Patents by Inventor Richard Duncan
Richard Duncan has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20240098117Abstract: A platform may receive configuration information of individual user authorizations for outbound messaging through specification of one or more authorized vendors. The platform maintains a list of the vendors and, for each vendor, a DKIM public key associated with the vendor, without publishing the public keys to a DNS, and publishes a customized SPF policy comprising a macro mechanism for identifying a particular user that transmitted a message to the DNS. The platform logs received SPF customized queries, extracts data populated by the macro mechanism from the logged queries, and analyzes the extracted data to determine a particular user associated with the query, to determine whether the user is authorized to utilize a vendor associated with the domain based on the configuration information. Responsive to the determination that the individual is authorized to utilize the vendor, the platform publishes the DKIM public key associated with the vendor to the DNS.Type: ApplicationFiled: October 31, 2023Publication date: March 21, 2024Inventors: Keith Wayne Coleman, Richard Duncan
-
Publication number: 20240073296Abstract: Sender Policy Framework (SPF) is one of the most widely used methods of distinguishing electronic mail that is authorized by the purported sending domain from unauthorized mail. SPF policies are published into a domain's DNS and then looked up and evaluated by mail receivers. Due to the complexity and limitations of the SPF specification, implementation mistakes are widespread. This problem is compounded by the common practice of nesting SPF policies which introduces hidden risks, particularly exceeding DNS lookup limits. To address these issues, inline service provider designation may be configured to capture the benefits of existing techniques without their associated costs. Additionally, the domain owner may enjoy simplified SPF service provider onboarding and policy failover redundancy to protect against SPF service provider disruptions, thus improving policy availability uptime.Type: ApplicationFiled: July 31, 2023Publication date: February 29, 2024Inventors: Keith Wayne Coleman, Richard Duncan
-
Publication number: 20240015124Abstract: Sender Policy Framework (SPF) is a widely used method of distinguishing authorized email from unauthorized email. SPF policies are published into a domain's DNS and then looked up and evaluated by mail receivers. Due to the complexity and limitations of the SPF specification, implementation mistakes and risks are widespread. This problem is compounded by the common practice of nesting SPF policies which introduces hidden risks, particularly exceeding DNS lookup limits. Embodiments of the present disclosure enable new SPF techniques such as selectively inactivating parts of a policy by introducing a virtual-all term, designed to secure against the third-party term inclusions in the policy. When the primary policy is online, the virtual-all term may serve as a terminate policy evaluation much like a traditional “all” term. If the primary policy is offline, a “fail open” may be produced, allowing policy evaluation to proceed into previously inactivated segment of the policy.Type: ApplicationFiled: July 18, 2023Publication date: January 11, 2024Inventors: Keith Wayne Coleman, Richard Duncan
-
Patent number: 11805151Abstract: Embodiments of the present disclosure provide a first set of methods, computer-readable media, and system configured for: receiving a configuration for a domain name system (DNS) to log all queries; publishing a customized sender policy framework (SPF) policy to the DNS, the customized SPF policy comprising a macro-endowed mechanism; logging a plurality of received SPF customized queries; accessing a log comprising the plurality of received SPF customized queries; extracting data from each of the received SPF customized queries, the data being populated by the macro mechanism associated with the SPF customized query; populating a datastore with extracted data comprising at least one of the following: a username, a IP address, and a domain, as extracted from each received SPF customized query; and providing, based on the extracted data, an indication of outbound emails sent from the domain. In various embodiments, email authorizations and restrictions may be based thereon.Type: GrantFiled: August 28, 2020Date of Patent: October 31, 2023Assignee: Fraudmarc Inc.Inventors: Keith Wayne Coleman, Richard Duncan
-
Patent number: 11716403Abstract: Sender Policy Framework (SPF) is one of the most widely used methods of distinguishing electronic mail that is authorized by the purported sending domain from unauthorized mail. SPF policies are published into a domain's DNS and then looked up and evaluated by mail receivers. Due to the complexity and limitations of the SPF specification, implementation mistakes are widespread. This problem is compounded by the common practice of nesting SPF policies which introduces hidden risks, particularly exceeding DNS lookup limits. To address these issues, inline service provider designation may be configured to capture the benefits of existing techniques without their associated costs. Additionally, the domain owner may enjoy simplified SPF service provider onboarding and policy failover redundancy to protect against SPF service provider disruptions, thus improving policy availability uptime.Type: GrantFiled: May 30, 2022Date of Patent: August 1, 2023Assignee: Fraudmarc Inc.Inventors: Keith Wayne Coleman, Richard Duncan
