CN110460582A - A kind of detection method and device of risk email address - Google Patents
A kind of detection method and device of risk email address Download PDFInfo
- Publication number
- CN110460582A CN110460582A CN201910631674.4A CN201910631674A CN110460582A CN 110460582 A CN110460582 A CN 110460582A CN 201910631674 A CN201910631674 A CN 201910631674A CN 110460582 A CN110460582 A CN 110460582A
- Authority
- CN
- China
- Prior art keywords
- email address
- prefix
- domain name
- risk
- mailbox
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F18/00—Pattern recognition
- G06F18/20—Analysing
- G06F18/21—Design or setup of recognition systems or techniques; Extraction of features in feature space; Blind source separation
- G06F18/214—Generating training patterns; Bootstrap methods, e.g. bagging or boosting
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q10/00—Administration; Management
- G06Q10/10—Office automation; Time management
- G06Q10/107—Computer-aided management of electronic mailing [e-mailing]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L51/00—User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail
- H04L51/42—Mailbox-related aspects, e.g. synchronisation of mailboxes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L51/00—User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail
- H04L51/48—Message addressing, e.g. address format or anonymous messages, aliases
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
Landscapes
- Engineering & Computer Science (AREA)
- Business, Economics & Management (AREA)
- Signal Processing (AREA)
- Theoretical Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Human Resources & Organizations (AREA)
- Data Mining & Analysis (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Entrepreneurship & Innovation (AREA)
- Strategic Management (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- Operations Research (AREA)
- Life Sciences & Earth Sciences (AREA)
- Tourism & Hospitality (AREA)
- Marketing (AREA)
- General Business, Economics & Management (AREA)
- Economics (AREA)
- Computing Systems (AREA)
- Quality & Reliability (AREA)
- Artificial Intelligence (AREA)
- Bioinformatics & Cheminformatics (AREA)
- Bioinformatics & Computational Biology (AREA)
- Computer Vision & Pattern Recognition (AREA)
- Evolutionary Biology (AREA)
- Evolutionary Computation (AREA)
- Information Transfer Between Computers (AREA)
Abstract
The embodiment of the invention provides the detection methods and device of a kind of risk email address, the detection method and device are applied to the registrar of internet platform, whether the domain name for specially judging the email address received is disposable mailbox domain name, and email address is if it is labeled as risk email address;Whether it is that randomness prefix judges to the prefix of email address using deep learning model trained in advance if domain name is not disposable mailbox domain name, email address is if it is labeled as risk email address;Whether it is that false email address judges to email address if prefix is not randomness prefix, email address is if it is labeled as risk email address.I.e. for effective detection means is provided to the analysis of the substantive content of risk email address in the application, can take appropriate measures on the basis of effective detection, to avoid the improper registration of criminal.
Description
Technical field
The present invention relates to Internet technical fields, more particularly to the detection method and device of a kind of risk email address.
Background technique
Currently, as the rise of the platforms such as electric business, social activity and internet finance is especially in electric business transaction platform
The platform for newly promoting oneself is drawn, many preferential activities can be released, such as send discount coupon red packet.And there are some just to keep a close watch on this
A little chances, by improper means by way of registering user's trumpet, to obtain these discount coupon red packets.Wherein, mailbox
Location is an important dimension of such platform in registration, transaction.
Corresponding grey industry has been formed at present, platform registration has been carried out for these users and all kinds of email addresses is provided.Cause
This, the platforms such as electric business, social activity and internet finance identify these risk postals it is necessary to carry out identification filtering to email address
Case address, to avoid the improper registration of criminal.
Summary of the invention
In view of this, the present invention provides the detection methods and device of a kind of risk email address, to avoid criminal
Improper registration is carried out by risk email address.
