Permission Keys in five easy steps Adrian McElligott

Slides:



Advertisements
Similar presentations
JavaScript and AJAX Jonathan Foss University of Warwick
Advertisements

Outlook 2010 Quick Guide Table of Contents: Overview of client, Sending/Receiving , Using the address book………..……… Sent Items……………………………………………………………………………………………..…..8.
6 C H A P T E R © 2001 The McGraw-Hill Companies, Inc. All Rights Reserved1 Electronic Mail Electronic mail has revolutionized the way people communicate.
1 Configuring Internet- related services (April 22, 2015) © Abdou Illia, Spring 2015.
© 2007 Convio, Inc. Implementation of Sender ID Bill Pease, Chief Scientist Convio.
16.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.
JavaScript Forms Form Validation Cookies CGI Programs.
Browser and Basics Tutorial 1. Learn about Web browser software and Web pages The Web is a collection of files that reside on computers, called.
Series DATA MANAGEMENT. 1 Why ? Alarm/Status Notification –Remote unattended sites »Pumping stations –Pharmaceutical/Plant maintenance.
Architecture of SMTP, POP, IMAP, MIME.
Pro Exchange SPAM Filter An Exchange 2000 based spam filtering solution.
23 October 2002Emmanuel Ormancey1 Spam Filtering at CERN Emmanuel Ormancey - 23 October 2002.
Mail Server Fitri Setyorini. Content SMTP POP3 How mail server works IMAP.
Microsoft Office Word 2013 Expert Microsoft Office Word 2013 Expert Courseware # 3251 Lesson 4: Working with Forms.
» Explain the way that electronic mail ( ) works » Configure an client » Identify message components » Create and send messages.
1. 2 LXU800 User’s Manual 1.Installation – Windows XP UI Features Introduction Data Connection & Disconnection.
What’s New in WatchGuard XCS v9.1 Update 2. WatchGuard XCS v9.1 Update 2  Introduce New Features WatchGuard XCS Outlook Add-in Secur Encryption.
Web forms in PHP Forms Recap  Way of allowing user interaction  Allows users to input data that can then be processed by a program / stored in a back-end.
Department of Information Technology e-Michigan Web Development 0 HTML Form Creation in the Vignette Content Management Application.
Electronic Mail Security
SMTP, POP3, IMAP.
1 Application Layer Lecture 5 Imran Ahmed University of Management & Technology.
Outlook 2000 Summertime Technology 2002 Vicki Blackwell Tangipahoa Parish Schools.
IT 424 Networks2 IT 424 Networks2 Ack.: Slides are adapted from the slides of the book: “Computer Networking” – J. Kurose, K. Ross Chapter 2: Application.
Module 8: Managing Client Configuration and Connectivity.
Overview of Previous Lesson(s) Over View  ASP.NET Pages  Modular in nature and divided into the core sections  Page directives  Code Section  Page.
G.T.R. Data Inc. Welcome to our EDI Overview. G.T.R. Data Inc. EDI Demonstration This demonstration will take you on a guided tour of our software. After.
FTP (File Transfer Protocol) & Telnet
ASP.NET 2.0 Chapter 5 Advanced Web Controls. ASP.NET 2.0, Third Edition2 Objectives.
XP New Perspectives on Browser and Basics Tutorial 1 1 Browser and Basics Tutorial 1.
Microsoft Internet Information Services 5.0 (IIS) By: Edik Magardomyan Fozi Abdurhman Bassem Albaiady Vince Serobyan.
Robinson_CIS_285_2005 HTML FORMS CIS 285 Winter_2005 Instructor: Mary Robinson.
Configuring and Troubleshooting Identity and Access Solutions with Windows Server® 2008 Active Directory®
Key Management with the Voltage Data Protection Server Luther Martin IEEE P May 7, 2007.
Encryption Cisco Ironport using Click here to begin Press the ‘F5’ Key to Begin.
Module 9 Configuring Messaging Policy and Compliance.
The Internet 8th Edition Tutorial 2 Basic Communication on the Internet: .
Electronic Mail. Client Software and Mail Hosts –Client PC has client software that communicates with user’s mail host –Mail hosts deliver.
Permission Keys Adrian E. McElligott. What have you lost today? What has your Spam filter.
Unit 2—Using the Computer Lesson 14 and Electronic Communication.
© 2006 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice HP Library Encryption - LTO4 Key.
Training Guide for Inzalo SOP Users. This guide has been prepared to demonstrate the use of the Inzalo Intranet based SOP applications. The scope of this.
1 Chapter 9 – Cookies, Sessions, FTP, and More spring into PHP 5 by Steven Holzner Slides were developed by Jack Davis College of Information Science.
1 SMTP - Simple Mail Transfer Protocol –RFC 821 POP - Post Office Protocol –RFC 1939 Also: –RFC 822 Standard for the Format of ARPA Internet Text.
Microsoft Office XP Illustrated Introductory, Enhanced Started with Outlook 2002 Getting.
CSC 2720 Building Web Applications Server-side Scripting with PHP.
Topics Sending an Multipart message Storing images Getting confirmation Session tracking using PHP Graphics Input Validators Cookies.
RM Monitor and RMAlerts Installation, Setup, and Requirements January 23, 2010 John Raffenbeul presented this live via an internet connection. These slides.
1 Building FORMS In When a visitor enters information into a web form displayed in a web browser and clicks the submit button, the information is sent.
Front end (user interfaces) Facilitating the user‘s interaction with the SandS services and processes I. Mlakar, D. Ceric, A. Lipaj Valladolid, 17/12/2014.
8 Chapter Eight Server-side Scripts. 8 Chapter Objectives Create dynamic Web pages that retrieve and display database data using Active Server Pages Process.
Technical Awareness on Analysis of Headers.
1 of 4 This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT. © 2006 Microsoft Corporation.
© Copyright 2009 SSLPost 01. © Copyright 2009 SSLPost 02 a recipient is sent an encrypted that contains data specific to that recipient the data.
Module 6: Administering Reporting Services. Overview Server Administration Performance and Reliability Monitoring Database Administration Security Administration.
Web Page Designing With Dreamweaver MX\Session 1\1 of 9 Session 3 PHP Advanced.
Unit-6 Handling Sessions and Cookies. Concept of Session Session values are store in server side not in user’s machine. A session is available as long.
Session 11: Cookies, Sessions ans Security iNET Academy Open Source Web Development.
Virginia Administrative Training Module 1: Processing, Online, Scoring and Reporting Training Presentation Training Presentation Working Within PearsonAccess.
Networking Applications
Node.js Express Web Services
19.10 Using Cookies A cookie is a piece of information that’s stored by a server in a text file on a client’s computer to maintain information about.
Microsoft Outlook 2000.
Cross-Site Request Forgeries: Exploitation and Prevention
Microsoft Word 2003 Illustrated Complete
(Includes setup) FAQ ON DOCUMENTS (Includes setup)
Configuring Internet-related services
Adrian McElligott CEO Geobytes, inc. Boston, March 2008
Chapter 7 Network Applications
(Includes setup) FAQ ON DOCUMENTS (Includes setup)
Presentation transcript:

