Prosecution Insights
Browse Companies Examiners Firms Draft Your Response
Office ActionsVirtual Connect Technologies Inc. › 18230647
Last updated: April 19, 2026
Application No. 18/230,647

COMPUTERIZED SYSTEM FOR AUTONOMOUS DETECTION OF UNAUTHORIZED ACCESS ACCORDING TO OUTBOUND ADDRESSES

Non-Final OA §101§103
Filed
Aug 06, 2023
Examiner
BAZNA, JUDY
Art Unit
2495
Tech Center
2400 — Computer Networks
Assignee
Virtual Connect Technologies Inc.
OA Round
3 (Non-Final)
67%
Grant Probability
Favorable
3-4
OA Rounds
3y 1m
To Grant
90%
With Interview

Interview Optional

+22.9% interview lift. This examiner has a relatively high allow rate; a written response may suffice.
Based on 24 resolved cases, 2023–2026

Examiner Intelligence

BAZNA, JUDY View full profile →
Grants 67% — above average
67%
Career Allow Rate
16 granted / 24 resolved
+8.7% vs TC avg
Strong +23% interview lift
Without
With
+22.9%
Interview Lift
resolved cases with interview
Typical timeline
3y 1m
Avg Prosecution
19 currently pending
Career history
43
Total Applications
across all art units

Statute-Specific Performance

§101
4.6%
-35.4% vs TC avg
§103
77.2%
+37.2% vs TC avg
§102
9.7%
-30.3% vs TC avg
§112
5.9%
-34.1% vs TC avg
Black line = Tech Center average estimate • Based on career data from 24 resolved cases