To solve the above-mentioned problems, the invention discloses a kind of detection methods of risk email address, are applied to internet
The registrar of platform, the detection method comprising steps of
Whether the domain name for judging the email address received is disposable mailbox domain name, if it is by the email address
Labeled as risk email address;
If domain name is not disposable mailbox domain name, using deep learning model trained in advance to the mailbox
Whether the prefix of address is that randomness prefix is judged, the email address is if it is labeled as risk email address;
It whether is false mailbox to the email address by smtp agreement if the prefix is not randomness prefix
Address judged, the email address is if it is labeled as risk email address, if not then by the mailbox
Location is labeled as authentic and valid email address.
Optionally, whether the domain name for judging the email address received is disposable mailbox domain name, comprising steps of
It is prefix and domain name that the email address, which is pressed@Character segmentation,;
Compared using the disposable name single pair domain name safeguarded in advance, with this judge domain name whether be
Disposable mailbox domain name.
Optionally, described to utilize whether deep learning model trained in advance is randomness to the prefix of the email address
Prefix judged, comprising steps of
It is the prefix and domain name that the email address, which is pressed@Character segmentation,;
The prefix is inputted the deep learning model to handle, is obtained before whether the prefix be the randomness
Sew.
Optionally, the prefix is inputted before the deep learning model progress processing step described, further includes step
It is rapid:
The prefix is converted to the id sequence of regular length according to the dictionary safeguarded in advance;
It is described to handle the prefix input deep learning model, comprising:
The id sequence inputting is handled to the deep learning model.
Optionally, described whether to be that false email address judges to the email address by smtp agreement, including
Step:
HEOL packet is sent to mail server pointed by the email address by smtp agreement, and receives first state
Code;
If the first state code is not default value, determine the email address for false email address;
If the first state code is the default value, further pass through smtp agreement to the mail server
RCPT packet is sent, and receives the second status code;
If second status code is the default value, determine the email address for false mailbox
Location, if second status code is the default value, determining the email address not is false email address.
A kind of detection device of risk email address, applied to the registrar of internet platform, the detection device
Include:
First judgment module, whether the domain name for being configured as the email address that judgement receives is disposable mailbox domain name,
If it is the email address is labeled as risk email address;
Second judgment module utilizes training in advance if being configured as domain name not is disposable mailbox domain name
Whether deep learning model is that randomness prefix judges to the prefix of the email address, if it is by the mailbox
Location is labeled as risk email address;
Third judgment module, if being configured as the prefix not is randomness prefix, by smtp agreement to described
Whether email address is that false email address is judged, the email address is if it is labeled as risk email address,
If not the email address is then labeled as authentic and valid email address.
Optionally, the first judgment module includes:
First cutting unit is configured as the email address being prefix and domain name by@Character segmentation;
First judging unit is configured as comparing using the disposable name single pair domain name safeguarded in advance,
Judge whether domain name is disposable mailbox domain name with this.
Optionally, second judgment module includes:
Second cutting unit is configured as the email address being the prefix and domain name by@Character segmentation;
Second judgment unit is configured as handling on the prefix input deep learning model, obtain described
Whether prefix is the randomness prefix.
Optionally, second judgment module further includes prefix process unit, in which:
The prefix process unit be also used to second judgment unit by the prefix input the deep learning model it
Before, be also used to the prefix is converted to according to the dictionary safeguarded the id sequence of regular length in advance;
The second judgment unit is then used to handle the id sequence inputting to the deep learning model.
Optionally, the third judgment module includes:
First transmission unit is configured as sending by smtp agreement to mail server pointed by the email address
HEOL packet, and receive first state code;
First judging unit, if being configured as the first state code is not default value, with determining the mailbox
Location is false email address;
Second transmission unit further passes through if being configured as the first state code is the default value
Smtp agreement sends RCPT packet to the mail server, and receives the second status code;
Second judging unit, if being configured as second status code is the default value, determine described in
Email address determines the email address not if second status code is the default value for false email address
For false email address.