-
Patent number: 11706178Abstract: Sender Policy Framework (SPF) is a widely used method of distinguishing authorized email from unauthorized email. SPF policies are published into a domain's DNS and then looked up and evaluated by mail receivers. Due to the complexity and limitations of the SPF specification, implementation mistakes and risks are widespread. This problem is compounded by the common practice of nesting SPF policies which introduces hidden risks, particularly exceeding DNS lookup limits. Embodiments of the present disclosure enable new SPF techniques such as selectively inactivating parts of a policy by introducing a virtual-all term, designed to secure against the third-party term inclusions in the policy. When the primary policy is online, the virtual-all term may serve as a terminate policy evaluation much like a traditional “all” term. If the primary policy is offline, a “fail open” may be produced, allowing policy evaluation to proceed into previously inactivated segment of the policy.Type: GrantFiled: October 3, 2022Date of Patent: July 18, 2023Assignee: Fraudmarc Inc.Inventors: Keith Wayne Coleman, Richard Duncan
-
Publication number: 20230179428Abstract: A method consistent with embodiments of the present disclosure may begin with retrieving a message to be electronically transmitted. The method may proceed with digitally securing the message by generating a first digital signature for the message. The first digital signature may be added to a list of digital signatures for inclusion in the message. A list of allowed anticipated changes may be retrieved. In accordance to embodiments disclosed herein, the message may be pre-signed for the allowed anticipated changes. Pre-signing the message may comprise editing the message with each allowed anticipated change, generating a subsequent digital signature for the message edited with the allowed anticipated change, and adding the subsequent digital signature to the list of digital signatures for inclusion in the electronic message. This process may be repeated for each allowed anticipated change in the allowed anticipated changes.Type: ApplicationFiled: January 17, 2023Publication date: June 8, 2023Inventors: Richard Duncan, Keith Wayne Coleman
-
Publication number: 20230121553Abstract: Sender Policy Framework (SPF) is a widely used method of distinguishing authorized email from unauthorized email. SPF policies are published into a domain's DNS and then looked up and evaluated by mail receivers. Due to the complexity and limitations of the SPF specification, implementation mistakes and risks are widespread. Embodiments of the present disclosure enable new SPF techniques such as creating a top layer SPF policy for dividing addresses into categories, and multiple second layer SPF policies for identifying IP addresses corresponding to each category. One of the second layer policies is selected as a default policy, such that any IP address that does not correspond to any other of the second layer SPF policies will match the default policy.Type: ApplicationFiled: October 14, 2022Publication date: April 20, 2023Inventors: Keith Wayne Coleman, Richard Duncan
-
Publication number: 20230026045Abstract: Sender Policy Framework (SPF) is a widely used method of distinguishing authorized email from unauthorized email. SPF policies are published into a domain's DNS and then looked up and evaluated by mail receivers. Due to the complexity and limitations of the SPF specification, implementation mistakes and risks are widespread. This problem is compounded by the common practice of nesting SPF policies which introduces hidden risks, particularly exceeding DNS lookup limits. Embodiments of the present disclosure enable new SPF techniques such as selectively inactivating parts of a policy by introducing a virtual-all term, designed to secure against the third-party term inclusions in the policy. When the primary policy is online, the virtual-all term may serve as a terminate policy evaluation much like a traditional “all” term. If the primary policy is offline, a “fail open” may be produced, allowing policy evaluation to proceed into previously inactivated segment of the policy.Type: ApplicationFiled: October 3, 2022Publication date: January 26, 2023Inventors: Keith Wayne Coleman, Richard Duncan
-
Patent number: 11558200Abstract: A method consistent with embodiments of the present disclosure may begin with retrieving a message to be electronically transmitted. The method may proceed with digitally securing the message by generating a first digital signature for the message. The first digital signature may be added to a list of digital signatures for inclusion in the message. A list of allowed anticipated changes may be retrieved. In accordance to embodiments disclosed herein, the message may be pre-signed for the allowed anticipated changes. Pre-signing the message may comprise editing the message with each allowed anticipated change, generating a subsequent digital signature for the message edited with the allowed anticipated change, and adding the subsequent digital signature to the list of digital signatures for inclusion in the electronic message. This process may be repeated for each allowed anticipated change in the allowed anticipated changes.Type: GrantFiled: January 25, 2021Date of Patent: January 17, 2023Assignee: Fraudmarc Inc.Inventors: Richard Duncan, Keith Wayne Coleman
-