Office Action

§101 §103
Notice of Pre-AIA or AIA Status The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA . This application is a response to the application claims and remarks response filed on 02/06/2026. Claims 1-21 are currently pending in this application. Continued Examination Under 37 CFR 1.114 A request for continued examination under 37 CFR 1.114, including the fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection. Since this application is eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on 02/06/2026 has been entered. Priority Applicant’s claim for the benefit of a prior-filed application under 35 U.S.C. 119(e) or under 35 U.S.C. 120, 121, 365(c), or 386(c) is acknowledged. Applicant has not complied with one or more conditions for receiving the benefit of an earlier filing date under 35 U.S.C. 120 as follows: The later-filed application must be an application for a patent for an invention which is also disclosed in the prior application (the parent or original nonprovisional application or provisional application). The disclosure of the invention in the parent application and in the later-filed application must be sufficient to comply with the requirements of 35 U.S.C. 112(a) or the first paragraph of pre-AIA 35 U.S.C. 112, except for the best mode requirement. See Transco Products, Inc. v. Performance Contracting, Inc., 38 F.3d 551, 32 USPQ2d 1077 (Fed. Cir. 1994). The disclosure of the prior-filed application, Application No. 63398142, fails to provide adequate support or enablement in the manner provided by 35 U.S.C. 112(a) or pre-AIA 35 U.S.C. 112, first paragraph for one or more claims of this application. Claims 1, 16, 19 recites “wherein the bait address is an email address that has been published but is not used for legitimate communications; determine unauthorized access to the sender message system based upon the pattern of undeliverable responses; and transmitting the potential breach warning to a user and automatically implementing at least one security measure selected from the group consisting of: locking a sender account associated with the outbound electronic message, placing the outbound electronic message in quarantine, requiring a password reset for the sender account, and requiring multifactor authentication for the sender account”, the parent application, application no. 63398142, filed on 08/15/2022 does not disclose or suggest anywhere that the bait address is published but didn’t used for any authorized communication and taking a security action based on determining unauthorized access to the sender message system based upon the pattern of undeliverable responses. Therefore, this limitation constitutes new matter with respect to parent application and is not supported by the parent’s disclosure under 35 U.S.C. 112(a). Accordingly, amended claims 1, 16, 19 is not entitled to the benefits of the filling date of application no. 63398142 (08/15/2022) under 35.U.S.C. 120 . The effective filling date of amended claim 1 is the filling date of the instant application (08/06/2023). Response to Amendments Arguments are rendered moot in view of new rejections made in response to applicant’s amendments. Claim Rejections - 35 USC § 101 35 U.S.C. 101 reads as follows: Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title. The text of those sections of Title 35, U.S. Code not included in this action can be found in a prior Office action. Claim 1 rejected under 35 U.S.C. 101 because the claimed invention is directed to non-statutory subject matter. The claim(s) does/do not fall within at least one of the four categories of patent eligible subject matter because Claim 1 is directed to a computer program/software per se, claim 1 recites “a sender message system” which is under its broadest reasonable interpretation cover a computer program standing alone without being tied to a specific machine or process. Claims 2-15 are depend on claim 1 therefore they are rejected for the same reason. Claim 1 rejected under 35 U.S.C. 101 because the claimed invention is directed to non-statutory subject matter. The claim(s) does/do not fall within at least one of the four categories of patent eligible subject matter because Claim 1 is directed to a computer program/software per se, claim 1 recites “a gateway system” which is under its broadest reasonable interpretation cover a computer program standing alone without being tied to a specific machine or process. Claims 2-15 are depend on claim 1 therefore they are rejected for the same reason. Claim 16 rejected under 35 U.S.C. 101 because the claimed invention is directed to non-statutory subject matter. The claim(s) does/do not fall within at least one of the four categories of patent eligible subject matter because Claim 1 is directed to a computer program/software per se, claim 16 recites “a sender message system” which is under its broadest reasonable interpretation cover a computer program standing alone without being tied to a specific machine or process. Claims 17, 18 are depend on claim 16 therefore they are rejected for the same reason. Claim 16 rejected under 35 U.S.C. 101 because the claimed invention is directed to non-statutory subject matter. The claim(s) does/do not fall within at least one of the four categories of patent eligible subject matter because Claim 1 is directed to a computer program/software per se, claim 16 recites “a gateway system” which is under its broadest reasonable interpretation cover a computer program standing alone without being tied to a specific machine or process. Claims 17, 18 are depend on claim 16 therefore they are rejected for the same reason. Claim 19 rejected under 35 U.S.C. 101 because the claimed invention is directed to non-statutory subject matter. The claim(s) does/do not fall within at least one of the four categories of patent eligible subject matter because Claim 1 is directed to a computer program/software per se, claim 19 recites “a gateway system” which is under its broadest reasonable interpretation cover a computer program standing alone without being tied to