It can be seen from the above technical proposal that this application provides the detection method and device of a kind of risk email address,
The detection method and device are applied to the registrar of internet platform, specially judge the domain name of the email address received
Whether it is disposable mailbox domain name, email address is if it is labeled as risk email address;If domain name is not disposable
Whether mailbox domain name is then that randomness prefix is sentenced to the prefix of email address using deep learning model trained in advance
It is disconnected, email address is if it is labeled as risk email address;If prefix is not randomness prefix, pass through smtp agreement
Whether it is that false email address judges to email address, email address is if it is labeled as risk email address, such as
Fruit is not that email address is labeled as authentic and valid email address.It is directed in the application in the essence of risk email address
The analysis of appearance provides effective detection means, can take appropriate measures on the basis of effective detection, to avoid illegal
The improper registration of molecule.
Detailed description of the invention
In order to more clearly explain the embodiment of the invention or the technical proposal in the existing technology, to embodiment or will show below
There is attached drawing needed in technical description to be briefly described, it should be apparent that, the accompanying drawings in the following description is only this
Some embodiments of invention for those of ordinary skill in the art without creative efforts, can be with
It obtains other drawings based on these drawings.
Fig. 1 is a kind of flow chart of the detection method of risk email address of the embodiment of the present application;
Fig. 2 is the model structure block diagram of the deep learning model of the embodiment of the present application;
Fig. 3 is a kind of block diagram of the detection device of risk email address of the embodiment of the present application.
Specific embodiment
Following will be combined with the drawings in the embodiments of the present invention, and technical solution in the embodiment of the present invention carries out clear, complete
Site preparation description, it is clear that described embodiments are only a part of the embodiments of the present invention, instead of all the embodiments.It is based on
Embodiment in the present invention, it is obtained by those of ordinary skill in the art without making creative efforts every other
Embodiment shall fall within the protection scope of the present invention.
Present inventor has found that risk email address is generally showed by carrying out analysis to the email address of black production
Following several types:
1, email address domain name is disposable mailbox domain name, and prefix shows normal users name type, such as
The characteristics of " aivuv14745 bccto.me ", this kind of mailbox shows be mailbox validity period it is very short, but really necessary being
, it can freely be obtained by this kind of mailbox server.
2, due to needing Mass production registration mailbox, mailbox prefix domain name generally can be all generated at random by machine, then
By calling the automation of Netease's registration interface to generate registration mailbox, such as " xg8kkwkl9h@163.com ", " pzaiofdwhrtpj@
163.com " etc..The characteristics of this kind of mailbox shows is that email address prefix is that randomness is very strong, and registration mailbox prefix can all lack
Weary semantic information does not meet the characteristics of people registers.
3, due to being not that each platform can need to make mailbox one authenticity veritification, some email addresses are not
Existing, this email address a part is that domain name fails to provide mail server function, and a part is and unregistered postal
Case address.
According to above-mentioned analysis, the application spy proposes following specific embodiment, to solve the test problems of risk email address:
Embodiment one
Fig. 1 is a kind of flow chart of the detection method of risk email address of the embodiment of the present application.
Shown in referring to Fig.1, detection method provided in this embodiment is applied to the platforms such as electric business, social activity and internet finance
Registrar, specifically comprise the following steps:
Whether S1, the domain name for detecting email address are disposable mailbox domain name.
After the email address for registration that system receives that user uploads when registering, the email address is detected
Domain name whether be disposable domain name, if it is disposable domain name then directly by the email address be labeled as risk email address,
To cancel the registration operating right of relative users in subsequent registration operation.If the domain name of the email address is not primary
Property domain name, then execute subsequent step.
Here in order to realize that the domain name to the email address detects, the specific step that executes includes following content:
Firstly, the email address received is divided into prefix and domain name two parts according to character@.The present embodiment is using in advance
A 20000 or so blacklist domain name datas are first maintained, the data type of each of them is all by@+domain name
Form storage, it is contemplated that retrieval performance can construct the binary tree storage of this part of data later.
Then, by maximizing@+domain name data of detection user, to judge whether this email address is disposable mailbox.
Why may require that plus@and retrieve herein, is since the domain name of many disposable mailboxes may be normal operation in normal domain in the presence of part
The form of name, such as " tmail.com ", if directly retrieving domain name, will lead to " hotmail.com " also can be identified as disposably
Mailbox domain name.If being matched to disposable mailbox domain name, the email address is directly labeled as risk email address.