Permission Keys in five easy steps Adrian McElligott

Resources The Key Custodian API Reference Permission Keys Paper Permission Keys FAQ Sample Outlook plug in source code Sample SMTP MTA source code

Permission Keys System Components Client Side Outbound Message Key Insertion Function Spam Folder Monitoring Module Server Side Key Issuing Facility –AJAX Web Service –UI for manual issuing –Key Custodian API GetKey IsValidKey InvalidateKey Access authentication Key Generation Key Storage & Retrieval Reporting

Overview The requirements of a GKC client are to provide the following facilities and functions: 1.Authentication - uses a token delivered via . 2.Initialization - retrieving client preferences from the GKC. 3.Intercept all out going and insert a permission key in to all instances of the protected user's address. 4.Monitor the Spam folder, and recover any messages that contain a valid key. 5.Invalidate Compromised Keys Note: All communications must be secure (HTTPS / SSL). Implement the Key Custodian APIs should be in compliance with the Licensing Requirements as specified in the attached document.

The Key Custodian APIs Filters call Authenticate(...) GetKey(...) IsValidKey(...) InvalidateKey(...) GetUserPreferences(...) Anonymous Browsers call GetMailToKey(...) Note: Unless specified otherwise, the term " address" refers to an address as defined by "RFC Address Specification" and should preferably be provided as it would typically appear in the message headers and therefore include the dispaly name, if available. In accordance with RFC 2822, to avoid confusion the term "addr- spec address" is used to refer to the bare SMTP form of the address. ie.

Spam Folder Monitoring Function For each message that is placed in to the Spam folder: Check that the message has not been previously processed. Retrieve the Originator's Address. Retrieve any keyed instances of the protected user's address, and check the validity of the key via the GKC IsValidKey() API. (continued): If the Key is valid, then move the message to the inbox – bump a counter. Optionally, record that the message has been processes, and that it has been recovered. If operating in free mode, then alert the user via a message box or dialog.

Outbound Message Key Insertion Function For each outgoing message: Obtain the Recipient's Address Obtain a 'Permission Key' from the global key custodian, via the GetKey API. Insert the envelop key into the message envelop by replacing instances of the protected users address with the provided "envelop " keyed version. For each outgoing message (continued): Insert the headers key into the message headers by replacing instances of the protected users address with the provided "headers" keyed version. If opperating in free mode, then insert GKC promotional footer.

On Compromised Key Function For each message that is placed in to the Spam folder that has been previously recovered, or where the user has specifically indicated that the key should be invalidated: Retrieve the Originator's Address. Retrieve any keyed instances of the protected user's address, and call the GKC InvalidateKey() API for each.