a specific machine or process. Claims 20-21 are depend on claim 19 therefore they are rejected for the same reason. Claim Rejections - 35 USC § 103 In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status. The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action: A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made. Claims 1, 7-13, 16, 17, 19, 20 are rejected under 35 U.S.C. 103 as being unpatentable over Liao (US 8601064 B1) In view of Mears (US 11916858 B1). Regarding claim 1, Liao teaches a computerized system for detection of unauthorized access comprising: a sender message system adapted to create and transmit an outbound electronic message (Col 3 lines 19-40, Fig. 2: email client 201 sends spam email); a gateway system in communications with the sender message system (Col 3 lines 19-40, Fig. 2: SMPT Gateway 202) wherein the gateway system is adapted to: determine a number of outbound electronic messages sent by the sender message system (Col 5 lines 61-67 Col 6: the message failed count may indicate the number of emails, from a single email source, having at least one invalid recipient address (invalid RCPT TO address in SMTP) within a predetermined period of time.); receive an undeliverable response from a recipient message system associated with the outbound electronic message (Col 5 lines 61-67 Col 6: the message failed count may indicate the number of emails, from a single email source, having at least one invalid recipient address (invalid RCPT TO address in SMTP) within a predetermined period of time.); increase an undeliverable counter by one (Col 5 lines 61-67 Col 6: the message failed count may indicate the number of emails, from a single email source, having at least one invalid recipient address (invalid RCPT TO address in SMTP) within a predetermined period of time. For example, assuming that in a one hour period the email source sent 100 different emails of which 80 include at least one invalid recipient address, the message failed count in that example is 80. Identifying invalid recipient email addresses is advantageous in that an invalid recipient email address is a key symptom of a directory harvest or bounce-source attack.); determine an undeliverable percentage according to the undeliverable counter and the number of outbound electronic messages sent (Col 5 lines 61-67 Col 6: the message failed count may indicate the number of emails, from a single email source, having at least one invalid recipient address (invalid RCPT TO address in SMTP) within a predetermined period of time.); calculate a historical undeliverable response value (Col 6: the ratio of recipient failed count versus total message count for a particular email source.); generate and store a potential breach warning according to the undeliverable counter exceeding a predetermined count limit, the undeliverable percentage exceeding a predetermined percentage limit, the undeliverable counter exceeding the historical undeliverable response value (Col 6: if the ratio of recipient failed count versus total message count for a particular email source is relatively high, an email from the particular email source is likely to be malicious.), the outbound electronic message is addressed to a bait address, an IP address associated with the outbound electronic message being invalid and any combination thereof (Col 8 lines 29-36: Bounced emails and their sources are added to the historical statistics, from which the bounce ratio (number of bounce messages/number of total messages) for a given IP address may be computed. If the bounce ratio is greater than a certain threshold, it may be presumed that the domain is under bounce attack from this IP address.); and, determine unauthorized access to the sender message system based upon the pattern of undeliverable responses (Claim 1. Col 7 lines 3-9: (e) An email client may be classified as a bounce-source (i.e., a legitimate site being used by a malicious source to bounce emails from) when the ratio of bounced emails over the number of total emails received from the email client (bounce ratio) is greater than a threshold value.); Liao does not explicitly disclose wherein the bait address is an email address that has been published but is not used for legitimate communications. transmitting the potential breach warning to a user and automatically implementing at least one security measure selected from the group consisting of: locking a sender account associated with the outbound electronic message, placing the outbound electronic message in quarantine, requiring a password reset for the sender account, and requiring multifactor authentication for the sender account. Mears teaches wherein the bait address is an email address that has been published but is not used for legitimate communications (Col 4 lines 16-20: the IP addresses in the second pool are reserved for “risky” outbound emails, that is, emails that may include such outbound spam emails. Thus, the chance that IP addresses in the second pool may acquire a bad reputation, and consequently be blocked or blacklisted, ). transmitting the potential breach warning to a user and automatically implementing at least one security measure selected from the group consisting of: locking a sender account associated with the outbound electronic message, placing the outbound electronic message in quarantine, requiring a password reset for the sender account, and requiring multifactor authentication for the sender account (Fig. 5. Col 21 lines 54-67: the user is notified that a possible compromise of their email account occurred. The notification may be accompanied by a request for the user to modify a security feature that enables access to the email account. For example, the user may change a password for the account and/or may enable multi-factor authentication for the account if not previously implemented.) Thus, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of Liao with the teachings of Mears to include wherein the bait address is an email address that has been published but is not used for legitimate