Whether S2, detection email address include randomness prefix.
For not being the email address of disposable mailbox domain name, then deep learning model pair trained in advance is further utilized
Whether its prefix is that randomness prefix is judged, if its prefix is randomness prefix, which is labeled as
Risk email address.
Firstly, email address is divided into two parts of prefix and domain name by character@, or clear-cut just in previous step
Segmentation result.Then, prefix therein is input to deep learning model trained in advance to identify, if the knot of identification
The prefix of the email address is identified as randomness prefix 0.5 or more, then by fruit value, and the email address is determined as risk postal
Case address.If its prefix is not identified as randomness prefix, next operation is executed.
In addition, prefix is converted into an id sequence using a dictionary safeguarded before before identifying to prefix
Column, then identify the id sequence inputting into the deep learning model.When the prefix is converted to id sequence to sequence
Arrange it is insufficient do a Sequence Filling, supplying sequence length is 75, is input to preparatory trained model later, obtains model
Identification as a result, its model structure is as shown in Figure 2.
Whether S3, detection email address are false email address.
I.e. by the judgement of front, if the prefix of the email address and nonrandomness prefix, further to the mailbox
Whether address is that false email address is judged, if it is false mailbox, then risk email address is marked as, if not
It is to be marked as authentic and valid email address, i.e., allows to be registered according to the email address in subsequent registration, from
And it avoids criminal and carries out improper registration using risk email address.
Here the judgement of false email address is executed as follows:
Firstly, sending HELO packet to mail server pointed by the email address by smtp agreement, and receive the postal
Part server is directed to the first state code of HEOL packet feedback.
If the first state code is not a default value, such as 250, determine the email address for false mailbox
Location.
If the first state code is the default value, such as 250, then is sent by smtp agreement to mailbox server
RCPT packet, and receive the second status code that the mailbox server is directed to RCPT packet feedback.
If second status code is not the default value, such as 250, determine the email address for false email address;
If second status code is the default value, such as 250, determine that the email address is authentic and valid email address.
It can be seen from the above technical proposal that this application provides a kind of detection method of risk email address, the detection
Method is applied to the registrar of internet platform, specially judges whether the domain name of the email address received is disposable
Email address is if it is labeled as risk email address by mailbox domain name;If domain name is not disposable mailbox domain name, benefit
It whether is that randomness prefix judges to the prefix of email address with deep learning model trained in advance, if it is by postal
Case address mark is risk email address;If prefix is not randomness prefix, by smtp agreement to email address whether
Judged for false email address, email address is if it is labeled as risk email address, if not then by mailbox
Address is labeled as authentic and valid email address.It is directed in the application and the analysis of the substantive content of risk email address is provided
Effective detection means can take appropriate measures on the basis of effective detection, to avoid the improper note of criminal
Volume.
Embodiment two
Fig. 3 is a kind of block diagram of the detection device of risk email address of the embodiment of the present application.
Referring to shown in Fig. 3, detection device provided in this embodiment is applied to the platforms such as electric business, social activity and internet finance
Registrar, specifically include first judgment module 10, the second judgment module 20 and third judgment module 30.
First judgment module is for detecting whether the domain name of email address is disposable mailbox domain name.
After the email address for registration that system receives that user uploads when registering, the email address is detected
Domain name whether be disposable domain name, if it is disposable domain name then directly by the email address be labeled as risk email address,
To cancel the registration operating right of relative users in subsequent registration operation.If the domain name of the email address is not primary
Property domain name, then execute subsequent step.
Here in order to realize that the domain name to the email address detects, which specifically includes the first cutting unit and
One judging unit.
The email address that first cutting unit is used to receive is divided into prefix and domain name two parts according to character@.This
Embodiment utilizes maintains a 20000 or so blacklist domain name datas in advance, and the data type of each of them is all
It is stored by way of+domain name, it is contemplated that retrieval performance can construct the binary tree storage of this part of data later.