Patent number: 11463392Abstract: Sender Policy Framework (SPF) is a widely used method of distinguishing authorized email from unauthorized email. SPF policies are published into a domain's DNS and then looked up and evaluated by mail receivers. Due to the complexity and limitations of the SPF specification, implementation mistakes and risks are widespread. This problem is compounded by the common practice of nesting SPF policies which introduces hidden risks, particularly exceeding DNS lookup limits. Embodiments of the present disclosure enable new SPF techniques such as selectively inactivating parts of a policy by introducing a virtual-all term, designed to secure against the third-party term inclusions in the policy. When the primary policy is online, the virtual-all term may serve as a terminate policy evaluation much like a traditional “all” term. If the primary policy is offline, a “fail open” may be produced, allowing policy evaluation to proceed into previously inactivated segment of the policy.Type: GrantFiled: October 18, 2021Date of Patent: October 4, 2022Assignee: Fraudmarc Inc.Inventors: Keith Wayne Coleman, Richard Duncan
-
Publication number: 20220294873Abstract: Sender Policy Framework (SPF) is one of the most widely used methods of distinguishing electronic mail that is authorized by the purported sending domain from unauthorized mail. SPF policies are published into a domain's DNS and then looked up and evaluated by mail receivers. Due to the complexity and limitations of the SPF specification, implementation mistakes are widespread. This problem is compounded by the common practice of nesting SPF policies which introduces hidden risks, particularly exceeding DNS lookup limits. To address these issues, inline service provider designation may be configured to capture the benefits of existing techniques without their associated costs. Additionally, the domain owner may enjoy simplified SPF service provider onboarding and policy failover redundancy to protect against SPF service provider disruptions, thus improving policy availability uptime.Type: ApplicationFiled: May 30, 2022Publication date: September 15, 2022Inventors: Keith Wayne Coleman, Richard Duncan
-
Patent number: 11349945Abstract: Sender Policy Framework (SPF) is one of the most widely used methods of distinguishing electronic mail that is authorized by the purported sending domain from unauthorized mail. SPF policies are published into a domain's DNS and then looked up and evaluated by mail receivers. Due to the complexity and limitations of the SPF specification, implementation mistakes are widespread. This problem is compounded by the common practice of nesting SPF policies which introduces hidden risks, particularly exceeding DNS lookup limits. To address these issues, inline service provider designation may be configured to capture the benefits of existing techniques without their associated costs. Additionally, the domain owner may enjoy simplified SPF service provider onboarding and policy failover redundancy to protect against SPF service provider disruptions, thus improving policy availability uptime.Type: GrantFiled: October 18, 2021Date of Patent: May 31, 2022Assignee: Fraudmarc Inc.Inventors: Keith Wayne Coleman, Richard Duncan
-
Publication number: 20220124165Abstract: Sender Policy Framework (SPF) is one of the most widely used methods of distinguishing electronic mail that is authorized by the purported sending domain from unauthorized mail. SPF policies are published into a domain's DNS and then looked up and evaluated by mail receivers. Due to the complexity and limitations of the SPF specification, implementation mistakes are widespread. This problem is compounded by the common practice of nesting SPF policies which introduces hidden risks, particularly exceeding DNS lookup limits. To address these issues, inline service provider designation may be configured to capture the benefits of existing techniques without their associated costs. Additionally, the domain owner may enjoy simplified SPF service provider onboarding and policy failover redundancy to protect against SPF service provider disruptions, thus improving policy availability uptime.Type: ApplicationFiled: October 18, 2021Publication date: April 21, 2022Inventors: Keith Wayne Coleman, Richard Duncan
-
Publication number: 20220124059Abstract: Sender Policy Framework (SPF) is a widely used method of distinguishing authorized email from unauthorized email. SPF policies are published into a domain's DNS and then looked up and evaluated by mail receivers. Due to the complexity and limitations of the SPF specification, implementation mistakes and risks are widespread. This problem is compounded by the common practice of nesting SPF policies which introduces hidden risks, particularly exceeding DNS lookup limits. Embodiments of the present disclosure enable new SPF techniques such as selectively inactivating parts of a policy by introducing a virtual-all term, designed to secure against the third-party term inclusions in the policy. When the primary policy is online, the virtual-all term may serve as a terminate policy evaluation much like a traditional “all” term. If the primary policy is offline, a “fail open” may be produced, allowing policy evaluation to proceed into previously inactivated segment of the policy.Type: ApplicationFiled: October 18, 2021Publication date: April 21, 2022Inventors: Keith Wayne Coleman, Richard Duncan
-
