A method and computer program operative in an e-mail server for reducing
unsolicited e-mail in an enterprise computing environment. According to
the invention, e-mail is accepted for delivery to e-mail clients only if
it is from an address that has been verified by an e-mail server and/or
approved by a recipient. When an e-mail from a particular address is
received at the e-mail server for the first time, the server automatically
issues an e-mail to the address to request that the sender verify the
authenticity of the original message. If a return acknowledgement is
received within a given time period, the e-mail is deemed to be authentic
and delivered to its intended recipient within the enterprise. Mail
messages from previously-verified addresses need not be rechecked.
