Home FAQ's About Compare Versions Purchase Our Process Licensing Contact Us Helpful Links Legal Privacy About Us Zone Map LOG-IN
 

 


E-Mail Guardian
(email-guardian.com)
Guarding Your E-mail in Ways You Control™*

Understanding the E-Mail Guardian™ Process

You send an e-mail to Alice
with her password = #>
#>   Internet   >>> (spam) >>>
E-Mail Guardian
#>   Alice
 You   <#
E-Mail Guardian
<<< (spam) <<<   Internet   <#
<# = Alice sends an e-mail
to you with your password

Here we Compare E-Mail Guardian™ to Other Spam Blockers

(This was written mostly during 2004 but little has changed.)

       Spam is now an enormous problem because the customary e-mail address is connected directly to the Internet without any form of protection. This means that anyone who gets your e-mail address gets to send you e-mail whether you want it or not. Ryan Singel in Wired News1 writes, "... spam is no joke. ISPs [Internet Service Providers] have said junk e-mail now constitutes 60 percent of all e-mail traffic. Howard Beale of the Federal Trade Commission told Congress this spring that "spam threatens to destroy e-mail."" Speaking of the hazards of spam Mr. Singel also wrote, "Unwanted e-mail remains especially pernicious for children and people with dialup connections, e-mail-enabled cell phones or PDAs." We believe that after laws are passed to limit this form of harassment we can still expect that more clever ways will be found to circumvent them. E-mail scams are growing in number. And then there are those that write viruses or virus programs and attach them to e-mail that can install themselves as soon as you open an attachment. These programs can enslave your computer to infect more computers or they can install key-stoke programs that can learn security codes, etc. So we need a solution that we can trust, that when used properly, will prevent these things from happening.

Note 1: In an article by Ryan Singel called Spam Pitches Are Mutating Faster, Wired News, 10/28/2003.

There are several methods used to try to identify and stop spam, like keyword blockers and Bayesian filters2. What these programs do is stop your e-mail for a moment, scan the words, and then sort and send them on (to your Inbox, Trash, or to another location for further analysis) based on what they might contain. But serious spammers also use their own programs to try to trick these programs. By contrast E-Mail Guardian™ 'asks' every e-mail to identify itself. It says, show me your valid password or go away! And when converting for use in other languages it does not have the language translation barriers inherent in keyword blockers and Bayesian filters. This means that, regardless your language of use, you don't need to hire an army of people to create and constantly update software to filter your e-mail and you don't need to use a separate e-mail service just to block spam; a simple password is all that's required.

Note 2: From the same article Ryan Singel writes: "Bayesian filters use complex statistical techniques to classify messages by analyzing the words and headers of past e-mails. Based on constantly updated data, they then score incoming e-mails and tag them as real, spam and possible spam."

Antispam genetic filtering. There is a community-based model for this method called Cloudmark. To make this method work the company collects rejected e-mails from all members of the community. Then each rejected e-mail's origin is recorded, analyzed and classified by the main filtering system. If the e-mail source is identified as producing spam future e-mails from that source are blocked for all users in the community. Like keyword blockers and Bayesian filters we think of this type of spam filtering as hindsight detection. Obviously they can never be 100% accurate, and can be seen as never-ending. In fact, Cloudmark says it analyzes over 100 million rejected e-mails a day! In terms of being a simple to use and trouble-free process the Cloudmark website also has a long list of what to do if this or that happens.

Challenge-response spam filtering. Imagine the following: You want to speak to a neighbor you don't know, so you walk over to his house and you knock on his door. Instead of opening the door, inviting you in and speaking to you, he says, prove to me who you are first (because he doesn't know you or trust you). Since you didn't think to bring your wallet or any identification, you need to walk home to get your identification. Later, you bring him proof of identity and he responds to you. This scenario is the premise of challenge-response spam blockers. Our personal experience is that we sent an e-mail to someone without calling first to identify ourselves. A few hours later (because the Internet is now sometimes bogged-down with viruses and spam) an automatic message came back asking us to prove that we were human (and therefore probably 'okay' for the sender to respond to) by asking us to copy a code that an automatic spamming program could not copy and respond to. Once the second e-mail was sent with the code entered we waited for what would happen next. The next day we got a response from the sender to our original e-mail. Yes. It works. But as a method that challenges every e-mail that may contain spam it surely has the potential to cause an enormous traffic jam on the Internet. Coupled with the continued use of a conventional e-mail address book that is susceptible to hijacking we believe E-Mail Guardian™ to be a better solution.