Publication number: 20220014383Abstract: A method consistent with embodiments of the present disclosure may begin with retrieving a message to be electronically transmitted. The method may proceed with digitally securing the message by generating a first digital signature for the message. The first digital signature may be added to a list of digital signatures for inclusion in the message. A list of allowed anticipated changes may be retrieved. In accordance to embodiments disclosed herein, the message may be pre-signed for the allowed anticipated changes. Pre-signing the message may comprise editing the message with each allowed anticipated change, generating a subsequent digital signature for the message edited with the allowed anticipated change, and adding the subsequent digital signature to the list of digital signatures for inclusion in the electronic message. This process may be repeated for each allowed anticipated change in the allowed anticipated changes.Type: ApplicationFiled: January 25, 2021Publication date: January 13, 2022Inventors: Richard Duncan, Keith Wayne Coleman
-
Publication number: 20210344721Abstract: Embodiments of the present disclosure provide a first set of methods, computer-readable media, and system configured for: receiving a configuration for a domain name system (DNS) to log all queries; publishing a customized sender policy framework (SPF) policy to the DNS, the customized SPF policy comprising a macro-endowed mechanism; logging a plurality of received SPF customized queries; accessing a log comprising the plurality of received SPF customized queries; extracting data from each of the received SPF customized queries, the data being populated by the macro mechanism associated with the SPF customized query; populating a datastore with extracted data comprising at least one of the following: a username, a IP address, and a domain, as extracted from each received SPF customized query; and providing, based on the extracted data, an indication of outbound emails sent from the domain. In various embodiments, email authorizations and restrictions may be based thereon.Type: ApplicationFiled: July 12, 2021Publication date: November 4, 2021Inventors: Keith Wayne Coleman, Richard Duncan
-
Patent number: 11063986Abstract: Embodiments of the present disclosure provide a first set of methods, computer-readable media, and system configured for: receiving a configuration for a domain name system (DNS) to log all queries; publishing a customized sender policy framework (SPF) policy to the DNS, the customized SPF policy comprising a macro-endowed mechanism; logging a plurality of received SPF customized queries; accessing a log comprising the plurality of received SPF customized queries; extracting data from each of the received SPF customized queries, the data being populated by the macro mechanism associated with the SPF customized query; populating a datastore with extracted data comprising at least one of the following: a username, a IP address, and a domain, as extracted from each received SPF customized query; and providing, based on the extracted data, an indication of outbound emails sent from the domain. In various embodiments, email authorizations and restrictions may be based thereon.Type: GrantFiled: August 28, 2020Date of Patent: July 13, 2021Assignee: FRAUDMARC INC.Inventors: Keith Wayne Coleman, Richard Duncan
-
Publication number: 20210067517Abstract: Embodiments of the present disclosure provide a first set of methods, computer-readable media, and system configured for: receiving a configuration for a domain name system (DNS) to log all queries; publishing a customized sender policy framework (SPF) policy to the DNS, the customized SPF policy comprising a macro-endowed mechanism; logging a plurality of received SPF customized queries; accessing a log comprising the plurality of received SPF customized queries; extracting data from each of the received SPF customized queries, the data being populated by the macro mechanism associated with the SPF customized query; populating a datastore with extracted data comprising at least one of the following: a username, a IP address, and a domain, as extracted from each received SPF customized query; and providing, based on the extracted data, an indication of outbound emails sent from the domain. In various embodiments, email authorizations and restrictions may be based thereon.Type: ApplicationFiled: August 28, 2020Publication date: March 4, 2021Inventors: Keith Wayne Coleman, Richard Duncan
-
Publication number: 20210067559Abstract: Embodiments of the present disclosure provide a first set of methods, computer-readable media, and system configured for: receiving a configuration for a domain name system (DNS) to log all queries; publishing a customized sender policy framework (SPF) policy to the DNS, the customized SPF policy comprising a macro-endowed mechanism; logging a plurality of received SPF customized queries; accessing a log comprising the plurality of received SPF customized queries; extracting data from each of the received SPF customized queries, the data being populated by the macro mechanism associated with the SPF customized query; populating a datastore with extracted data comprising at least one of the following: a username, a IP address, and a domain, as extracted from each received SPF customized query; and providing, based on the extracted data, an indication of outbound emails sent from the domain. In various embodiments, email authorizations and restrictions may be based thereon.Type: ApplicationFiled: August 28, 2020Publication date: March 4, 2021Inventors: Keith Wayne Coleman, Richard Duncan