communications; transmitting the potential breach warning to a user and automatically implementing at least one security measure selected from the group consisting of: locking a sender account associated with the outbound electronic message, placing the outbound electronic message in quarantine, requiring a password reset for the sender account, and requiring multifactor authentication for the sender account in order to protect the use email from unauthorized use (Mears Col 21 lines 54-67) Regarding claim 7, Liao in view of Mears teaches the system of claim 1, wherein the bait address includes a subdomain (Col 3: the spam has an originator email address of the intended spam victim, which is "user@spam-target.com"). Regarding claim 8, Liao in view of Mears teaches the system of claim 1 wherein the gateway system is adapted to transmit the bait address to a third party email listing (Mears Col 4 lines 16-20: the IP addresses in the second pool are reserved for “risky” outbound emails, that is, emails that may include such outbound spam emails.). Regarding claim 9, Liao in view of Mears teaches the system of claim 1, wherein the user is taken from the group consisting of administrator, sender, recipient, third party, reputation administrator, and any combination (Liao Fig.2) Regarding claim 10, Liao in view of Mears teaches the system of claim 1, wherein the gateway system is adapted to modify the outbound electronic message to add a potential spam indicator according to the undeliverable counter exceeding a predetermined count limit (Col 4 lines 60-67, Col 7 : the email gateway having an anti-spam 110 (see FIGS. 1 and 4. The heuristics engine may reject emails from particular source email addresses based on policies of the domain protected by the email gateway. While, a probability model may be employed in conjunction with the heuristic rules to predict whether an email is spam.). Regarding claim 11, Liao in view of Mears teaches the system of claim 1, wherein the gateway system is adapted to take action from the group consisting of locking a sender account associated with the outbound electronic message, placing the outbound electronic message in quarantine, deleting the outbound electronic message, requiring a password reset for the sender account, requiring multifactor authentication for the sender account, scanning the sender message system, requiring a change in security question for the sender account, verifying security and privacy settings of the sender account and any combination thereof according to the undeliverable counter exceeding a predetermined count limit, the undeliverable percentage exceeding a predetermined percentage limit, the undeliverable counter exceeding the historical undeliverable response value, the outbound electronic message is addressed to a bait address, and any combination thereof (Mears Col 21 lines 54-67: the user is notified that a possible compromise of their email account occurred. The notification may be accompanied by a request for the user to modify a security feature that enables access to the email account. For example, the user may change a password for the account and/or may enable multi-factor authentication for the account if not previously implemented.). Regarding claim 12, Liao in view of Mears teaches the system of claim 1, wherein the undeliverable response is an invalid domain (Liao Col 5 lines 61-67 Col 6: the message failed count may indicate the number of emails, from a single email source, having at least one invalid recipient address (invalid RCPT TO address in SMTP) within a predetermined period of time.) Regarding claim 13, Liao in view of Mears teaches the system of claim 1, wherein the undeliverable response is an invalid address (Liao Col 5 lines 61-67 Col 6: the message failed count may indicate the number of emails, from a single email source, having at least one invalid recipient address (invalid RCPT TO address in SMTP) within a predetermined period of time.). Regarding claim 16, Liao teaches a computerized system for detection of unauthorized access comprising: a sender message system adapted to create and transmit an outbound electronic message (Col 3 lines 19-40, Fig. 2: email client 201 sends spam email); a gateway system adapted to intercept an outbound electronic message transmitted from a sender message system (Col 3 lines 19-40, Fig. 2: SMPT Gateway 202) wherein the gateway system is adapted to: receive an undeliverable response from a recipient message system associated with the outbound electronic message (Col 5 lines 61-67 Col 6: the message failed count may indicate the number of emails, from a single email source, having at least one invalid recipient address (invalid RCPT TO address in SMTP) within a predetermined period of time.); generate a potential breach warning according to an undeliverable counter exceeding a predetermined count limit, an undeliverable percentage exceeding a predetermined percentage limit, an undeliverable counter exceeding a historical undeliverable response value, the outbound electronic message being addressed to a bait address, an IP address associated with the outbound electronic message being invalid and any combination thereof (Col 6, Col 8 lines 29-36: if the ratio of recipient failed count versus total message count for a particular email source is relatively high, an email from the particular email source is likely to be malicious. Bounced emails and their sources are added to the historical statistics, from which the bounce ratio (number of bounce messages/number of total messages) for a given IP address may be computed. If the bounce ratio is greater than a certain threshold, it may be presumed that the domain is under bounce attack from this IP address.); determine unauthorized access to the sender message system based upon the pattern of undeliverable responses (Col 7 lines 3-9: (e) An email client may be classified as a bounce-source (i.e., a legitimate site being used by a malicious source to bounce emails from) when the ratio of bounced emails over the number of total emails received from