First judging unit be used for by maximize detection user@+domain name data, come judge this email address whether be
Disposable mailbox.Why may require that plus@and retrieve herein, is since the domain name of many disposable mailboxes may have portion
It point is the form of normal domain name, such as " tmail.com ", if directly retrieving domain name, will lead to " hotmail.com " can also be known
It Wei not disposable mailbox domain name.If being matched to disposable mailbox domain name, the email address is directly labeled as risk mailbox
Address.
Second judgment module is for detecting whether email address includes randomness prefix.
For not being the email address of disposable mailbox domain name, then deep learning model pair trained in advance is further utilized
Whether its prefix is that randomness prefix is judged, if its prefix is randomness prefix, which is labeled as
Risk email address.The module specifically includes the second cutting unit and second judgment unit.
Second cutting unit is used to email address being divided into two parts of prefix and domain name by character@, or simply
With the segmentation result in previous step.Second judgment unit is used to for prefix therein to be input to deep learning mould trained in advance
Type is identified, if the prefix of the email address is identified as randomness prefix 0.5 or more by the end value of identification, and
The email address is determined as risk email address.If its prefix is not identified as randomness prefix, next behaviour is executed
Make.
In addition, the present embodiment further includes prefix process unit, the unit is for knowing prefix in second judgment unit
Before not, prefix is converted into an id sequence using a dictionary safeguarded before, then second judgment unit is by the id sequence
Column, which are input in the deep learning model, to be identified.It is insufficient to sequence when the prefix is converted to id sequence to do a sequence
Column filling, supplying sequence length is 75, is input to preparatory trained model later, obtain model identification as a result, its mould
Type structure is as shown in Figure 2.
Third judgment module is for detecting whether email address is false email address.
I.e. by the judgement of front, if the prefix of the email address and nonrandomness prefix, further to the mailbox
Whether address is that false email address is judged, if it is false mailbox, then risk email address is marked as, if not
It is to be marked as authentic and valid email address, i.e., allows to be registered according to the email address in subsequent registration, from
And it avoids criminal and carries out improper registration using risk email address.
The module specifically includes the first transmission unit, the first judging unit, the second transmission unit and the second judging unit.
First transmission unit is used to send HELO packet to mail server pointed by the email address by smtp agreement,
And receive the first state code that the mail server is directed to HEOL packet feedback.
If the first judging unit is not a default value, such as 250 for the first state code, with determining the mailbox
Location is false email address.
If the second transmission unit first state code is the default value, such as 250, then passes through smtp agreement to mailbox
Server sends RCPT packet, and receives the second status code that the mailbox server is directed to RCPT packet feedback.
If the second judging unit is not the default value, such as 250 for second status code, the email address is determined
For false email address;If second status code is the default value, such as 250, determine that the email address is authentic and valid
Email address.
It can be seen from the above technical proposal that this application provides a kind of detection device of risk email address, the detection
Device is applied to the registrar of internet platform, specially judges whether the domain name of the email address received is disposable
Email address is if it is labeled as risk email address by mailbox domain name;If domain name is not disposable mailbox domain name, benefit
It whether is that randomness prefix judges to the prefix of email address with deep learning model trained in advance, if it is by postal
Case address mark is risk email address;If prefix is not randomness prefix, by smtp agreement to email address whether
Judged for false email address, email address is if it is labeled as risk email address, if not then by mailbox
Address is labeled as authentic and valid email address.It is directed in the application and the analysis of the substantive content of risk email address is provided
Effective detection means can take appropriate measures on the basis of effective detection, to avoid the improper note of criminal
Volume.
All the embodiments in this specification are described in a progressive manner, the highlights of each of the examples are with
The difference of other embodiments, the same or similar parts between the embodiments can be referred to each other.
It should be understood by those skilled in the art that, the embodiment of the embodiment of the present invention can provide as method, apparatus or calculate
Machine program product.Therefore, the embodiment of the present invention can be used complete hardware embodiment, complete software embodiment or combine software and
The form of the embodiment of hardware aspect.Moreover, the embodiment of the present invention can be used one or more wherein include computer can
With in the computer-usable storage medium (including but not limited to magnetic disk storage, CD-ROM, optical memory etc.) of program code
The form of the computer program product of implementation.