Authentication What to use it for: New Account Instance Authentication Account Instance Re- authentication To acknowledge the receipt of GKC Tokens Description Called to initiate the dispatching of, and to acknowledge the receipt of GKC Tokens. When to use it: Upon new installation / activation of Permission Key facility In the event that the current GKC token is rejected by the GKC Upon the receipt of a GKC token during the filter authentication process Note: Please see "New User Instance Account Initialization" for a description of the authentication process.

New User Instance Account Initialization Process is always initiated by the filter. The filter calls Authenticate() passing in a filter generated random 10 digit alpha-numeric "filter token", which the filter stores for further reference. The GKC sends two messages to the protected user's address: 1.a probe message to test for the existence of plus addressing support within the protected user's system, and 2.a message containing the GKC authentication token. Continued…

New User Account Initialization con't. The filter monitors incoming messages for two responses from the GKC. Responses are identified by the originators address and authenticated by the presence of the original "filter token" in the subject of the message. The structure of the subject field is: "... Token is: : " The filter recovers the GKC's token from the subject field of each GKC message, and 1.calls Authenticate() for each recovered GKC token - this time including the GKC's token in the request. 2.permanently records the first 10 digits of the GKC's token for inclusion in all further calls to the GKC. Continued…

New User Account Initialization con't. The first 10 digits of the GKC's token will be the same for each response message. The Eleventh digit of the GKC's token is used to identify tagged addressing probes. GKC messages may be optionally deleted by the filter. All messages from the GKC contain both the original "filter token" and a GKC token. Filters only need to monitor for and respond to GKC messages during the account authentication process. Notes

The Key Custodian API Reference

The Key Custodian APIs Filters call Authenticate(...) GetKey(...) IsValidKey(...) InvalidateKey(...) GetUserPreferences(...) Anonymous Browsers call GetMailToKey(...) Note: Unless specified otherwise, the term " address" refers to an address as defined by "RFC Address Specification" and should preferably be provided as it would typically appear in the message headers and therefore include the display name, if available. In accordance with RFC 2822, to avoid confusion the term "addr- spec address" is used to refer to the bare SMTP form of the address. ie.

GetKey() Parameters o The protected user's address Recipients o Coma delimited list of the recipient addresses. Filter Statistics (optional) o MsgsReceived o MsgsRecovered o TotalSpam GKC Token Format o Either xml or json Returns A keyed instance of the protected user's address in either xml or json Example: { "key": { "addrspec": " ": "\"John Smith 12345\" " },"success":true} Description Called by the filter for each outgoing message to obtain a key

IsValidKey() Parameters o The protected user's address Key o A key encoded address retrieved from any part of the message Senders (optional) o Coma delimited list of address of the message's senders. GKC Token Format o Either xml or json Returns Key properties in either xml or json Example: { "key": { "isvalidkey": "true", "issuedto": "\"Joe\" ", "issueddate":" ", "expires":" ", "issuedby":"SMTP Outgoing Insertion" },"success":true} Description Called by the filter for each "spam" message that contains a key

InvalidateKey() Parameters o The protected user's address Key o A key encoded address retrieved from any part of the message Originator o address of the message's sender. GKC Token Format o Either xml or json Description Called by the filter when the user clicks "Is Spam" on a message that contains a key. Returns Key's post invalidation properties in either xml or json Example: { "key": { "isvalidkey": "false", "issuedto": "\"Joe\" ", "issueddate":" :11:22", "expires":" :59:59", "issuedby":"SMTP Outgoing Insertion" },"success":true}

Authenticate() Parameters Address o The protected user's address Client Token o 10 digit alpha-numeric GKC Token o 10 digit alpha-numeric Provider ID o 32 digit alpha-numeric Format o Either xml or json Description Called by the filter to authenticate access to the protected user's GKC account. Returns True or False in either xml or json format {"success": true} First called by the filter to initiate the filter authentication process. Then called to confirm the receipt of each GKC token.

GetUserPreferences() Parameters Address o The protected user's address GKC Token Format o Either xml or json Returns Account status and user preferances (xml or json) Description: Called by the filter at the start of each session. Example: { "user": { "isauthenticated": "true", "subexpires":" ", "uniquekeysissued": "123", "recovered": "12", "received": "12345", "spam": "12345", "established":" ", "lastaccessed":" ", "lastaccessedip":" ", "provider":"Example, inc.", "messagefooter":"Replies to this..." },"success":true}

The GKC Authentication Token Description The GKC Authentication Token is A alpha-numeric ASCII string of a maximum of 11 characters in length Requested via the authenticate API Delivered to the filter via Obtained by extracting from the subject field of the confirmation The structure of the subject field is: "... Token is: : " Note: Once acquired via the authenticate API, then every call from the filter to the GKC must include the GKC Authentication Token.

GetMailToKey() Parameters UserGUID o 128 bit GUID String Description - Called by the web browers to dynamically insert keyed addresses in to web pages. Returns Encoded mailto: tag including key encoded address Example: mailt o:john .smit h+1234 5@exa mple. com

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.