the email client (bounce ratio) is greater than a threshold value.); and, according to the undeliverable counter exceeding a predetermined count limit, the undeliverable percentage exceeding a predetermined percentage limit, the undeliverable counter exceeding the historical undeliverable response value, the outbound electronic message being addressed to a bait address, and any combination thereof (Col 6- Col7: if the ratio of recipient failed count versus total message count for a particular email source is relatively high, an email from the particular email source is likely to be malicious. ). Liao does not explicitly disclose wherein the bait address is an email address that has been published but is not used for legitimate communications; (perform an action) according the potential breach warning and determination of unauthorized access to the sender's system, taking action from the group consisting of sending a warning to a user, locking a sender account associated with the outbound electronic message, placing the outbound electronic message in quarantine, deleting the outbound electronic message, requiring a password reset for the sender account, requiring multifactor authentication for the sender account, scanning the sender message system, requiring a change in security question for the sender account, verifying security and privacy settings of the sender account and any combination thereof. Mears teaches wherein the bait address is an email address that has been published but is not used for legitimate communications (Col 4 lines 16-20: the IP addresses in the second pool are reserved for “risky” outbound emails, that is, emails that may include such outbound spam emails. Thus, the chance that IP addresses in the second pool may acquire a bad reputation, and consequently be blocked or blacklisted.). (perform an action) according the potential breach warning and determination of unauthorized access to the sender's system, taking action from the group consisting of sending a warning to a user, locking a sender account associated with the outbound electronic message, placing the outbound electronic message in quarantine, deleting the outbound electronic message, requiring a password reset for the sender account, requiring multifactor authentication for the sender account, scanning the sender message system, requiring a change in security question for the sender account, verifying security and privacy settings of the sender account and any combination thereof (Fig. 5. Col 21 lines 54-67: the user is notified that a possible compromise of their email account occurred. The notification may be accompanied by a request for the user to modify a security feature that enables access to the email account. For example, the user may change a password for the account and/or may enable multi-factor authentication for the account if not previously implemented.) Thus, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of Liao with the teachings of Mears to include wherein the bait address is an email address that has been published but is not used for legitimate communications; (perform an action) according the potential breach warning and determination of unauthorized access to the sender's system, taking action from the group consisting of sending a warning to a user, locking a sender account associated with the outbound electronic message, placing the outbound electronic message in quarantine, deleting the outbound electronic message, requiring a password reset for the sender account, requiring multifactor authentication for the sender account, scanning the sender message system, requiring a change in security question for the sender account, verifying security and privacy settings of the sender account and any combination thereof in order to protect the use email from unauthorized use (Mears Col 21 lines 54-67) Regarding claim 17, Liao in view of Mears teaches the system of claim 16, wherein the user is taken from the group consisting of administrator, sender, recipient, third party, reputation administrator, and any combination (Liao Fig.2). Regarding claim 19, Liao teaches a computerized system for detection of unauthorized access comprising: a gateway system adapted to intercept an outbound electronic message transmitted from a sender message system (Col 3 lines 19-40, Fig. 2: SMPT Gateway 202) wherein the gateway system is adapted to: receive an undeliverable response from a recipient message system associated with the outbound electronic message (Col 5 lines 61-67 Col 6: the message failed count may indicate the number of emails, from a single email source, having at least one invalid recipient address (invalid RCPT TO address in SMTP) within a predetermined period of time.); generate a potential breach warning according to an undeliverable counter exceeding a predetermined count limit, an undeliverable percentage exceeding a predetermined percentage limit, an undeliverable counter exceeding a historical undeliverable response value, the outbound electronic message being addressed to a bait address, an IP address associated with the outbound electronic message being invalid and any combination thereof (Col 6-7: if the ratio of recipient failed count versus total message count for a particular email source is relatively high, an email from the particular email source is likely to be malicious. Bounced emails and their sources are added to the historical statistics, from which the bounce ratio (number of bounce messages/number of total messages) for a given IP address may be computed. If the bounce ratio is greater than a certain threshold, it may be presumed that the domain is under bounce attack from this IP address.). determine unauthorized access to the sender message system based upon the pattern of undeliverable responses (Col 7 lines 3-9: (e) An email client may be classified as a bounce-source (i.e., a legitimate site being used by a malicious source to bounce emails from) when the ratio of bounced emails over the number of total emails received from the email client (bounce ratio) is