The embodiment of the present invention be referring to according to the method for the embodiment of the present invention, terminal device (system) and computer program
The flowchart and/or the block diagram of product describes.It should be understood that flowchart and/or the block diagram can be realized by computer program instructions
In each flow and/or block and flowchart and/or the block diagram in process and/or box combination.It can provide these
Computer program instructions are set to general purpose computer, special purpose computer, Embedded Processor or other programmable data processing terminals
Standby processor is to generate a machine, so that being held by the processor of computer or other programmable data processing terminal devices
Capable instruction generates for realizing in one or more flows of the flowchart and/or one or more blocks of the block diagram
The device of specified function.
These computer program instructions, which may also be stored in, is able to guide computer or other programmable data processing terminal devices
In computer-readable memory operate in a specific manner, so that instruction stored in the computer readable memory generates packet
The manufacture of command device is included, which realizes in one side of one or more flows of the flowchart and/or block diagram
The function of being specified in frame or multiple boxes.
These computer program instructions can also be loaded into computer or other programmable data processing terminal devices, so that
Series of operation steps are executed on computer or other programmable terminal equipments to generate computer implemented processing, thus
The instruction executed on computer or other programmable terminal equipments is provided for realizing in one or more flows of the flowchart
And/or in one or more blocks of the block diagram specify function the step of.
Although the preferred embodiment of the embodiment of the present invention has been described, once a person skilled in the art knows bases
This creative concept, then additional changes and modifications can be made to these embodiments.So the following claims are intended to be interpreted as
Including preferred embodiment and fall into all change and modification of range of embodiment of the invention.
Finally, it is to be noted that, herein, relational terms such as first and second and the like be used merely to by
One entity or operation are distinguished with another entity or operation, without necessarily requiring or implying these entities or operation
Between there are any actual relationship or orders.Moreover, the terms "include", "comprise" or its any other variant meaning
Covering non-exclusive inclusion, so that process, method, article or terminal device including a series of elements not only wrap
Those elements are included, but also including other elements that are not explicitly listed, or further includes for this process, method, article
Or the element that terminal device is intrinsic.In the absence of more restrictions, being wanted by what sentence "including a ..." limited
Element, it is not excluded that there is also other identical elements in process, method, article or the terminal device for including the element.
Technical solution provided by the present invention is described in detail above, specific case used herein is to this hair
Bright principle and embodiment is expounded, method of the invention that the above embodiments are only used to help understand and its
Core concept;At the same time, for those skilled in the art, according to the thought of the present invention, in specific embodiment and application
There will be changes in range, in conclusion the contents of this specification are not to be construed as limiting the invention.
Claims (10)
1. a kind of detection method of risk email address, the registrar applied to internet platform, which is characterized in that described
Detection method comprising steps of
Whether the domain name for judging the email address received is disposable mailbox domain name, if it is marks the email address
For risk email address;
If domain name is not disposable mailbox domain name, using deep learning model trained in advance to the email address
Prefix whether be that randomness prefix is judged, if it is by the email address be labeled as risk email address;
It whether is false email address to the email address by smtp agreement if the prefix is not randomness prefix
Judged, the email address is if it is labeled as risk email address, if not then by the email address mark
Note is authentic and valid email address.
2. detection method as described in claim 1, which is characterized in that whether the domain name of the email address for judging to receive
For disposable mailbox domain name, comprising steps of
It is prefix and domain name that the email address, which is pressed@Character segmentation,;
It is compared using the disposable name single pair domain name safeguarded in advance, judges whether domain name is primary with this
Property mailbox domain name.
3. detection method as described in claim 1, which is characterized in that described to utilize deep learning model trained in advance to institute
Whether the prefix for stating email address is that randomness prefix is judged, comprising steps of
It is the prefix and domain name that the email address, which is pressed@Character segmentation,;
The prefix is inputted the deep learning model to handle, obtains whether the prefix is the randomness prefix.