There is a method that only lets e-mail through when the e-mail address is in your e-mail address book. This method is a good way for us to begin showing preference for the password technique because it's using a form of recognition, rather than trying to figure out if the e-mail contains spam, but we think that using conventional e-mail address books is a bad method overall and that this method of recognition fails to take into account at least two considerations. The reasons we think using addresses in address books is a bad method overall will be explained when analyzing ZoEmail. The two considerations not taken into account are: 1) it doesn't allow you to receive e-mail from people who are not in your address book; 2) it doesn't take into account problems like receiving bogus e-mails that appear to be coming from people you know, but are not3.

Note 3: This is known as spoofing, and spoofing is disguising an e-mail to appear like it's coming from an e-mail address belonging to someone you know, but it's not.

We pay tribute to the door, one of the world's greatest practical needs!

o

Door

 Knock, clack, buzz, ring or use your password to get permission to get beyond it!

       At this point in the evolution of the crazy out-of-control world of the Internet, think what the world might have been like before people used doors!

Don't you think that it's time that we all began to take some control of our own individual world by asking others to get permission to enter our personal space? Doesn't everyone want some level of personal control? E-Mail Guardian™ gives you control over the e-mail portion of the Internet that is your personal space, just like installing a door. Choosing to use a service instead is like moving up to a gated community - it makes you feel safer but you still need to be careful and do all the work according to the community rules. Maybe it's better; maybe it's not, depending on what is offered.

Can you depend on those who legitimately send you e-mail to use your password? Why not? If they understand the problem and want their e-mail to be received, not blocked, why not? Wouldn't you do the same for them?

Helping you to Understand

       To be clear, we are not talking about sending or sharing 'digital certificates' here4, although we recognize that the continued use of digital certificates are an important way to prove who the parties are and for creating secure e-mail (SSL5), and we are not talking about domain keys6. We are simply talking about a code you gave to another, like the word 'friendly3' that the sender sends back as proof of permission to be accepted. When automatically sending the password we usually put it in the e-mail header7, just to keep it out of the way, but it can also be entered manually and sent in the subject line. Either way, because spammers cannot read our e-mail, E-Mail Guardian™ is the Internet equivalent of a secret door knock between two parties, not a 'registered' identification code or mark that is controlled by a third party8. E-Mail Guardian™ compares the ID's (one in the Password Register and one in the e-mail) then allows those e-mails that contain a match, and trashes or deletes all others according to your preset instructions. Since spammers would not have access to the personal ID or special code, spam is eliminated. Since the personal ID is under your control you are able to change it at anytime, if you even needed to.

Note 4: (From the on-line dictionary at whatis.techtarget.com) "A digital certificate is an electronic "credit card" that establishes your credentials when doing business or other transactions on the Web. It is issued by a certification authority (CA). It contains your name, a serial number, expiration dates, a copy of the certificate holder's public key (used for encrypting messages and digital signatures), and the digital signature of the certificate-issuing authority so that a recipient can verify that the certificate is real. Some digital certificates conform to a standard, X.509. Digital certificates can be kept in registries so that authenticating users can look up other users' public keys."

Note 5: (From InstantWeb.com) SSL is "Secure Sockets Layer (SSL) A protocol designed by Netscape Communications Corporation to provide encrypted communications on the Internet."

Note 6: To limit spam Yahoo.com recently proposed domain keys. A domain key, as we understand it, would essentially be another form of digital certificate, and far too complicated and restrictive than is necessary for this application, and would not allow you to decide which e-mail is to be received.

Note 7: (From the dictionary at InstantWeb.com) The header is "the part of an electronic mail message ... that precedes the body of a message and contains, among other things, the sender's name and e-mail address and the date and time the message was sent." It is also "The portion ... preceding the actual data, containing source and destination addresses, error checking and other fields. "

Note 8: Like the patented Servicemark service provided by Habeas.com. And like Habeas we can deliver e-mail to over 300 million email in-boxes worldwide.

ZoEmail

       Recently, a new e-mail service was announced - ZoEmail, US patent #5,930,479. It offers a password system within the e-mail address, a process originally patented by AT&T Labs. At first we thought this method was the best way to block spam, and voided our patent application. But after careful review of the differences we believe our method is even better. Because we spent a good portion of time reviewing it, we will spend some time explaining the differences:

.
ZoEmail
™ <#      E-Mail Guardian       #> ™
1 E-mail addresses over time usually get listed, known and harvested by spammers. Since the password is in the e-mail address there will be a need for you to keep changing passwords to reduce or prevent spam. A password is only included during legitimate and purposeful email correspondence. It's placed in the e-mail header, which cannot be seen unless you actually receive an email that includes a password. This makes it less likely that a password would be discovered. So even if your e-mail address becomes known to spammers spam is blocked (because it doesn't have a proper password).
2 By virtue of the combined password and email address ZoEmail puts your password in the address book of others, which means that your e-mail address (no matter how unique) is now susceptible to address book hijacking and resending to others in your name. We do not put the password in any address book so if someone receives e-mail in your name (without a password) it would still be blocked.
3 For ZoEmail to prevent spoofing (see note 3) they must assign or compare the ZoEmail to another name or e-mail address, which means they must also store this information somehow. To prevent spoofing E-Mail Guardian just looks for a password.
4 The possibility exists of you receiving your own special ZoEmail with a virus attached, sent from someone else's address book, although ZoEmail will probably be able to delete the virus with virus protection software Viruses can come from many sources - you should always use virus protection software.
5 Yes. You can keep your ISP (Internet Service Provider) for surfing the Internet but you must subscribe to the ZoEmail service for e-mail because once your e-mail address is altered your current ISP can no longer recognize it. The passwords used to stop spam are separate from your e-mail address so you don't need to use any special e-mail subscription service unless you want to, but you will need to download and install E-Mail Guardian to work with your e-mail program.
6 To make the protection work you must first send each new e-mail address to the receiving party. You do not need to send an e-mail first, although you need to somehow tell others the password they can use.
7 You are dependent on a 3rd party subscription service to receive your e-mail. You are not dependent on a third party to receive your e-mail.
8 You must pay ZoEmail for extra e-mail storage space if you use more than they allow, when this storage space is most probably already available on your computer. You store your own messages on your own computer as you do now without any additional cost in storage space.
9 By having a 3rd party webmail service store your personal messages on the Internet you increase or decrease the risk of having information you consider to be private and confidential read by others, depending on your computer settings. Your personal and private information is not at any increased or decreased level of risk because it's still in your computer, not in a server on the Internet.
10 - In our opinion E-Mail Guardian™ is easier to use.

The most significant difference between the two approaches is that E-Mail Guardian™ compares passwords to determine acceptance or rejection using any e-mail program that we can support, recognizing that an e-mail address is a navigation tool to get e-mail from one Internet location to another, while ZoEmail accepts or rejects passwords only within its own e-mail addresses. ZoEmail is part of a family of what's known as DEA's (disposable e-mail addresses) that are offered by a number of private label e-mail service providers9. The difference between them is that ZoEmail is using a combination password and e-mail address that is patented.

Are you saying that you do not recommend ZoEmail? No! We are saying that ZoEmail's provides a very good method to block spam. But given the ability to work with other programs, and provide protection at the server level, E-Mail Guardian™ is even better.

Note 9: DEA e-mail services allow you to add e-mail addresses or change your email addresses for different purposes. For example your provider might let you create or have e-mail addresses like, sam1@deaexample.com, sam2@deaexample.com, sam3@deaexample.com, etc.

TurnTide is the final e-mail spam blocking technique we will discuss. We confess. We are not knowledgeable enough to judge this product. They claim that their routers do 'TCP traffic-shaping' by detecting spam right back to the source, and then they throttle it down so much that the spammer cannot even deliver it. They say they analyze e-mail and let the good e-mail through. "But spammers have a problem. Instead of a spammer crippling your network and clogging your bandwidth, it's the spammer who gets bogged down. The spam never gets to leave the spammer's computer." For large e-mail system providers this might indeed be the best solution. But if it's that good they may have a big problem, because a free speech advocate might just say 'take your hand away from my mouth!' Free speech is powerful stuff! We think this argument will eventually prevail and we will again need our own individual spam blockers.

We have not compared prices on any product because we believe that any service that provides a good way to block spam and stop viruses is worth a fair price - consider the value received.

Additional Features

E-Mail Guardian™ has the ability to selectively admit or deny other forms of communication, like voice-mail and live video. When these features are more widely used we intend to configure E-Mail Guardian™ to allow the user to control these forms of communication in a more advanced version of this product.

E-Mail Guardian™ has the ability to provide password protection at the server level to reduce network traffic that each individual e-mail account user can control, or ISPs (Internet Service Providers) may use to help reduce filtering costs.

Simple to understand, quick to setup and easy to use. A user-friendly process with few restrictions. E-Mail Guardian™ proves that good solutions can also be simple ones.

And the Best Part is...

E-Mail Guardian™ makes protecting from spam far better, cheaper and easier because it puts it in the hands of the user where it rightfully belongs. (And everyone wins!)

 

 

 

 

 

Home FAQ's About Compare Versions Purchase Our Process Licensing Contact Us Helpful Links Legal Privacy About Us Zone Map LOG-IN
  E-mail Guardian™ does not generate popups or popunders, host advertising or originate email.   |   *The best we can provide them™  
. E-mail Guardian™ is Patent Pending . Copyright © 2004-2007 RSMC   All Rights Reserved .
The mission of RSMC is to improve the quality of life, to encourage new ways of thinking, and to promote positive change in education, business and society