greater than a threshold value.). Liao does not explicitly wherein the bait address is an email address that has been published but is not used for legitimate communications automatically implement at least one security measure selected from the group consisting of: locking a sender account associated with the outbound electronic message, placing the outbound electronic message in quarantine, requiring a password reset for the sender account, and requiring multifactor authentication for the sender account. Mears teaches wherein the bait address is an email address that has been published but is not used for legitimate communications (Col 4 lines 16-20: the IP addresses in the second pool are reserved for “risky” outbound emails, that is, emails that may include such outbound spam emails. Thus, the chance that IP addresses in the second pool may acquire a bad reputation, and consequently be blocked or blacklisted, ). automatically implement at least one security measure selected from the group consisting of: locking a sender account associated with the outbound electronic message, placing the outbound electronic message in quarantine, requiring a password reset for the sender account, and requiring multifactor authentication for the sender account (Fig. 5. Col 21 lines 54-67: the user is notified that a possible compromise of their email account occurred. The notification may be accompanied by a request for the user to modify a security feature that enables access to the email account. For example, the user may change a password for the account and/or may enable multi-factor authentication for the account if not previously implemented.). Thus, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of Liao with the teachings of Mears to include wherein the bait address is an email address that has been published but is not used for legitimate communications; automatically implement at least one security measure selected from the group consisting of: locking a sender account associated with the outbound electronic message, placing the outbound electronic message in quarantine, requiring a password reset for the sender account, and requiring multifactor authentication for the sender account in order to protect the use email from unauthorized use (Mears Col 21 lines 54-67) Regarding claim 20, Liao in view of Mears teaches the system of claim 19, where in the gateway system is adapted to take action from the group consisting of sending a warning to a user, locking a sender account associated with the outbound electronic message, placing the outbound electronic message in quarantine, deleting the outbound electronic message, requiring a password reset for the sender account, requiring multifactor authentication for the sender account, scanning the sender message system, requiring a change in security question for the sender account, verifying security and privacy settings of the sender account and any combination thereof according to the undeliverable counter exceeding a predetermined count limit, the undeliverable percentage exceeding a predetermined percentage limit, the undeliverable counter exceeding the historical undeliverable response value, the outbound electronic message being addressed to a bait address, and any combination thereof according to the potential breach warning (Mears Col 21 lines 54-67: the user is notified that a possible compromise of their email account occurred. The notification may be accompanied by a request for the user to modify a security feature that enables access to the email account. For example, the user may change a password for the account and/or may enable multi-factor authentication for the account if not previously implemented.). Claims 2-6 are rejected under 35 U.S.C. 103 as being unpatentable over Liao (US 8601064 B1) In view of Mears (US 11916858 B1), and in view of Shraim (US 20070294352 A1). Regarding claim 2, Liao in view of Mears teaches the system of claim 1. Liao in view of Mears does not disclose wherein the gateway system is adapted to generate the bait address. Shraim teaches wherein the gateway system is adapted to generate the bait address (Para [0210]: to generate new bait email addresses corresponding to the intended recipient.). Thus, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of Liao in view of Mears with the teachings of Shraim to include wherein the gateway system is adapted to generate the bait address in order to indicates that the address is not currently a valid address (Shraim Para [0210]). Regarding claim 3, Liao in view of Mears teaches the system of claim 2, wherein the outbound electronic message is a first outbound electronic message, and the gateway system is a first gateway system adapted to transmit the bait address to a second gateway system wherein the second gateway system is adapted to generate a second gateway system potential breach warning according to a second outbound electronic message being addressed to the bait address (Mears Fig. 2A. Fig.3. Col 21: the outbound delivery director service 304 performs a lookup in the outbound reputation store 306. If a record is found for the sender of the outbound email indicating a poor reputation, the email is delivered using a delivery server in the risky pool 310.). Regarding claim 4, Liao in view of Mears teaches the system of claim 3, wherein the first gateway system is associated with a first sender domain and the second gateway system is associated with a second sender domain (Mears Fig. 3.: Normal pool delivery servers 308/ first gateway system, Risky delivery servers 310/second gateway system ). Regarding claim 5, Liao in view of Mears teaches the system of claim 1. Liao in view of Mears does not disclose wherein the gateway system is adapted to modify a website associated with a sender domain to add the bait address to the website. Shraim teaches wherein the gateway system is adapted to modify a website associated with a sender domain to add the bait address to the website (Para [0018]. Para [0023]: a host and/or domain component may be selected, and the userid component