4. detection method as claimed in claim 3, which is characterized in that the prefix is inputted the deep learning mould described
Before type carries out processing step, further comprise the steps of:
The prefix is converted to the id sequence of regular length according to the dictionary safeguarded in advance;
It is described to handle the prefix input deep learning model, comprising:
The id sequence inputting is handled to the deep learning model.
5. detection method as described in claim 1, which is characterized in that it is described by smtp agreement to the email address whether
Judged for false email address, comprising steps of
HEOL packet is sent to mail server pointed by the email address by smtp agreement, and receives first state code;
If the first state code is not default value, determine the email address for false email address;
If the first state code is the default value, further sent by smtp agreement to the mail server
RCPT packet, and receive the second status code;
If second status code is the default value, determine the email address for false email address, such as
Second status code described in fruit is the default value, then determining the email address not is false email address.
6. a kind of detection device of risk email address, the registrar applied to internet platform, which is characterized in that described
Detection device includes:
First judgment module, whether the domain name for being configured as the email address that judgement receives is disposable mailbox domain name, if
It is then by the email address labeled as risk email address;
Second judgment module utilizes depth trained in advance if being configured as domain name not is disposable mailbox domain name
Whether learning model is that randomness prefix judges to the prefix of the email address, if it is by the email address mark
It is denoted as risk email address;
Third judgment module, if being configured as the prefix not is randomness prefix, by smtp agreement to the mailbox
Whether address is that false email address is judged, the email address is if it is labeled as risk email address, if
It is not that the email address is labeled as authentic and valid email address.
7. detection device as claimed in claim 6, which is characterized in that the first judgment module includes:
First cutting unit is configured as the email address being prefix and domain name by@Character segmentation;
First judging unit is configured as comparing using the disposable name single pair domain name safeguarded in advance, with this
Judge whether domain name is disposable mailbox domain name.
8. detection device as claimed in claim 6, which is characterized in that second judgment module includes:
Second cutting unit is configured as the email address being the prefix and domain name by@Character segmentation;
Second judgment unit is configured as handling on the prefix input deep learning model, obtains the prefix
It whether is the randomness prefix.
9. detection device as claimed in claim 8, which is characterized in that second judgment module further includes prefix process list
Member, in which:
The prefix process unit is also used to before the prefix is inputted the deep learning model by second judgment unit, also
For the prefix to be converted to the id sequence of regular length according to the dictionary safeguarded in advance;
The second judgment unit is then used to handle the id sequence inputting to the deep learning model.
10. detection device as claimed in claim 6, which is characterized in that the third judgment module includes:
First transmission unit is configured as sending HEOL to mail server pointed by the email address by smtp agreement
Packet, and receive first state code;
First judging unit determines that the email address is if being configured as the first state code is not default value
False email address;
Second transmission unit is further assisted by smtp if being configured as the first state code is the default value
It discusses to the mail server and sends RCPT packet, and receive the second status code;
Second judging unit determines the mailbox if being configured as second status code is the default value
Address is false email address, if second status code is the default value, it is empty for determining the email address not
False email address.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910631674.4A CN110460582A (en) | 2019-07-12 | 2019-07-12 | A kind of detection method and device of risk email address |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910631674.4A CN110460582A (en) | 2019-07-12 | 2019-07-12 | A kind of detection method and device of risk email address |
Publications (1)
Publication Number | Publication Date |
---|---|
CN110460582A true CN110460582A (en) | 2019-11-15 |
Family
ID=68481179
