Login to Client Services Center Geobytes Home Page  

Looking for FREE
geographic page
re-directs - 
click here

 


See me in
the demo
(Click Here)

 


Get yourself
a $49
developers
license
(Click Here)

Dramatically reduces false positives

CaseKeys use the CAsE of the LeTTerS that make up an email address to embed a unique key into every instance of that email address, whether it is obtained from a web site, a newsgroup posting, or the reply address of an outgoing email. Messages that contain a valid key are guaranteed entry to a uses inbox. A typical CaseKey might look like this: aDrIaN@geobYtes.Com

CaseKeys work with existing anti-spam technologies to improve their false positive rate.

See the CaseKey Technology Flash Animation!

The problem

The problem with today's anti-Spam technology is not that it doesn't stop Spam, it is that it blocks legitimate messages as well. Even one false positive shakes a users confidence, resulting in lost productivity as the user frequently scours their junk folder for that elusive false positive.  

What the user needs is confidence building technologies that can assure them that a reply to "that proposal that they sent" will definitely not end up in their junk folder, even if the sender replies from a different email address, via a mail server that has been added to a RBL (Real-time Black List), or uses words such as Viagra or Nigeria in their message.

False positives may also pose a legal risk for the provides of anti-spam solutions.  According to San Francisco-based Ferris Research Inc.- blocked legitimate email, or false positives, are costing U.S. businesses roughly $3.5 billion per year. 

The Solution

What we discovered, was that we could use the "Case" of the characters that make up a typical email address to produce approximately 270,000 unique instances of that address, which could later be used to identify the sender.  

"Unfortunately an email address is a little like a secret - the moment that you tell it to someone you lose control of it."

CaseKeys provide a way of controlling the secret - a way to change the key as it were - should the secret fall into the wrong hands.  As each recipient of a CaseKey receives their own unique CaseKey, control is retained by expiring any compromised CaseKey - without the need and inconvenience of changing the protected email address. Additionally, publicly visible CaseKeys – such as those issued from a web site can be periodically and automatically expired before Spammers have the opportunity to use them.

The Technology

The CaseKeys solution is concerned with a method for augmenting an email address’s binary representation in such a way that allows embedded key information to be carried within the email address transparently though the Internet’s existing (unmodified) email system.  The embedded key information is then used as the basis for a permission based email system – guaranteeing the passage of messages that contain a valid “case key”.

A “Case Key” is a randomly cased email address. It is constructed by randomly setting the case of each character of a given email address.  In understanding Case Keys, it is convenient to think of each character in an email address as a binary bit.  Each character can be either upper or lower case, with uppercase characters representing a binary 1 and lowercase characters representing binary 0. Accordingly the number of combinations of upper and lower case characters that can be used to represent a given email address can be calculated as follows:

Case Key Combinations = 2(n)
Where n is the number of alpha characters in the email address

It follows that CaseKeys can be thought of as the merging of an email address and a binary number containing an equal number of bits as the email address has characters. 

The average email address (of 18 characters in length - for example example@geobytes.com) can be used to generate in excess of 260,000 unique "case keys".  That is enough keys for the average person to be able to issue 70 unique case-keyed instances of their email address, per day for the next 10 years.

In reality, the average person would be unlikely to issue even a single key per day as a new key is only required in the case where the recipient has not been previously issued a key, or the previous key as fallen in to the wrong hands.

Problems with legacy approaches

Challenge Response Systems

You can’t subscribe to e-zines

One of the disadvantages of using a traditional challenge response system (or sender verification system) is when the user wants to subscribe to an e-zine.  It is common for e-zine providers to use automated subscription processes which are not capable of responding to the sender verification system's request for verification, making it necessary for the user to manually white list the e-zine provider. Further, in many cases white listing the e-zine provider’s email address is not possible as many e-zine providers frequently change the "From address" that the sender verification system uses to verify the sender.

Everyone knows that you are using a Challenge Response System and are inconvenienced by it

Another inhibitor to widespread acceptance is the need for the sender to verify (that they are human), and the reluctance of users to impose this burden on to the legitimate users that send them email. (Take a business like Geobytes for example - We don't really want everyone that sends us a legitimate email to have to go through the "hoops" of verifying themselves.)

Spammers exploit loop holes, so Spam still gets through

Then there is the loop holes that are inherent in these systems that spammer's are now starting to exploit - such as spoofing of the sender address to make the email appear as though it has come from an "already verified address".

Spam Filtering Systems

Some of your legitimate messages will be incorrectly filtered out as Spam - particularly e-zines. 

Because you can be sure that some legitimate messages are being incorrectly filtered out as Spam, you need to review all of the blocked messages to retrieve those that have been incorrectly blocked. Unfortunately, this reviewing process exposes you to all of the Spam, which was the very thing that you were trying to avoid by utilizing the filter in the first place.

The filtering process makes certain assumptions about a message’s content and censors your messages. 

As mentioned in the above paragraph, the message profiling and filtering technology is far from perfect, and specifically tends to block messages that contain certain words that may be associated with pornography and certain pharmaceutical products. This feature inadvertently imposes a form of censorship on the users of such systems – blocking them from participating in email discussions on selected subjects.

A significant amount (10-25%) of the Spam will still get through.

Filtering systems try to walk a fine line between incorrectly blocking legitimate messages and failing to block unsolicited, unwanted messages.   Most filtering systems allow the user to tweak the filter to error on one side or the other, but at the end of the day some messages will be incorrectly handled.

It is an object of CaseKeys technology to provide a method for augmenting an email address’s binary representation in such a way that permission to use that address can be embedded within an instance of the email address, thereby facilitating permission based email.
Modified:08/29/06   
© 2000 - 2003   
geobytes, inc.  
ARBN 091 652 961
Geobytes - because everybody's somewhere!
Contact Geobytes via our support forums
Privacy Policy