may be combined to generate a bait email address.). Thus, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of Liao in view of Mears with the teachings of Shraim to include wherein the gateway system is adapted to modify a website associated with a sender domain to add the bait address to the website in order to generate a bait address to enhance security (Shraim Para [0018]. Para [0023]). Regarding claim 6, Liao in view of Mears teaches the system of claim 1. Liao in view of Mears does not disclose wherein the gateway system is adapted to assign criteria to the bait address including that the bait address has not been used prior to its publication. Shraim teaches wherein the gateway system is adapted to assign criteria to the bait address including that the bait address has not been used prior to its publication (Para [0210]: generate new bait email addresses corresponding to the intended recipient.). Thus, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of Liao in view of Mears with the teachings of Shraim to include wherein the gateway system is adapted to assign criteria to the bait address including that the bait address has not been used prior to its publication in order to indicates that the address is not currently a valid address (Shraim Para [0210]). Claim 14 is rejected under 35 U.S.C. 103 as being unpatentable over Liao (US 8601064 B1) In view of Mears (US 11916858 B1), and in view of Furlong (US 20140025763 A1). Regarding claim 14, Liao in view of Mears teaches the system of claim 1. Liao in view of Mears does not explicitly disclose wherein the predetermined percentage limit is two percent or greater. Furlong teaches wherein the predetermined percentage limit is two percent or greater (Para [0167]-[0178]: take an action according to threshold percentage, e.g., threshold exceed 3% take a high action.). Thus, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of Liao in view of Mears with the teachings of Furlong to include wherein the predetermined percentage limit is two percent or greater in order to establish reactive actions to increase targeted success rate for the delivery of digital messages (Furlong Claim 1). Claim 15 is rejected under 35 U.S.C. 103 as being unpatentable over Liao (US 8601064 B1) In view of Mears (US 11916858 B1), and in view of Dubodelov (US 20190129765 A1). Regarding claim 15, Liao in view of Mears teaches the system of claim 1. Liao in view of Mears does not explicitly disclose wherein the gateway system is in communications with the sender message system using an application programming interface. Dubodelov teaches wherein the gateway system is in communications with the sender message system using an application programming interface (Para [0014]: call-processing system 102 may function as a “gateway” between external senders of the requests and services providing APIs 112 that are internal to an organization and/or other entity.). It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of Liao in view of Mears of gateway system with the teachings of Dubodelov to include the well-known technique of wherein the gateway system is in communications with the sender message system using an application programming interface because the results would have been predictable and resulted in interact with the user through interface. Claim 18 is rejected under 35 U.S.C. 103 as being unpatentable over Liao (US 8601064 B1) In view of Mears (US 11916858 B1), and in view of Renteria (US 20160142429 A1). Regarding claim 18, Liao in view of Mears teaches the system of claim 16. Liao in view of Mears does not explicitly disclose wherein the IP address associated with the outbound electronic message is invalid due to its origin being geographically disallowed. Renteria teaches wherein the IP address associated with the outbound electronic message is invalid due to its origin being geographically disallowed (Para [0016]: determined whether one or more IP addresses associated with the email is within or without a predetermined geographic region, for example a region known for originating malicious attacks.). Thus, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of Liao in view of Mears and with the teachings of Renteria to include the IP address associated with the outbound electronic message is invalid due to its origin being geographically disallowed in order to quarantine email sent from IP addresses associated with geographic region known for originating malicious attacks (Renteria Para [0016]). Claim 21 is rejected under 35 U.S.C. 103 as being unpatentable over Liao (US 8601064 B1) In view of Mears (US 11916858 B1), and in view of Sprosts (US 20070220607 A1). Regarding claim 21, Liao in view of Mears teaches the system of claim 19. Liao in view of Mears does not explicitly disclose wherein the gateway system is adapted to release the outbound electronic message from quarantine upon request from a user. Sprosts teaches wherein the gateway system is adapted to release the outbound electronic message from quarantine upon request from a user (Claims 4-5: performing different actions in response to (a) a user request to manually release the message from the message quarantine.). Thus, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the invention of Liao in view of Mears with the teachings of Sprosts to include wherein the gateway system is adapted to release the outbound electronic message from quarantine upon request from a user in order to analyse the message manually (Sprosts Claims 4-5). Conclusion Any inquiry concerning this communication or earlier communications from the examiner should be directed to JUDY BAZNA whose telephone number is (703)756-1258. The examiner can normally be reached Monday - Friday 08:30 AM-05:00 PM. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Farid Homayounmehr can be reached at (571) 272-3739. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300. Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. /JUDY BAZNA/ Examiner, Art Unit 2495 /FARID HOMAYOUNMEHR/ Supervisory Patent Examiner, Art Unit 2495
Read full office action