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201910631674.4A Pending CN110460582A (en) | 2019-07-12 | 2019-07-12 | A kind of detection method and device of risk email address |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN110460582A (en) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111162996A (en) * | 2019-12-27 | 2020-05-15 | 广东睿江云计算股份有限公司 | Mail registration optimization method and system |
CN114389854A (en) * | 2021-12-22 | 2022-04-22 | 杭州美创科技有限公司 | Malicious e-mail detection method and system |
CN115099832A (en) * | 2022-06-29 | 2022-09-23 | 广州华多网络科技有限公司 | Abnormal user detection method and device, equipment, medium and product thereof |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20100138340A1 (en) * | 2002-09-19 | 2010-06-03 | John Earl Shirey | System and apparatus for transaction fraud processing |
CN105450474A (en) * | 2015-12-07 | 2016-03-30 | 小米科技有限责任公司 | Method and device for detecting e-mail server address |
CN105516192A (en) * | 2016-01-14 | 2016-04-20 | 杭州同盾科技有限公司 | Mail address security identification control method and mail address security identification control system |
CN108683749A (en) * | 2018-05-18 | 2018-10-19 | 携程旅游信息技术(上海)有限公司 | A kind of judgment method, equipment and the medium of random email address |
-
2019
- 2019-07-12 CN CN201910631674.4A patent/CN110460582A/en active Pending
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20100138340A1 (en) * | 2002-09-19 | 2010-06-03 | John Earl Shirey | System and apparatus for transaction fraud processing |
CN105450474A (en) * | 2015-12-07 | 2016-03-30 | 小米科技有限责任公司 | Method and device for detecting e-mail server address |
CN105516192A (en) * | 2016-01-14 | 2016-04-20 | 杭州同盾科技有限公司 | Mail address security identification control method and mail address security identification control system |
CN108683749A (en) * | 2018-05-18 | 2018-10-19 | 携程旅游信息技术(上海)有限公司 | A kind of judgment method, equipment and the medium of random email address |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111162996A (en) * | 2019-12-27 | 2020-05-15 | 广东睿江云计算股份有限公司 | Mail registration optimization method and system |
CN111162996B (en) * | 2019-12-27 | 2020-12-15 | 广东睿江云计算股份有限公司 | Mail registration optimization method and system |
CN114389854A (en) * | 2021-12-22 | 2022-04-22 | 杭州美创科技有限公司 | Malicious e-mail detection method and system |
CN115099832A (en) * | 2022-06-29 | 2022-09-23 | 广州华多网络科技有限公司 | Abnormal user detection method and device, equipment, medium and product thereof |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN110460582A (en) | A kind of detection method and device of risk email address | |
CN107872772B (en) | Method and device for detecting fraud short messages | |
US8984289B2 (en) | Classifying a message based on fraud indicators | |
CN108259415B (en) | Mail detection method and device | |
CN103929411B (en) | Information displaying method, terminal, safety server and system | |
Lam et al. | Involuntary information leakage in social network services | |
CN103227786B (en) | A kind of website login information filling method and device | |
WO2019076017A1 (en) | Feedback information processing method and apparatus, terminal device and medium | |
JP2000339236A (en) | Mischievous mail preventing device, method therefor and recording medium | |
JP2014532934A (en) | Email tag | |
CN107688733B (en) | Service interface calling method, device, user terminal and readable storage medium | |
EP3198521B1 (en) | Method and apparatus of processing a doi (digital object unique identifier) in interaction information | |
CN105516192B (en) | A kind of mail address is safe to identify control method and device | |
CN107920094A (en) | Data capture method, device, server and the network equipment | |
CN109039874A (en) | A kind of the mail auditing method and device of Behavior-based control analysis | |
CN110096635A (en) | A kind of the inquiry visual display method and device of traditional Chinese and western medicine medicine information | |
CN103685254B (en) | The safety detection method and server of public account information | |
US11010687B2 (en) | Detecting abusive language using character N-gram features | |
CN108683583A (en) | A kind of Junk mail processing method, device and storage medium | |
CN105490913B (en) | Instant message processing method and device | |
CN109885780A (en) | Data processing method and device | |
CN112039874B (en) | Malicious mail identification method and device | |
CN115603926A (en) | Phishing mail identification method, system, device and storage medium | |
CN102760130B (en) | The method and apparatus of process information | |
CN107508834A (en) | A kind of Information Authentication method and electronic equipment |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20191115 |
|
RJ01 | Rejection of invention patent application after publication |