety of exit criteria and exit actions that permits early release of messages in other than first in, first-out order. A message scanning method is described in which early exit from parsing and scanning can occur by matching threat rules only to selected message elements and stopping rule matching as soon as a match on one message element exceeds a threat threshold.

Abstract: In one embodiment, detecting unwanted electronic mail messages based on probabilistic analysis of referenced resources comprises receiving a whitelist and a blocklist each having a plurality of network resource identifiers that have appeared in prior messages; retrieving a particular network resource identifier; generating a list of properties for the particular network resource identifier; training a probabilistic filter using the properties; and repeating the retrieving, generating and training for all the network resource identifiers in the whitelist and blocklist. Thereafter, when an electronic mail message is received and contains a URL or other network resource identifier, a spam score or threat score can be generated for the message by testing properties of the network resource identifier using the trained probabilistic filter.

Abstract: In one embodiment, a method comprises computer-implemented steps of receiving a plurality of electronic mail messages containing sender address information that is non-trusted; for each particular one of the electronic mail messages: storing information about the particular message in a database record; creating one or more receiving node identifiers in association with respective connected node identifiers, wherein the receiving node identifiers identify mail servers that received the particular message and the connected node identifiers identify mail servers that connected to the receiving node identifiers to send the particular message; selecting one particular receiving node identifier that has a largest number of connected node identifiers associated therewith; selecting one particular connected node identifier that is associated with the one particular receiving node identifier that sent the particular message to the associated receiving node; storing in a sender field that identifies a sender of the pa

Abstract: A method of validating queries for reputation scores of message senders comprises receiving, from a first host computer, a DNS format query to obtain a reputation score associated with a second host computer, wherein the query includes an authentication code; validating the authentication code; and only when validating the authentication code is successful, performing a DNS lookup in a reputation database and returning a DNS response that provides the reputation score associated with the second host computer.