Prosecution Timeline

Aug 06, 2023
Application Filed
May 17, 2025
Non-Final Rejection — §101, §103
Jul 26, 2025
Response Filed
Oct 31, 2025
Final Rejection — §101, §103
Jan 05, 2026
Response after Non-Final Action
Feb 06, 2026
Request for Continued Examination
Feb 22, 2026
Response after Non-Final Action
Mar 21, 2026
Non-Final Rejection — §101, §103 (current)

Precedent Cases

Applications granted by this same examiner with similar technology

18/131,757
Patent 12585784
SYSTEM FOR COMPONENT-LEVEL THREAT ASSESSMENT IN A COMPUTING ENVIRONMENT
2y 5m to grant Granted Mar 24, 2026
18/678,569
Patent 12579261
MANAGING INFERENCE MODELS IN VIEW OF RECONSTRUCTABILITY OF SENSITIVE INFORMATION
2y 5m to grant Granted Mar 17, 2026
17/821,285
Patent 12572643
CIRCUIT AND METHOD FOR DETECTING A FAULT INJECTION ATTACK IN AN INTEGRATED CIRCUIT
2y 5m to grant Granted Mar 10, 2026
18/046,381
Patent 12549335
COORDINATING DATA ACCESS AMONG MULTIPLE SERVICES
2y 5m to grant Granted Feb 10, 2026
17/736,417
Patent 12536288
DETECTING BACKDOORS IN BINARY SOFTWARE CODE
2y 5m to grant Granted Jan 27, 2026
Study what changed to get past this examiner. Based on 5 most recent grants.

AI Strategy Recommendation

Get an AI-powered prosecution strategy using examiner precedents, rejection analysis, and claim mapping.
Powered by AI — typically takes 5-10 seconds

Prosecution Projections

3-4
Expected OA Rounds
67%
Grant Probability
90%
With Interview (+22.9%)
3y 1m
Median Time to Grant
High
PTA Risk
Based on 24 resolved cases by this examiner. Grant probability derived from career allow rate.

Ready to respond to this office action?

IP Author drafts your complete OA response — amendments, arguments, and claim strategy — in minutes, not days.

Start Drafting Your Response →

Data sourced from USPTO Patent File Wrapper (daily) and Office Action Archive (weekly). Analysis generated by IP Author.

Data: USPTO Patent File Wrapper (daily) • Office Action Archive (weekly) • 89M+ prosecution events

© 2026 IP Author — Browse Office ActionsExaminersCompaniesFirms

Sign in with your work email

Enter your email to receive a magic link. No password needed.

Personal email addresses (Gmail, Yahoo, etc.) are not accepted.

Free tier: 3 strategy analyses per month