JP4148979B2 - E-mail system, e-mail relay device, e-mail relay method, and e-mail relay program - Google Patents

Description

  The present invention relates to an electronic mail system, an electronic mail relay device, an electronic mail relay method, and an electronic mail relay program, and is suitable for application to an electronic mail system that transmits and receives electronic mail between electronic mail terminals, for example.

  In recent years, in an electronic mail system, an electronic mail is transmitted and received between mail terminals via a network, and the number of users and usage frequency are increasing as the Internet spreads.

  Accordingly, in the e-mail system, in addition to general e-mails, there are various e-mails such as important e-mails that cannot be mistaken for contents and secret e-mails that are not desired to be seen by others. In addition, various files and data used by a general computer or the like can be attached and transmitted.

  However, in the electronic mail system, the electronic mail is relayed (transferred) between a plurality of electronic mail servers existing on the network due to its configuration. For this reason, in this e-mail system, when standard transmission / reception is performed, the contents of the e-mail are viewed by a third party (so-called interception or eavesdropping) in the middle of the process, or the contents of the e-mail are illegal. There is a risk of rewriting (so-called falsification), and important contents and secret contents cannot always be transmitted and received safely.

  Therefore, some e-mail systems have a method of ensuring security by encrypting an e-mail on the transmission side and transmitting it, and receiving and decrypting the encrypted e-mail on the reception side. It is done. In practice, various methods such as S / MIME (Secure / Multipurpose Internet Mail Extensions) and PGP (Pretty Good Privacy) have been proposed as encryption methods applicable to electronic mail.

  However, in a general electronic mail system, an encryption function and a decryption function are not necessarily installed in mail client software (so-called MUA (Mail User Agent)) used in an electronic mail terminal.

  For this reason, in order to actually encrypt and exchange e-mails in the e-mail system, encryption software is required for the e-mail terminal on the sending side, and this e-mail terminal supports this encryption method. There has been a demand for addition / change and complicated operations by the user of the e-mail terminal, such as the need for decryption software.

Therefore, in the e-mail system, the sending side and receiving side e-mail terminals are not equipped with encryption software and decryption software, and the sending side e-mail terminal is connected to the e-mail server on the sending side. There has been proposed an electronic mail encryption process that is performed by a receiving-side e-mail server to which a receiving-side e-mail terminal is connected (see, for example, Patent Documents). 1).
JP 2006-13747 (FIGS. 2 and 5)

  However, in the electronic mail system having such a configuration, not only the transmission-side electronic mail server has an encryption function but also the reception-side electronic mail server needs to have a decryption function. The mail can be decrypted only by an electronic mail server having a decryption function.

  For this reason, in this e-mail system, when the receiving e-mail server does not have the decryption function, the receiving e-mail terminal connected to the e-mail server may not have the decryption function. Since it is expensive, there is a possibility that the received electronic mail cannot be decrypted.

  By the way, in the e-mail system, for example, when the e-mail text is less important but the attached file is more important, only the attached file is encrypted by the e-mail server on the sending side to ensure security. It is also possible.

  However, even in an electronic mail system that encrypts only an attachment file, the encrypted attachment file can be decrypted only by a receiving server having a decryption function, as in the case of encrypting the entire electronic mail. That is no different.

  For this reason, this electronic mail system has a problem that an electronic mail terminal connected to an electronic mail server that does not have a decryption function may not be able to correctly acquire an attached file.

  The present invention has been made in consideration of the above points, and intends to propose an e-mail system, an e-mail relay apparatus, an e-mail relay method, and an e-mail relay program capable of safely and easily delivering an attached file of an e-mail. Is.

  In order to solve this problem, in the electronic mail system of the present invention, an electronic mail system that relays an electronic mail transmitted from a transmission-side electronic mail terminal by an electronic mail relay device and receives the electronic mail by a reception-side electronic mail terminal The e-mail relay device receives the e-mail addressed to the receiving-side e-mail terminal from the sending-side e-mail terminal, and if the attached file is attached to the e-mail, the e-mail relay device uses a predetermined encryption password. An encryption means for generating an encrypted file by encrypting the attached file as an encryption key, and an encrypted file e-mail attached with the encrypted file instead of the attached file is transmitted to the receiving e-mail terminal and encrypted. Sending completion e-mail notifying the instruction reception address associated with the file e-mail A transmission means for sending to the mail terminal; a reception means for receiving a notification instruction from the transmission-side e-mail terminal for the instruction reception destination; and if the notification instruction is received by the reception means, an encryption password associated with the encrypted file is A notification means for generating the password notification mail described above and sending it to the receiving side e-mail terminal is provided, and the receiving side e-mail terminal converts the encrypted file attached to the encrypted file e-mail to the encryption described in the password notification e-mail. Decryption means to decrypt using password is provided.

  This allows the receiving e-mail terminal to acquire an encrypted file obtained by encrypting the attached file from the sending e-mail terminal, and notifies the receiving e-mail terminal of the encryption password by a separate e-mail. Can be obtained only by legitimate users.

In the electronic mail relay device, the electronic mail relay method, and the electronic mail relay program of the present invention, the electronic mail addressed to the receiving electronic mail terminal is received by the receiving means of the electronic mail relay device , When the attached file is attached to the mail , the encrypted file is generated by encrypting the attached file using a predetermined encryption password as an encryption key by the encryption unit of the email relay device, and the transmission unit of the email relay device The transmission side e-mail terminal sends a transmission completion e-mail for notifying an instruction reception destination associated with the encryption password, while sending an e-mail with the encryption file attached to the e-mail terminal instead of the attached file Sent from the sending e-mail terminal to the instruction reception destination. When receiving instruction to the receiving means of the e-mail relay apparatus transmits the control information to generate a password notification email with encrypted password associated with the cryptographic file by notifying means of the electronic mail relay apparatus receiving e-mail terminal I did it.

  This allows the receiving e-mail terminal to acquire an encrypted file obtained by encrypting the attached file from the sending e-mail terminal, and notifies the receiving e-mail terminal of the encryption password by a separate e-mail. Can be obtained only by legitimate users.

  According to the present invention, the receiving side e-mail terminal is made to acquire the encrypted file obtained by encrypting the attached file from the transmitting side e-mail terminal, and the receiving side e-mail terminal is notified of the encryption password by a separate e-mail. An e-mail system, an e-mail relay device, an e-mail relay method, and an e-mail relay program that can be used only by a legitimate user and thus can safely and easily deliver an e-mail attachment file. realizable.

  Hereinafter, an embodiment of the present invention will be described in detail with reference to the drawings.

(1) First Embodiment (1-1) Configuration of E-mail System In FIG. 1, the e-mail system 1 in the first embodiment is an e-mail system between mail terminal devices connected to a network as a whole. (Hereinafter simply referred to as mail) can be transmitted and received with each other.

  The electronic mail system 1 is roughly divided into a first network group 2 and a second network group 3, and the first network group 2 and the second network group 3 are mutually connected via the Internet 4. It is connected.

  The first network group 2 is connected to an internal network and an external network (that is, the Internet 4) by a firewall 11 that blocks unnecessary communication and unauthorized access specified in advance and passes only necessary data (packets). Have been separated.

  Further, in the first network group 2, a public network 13 in which access from an external network is partially permitted and access from an external network are almost prohibited by a firewall 12 similar to the firewall 11 inside. It is separated from the internal network 14.

  The public network 13 is connected to a mail server 15 that manages the mail accounts of the mail terminal devices in the first network group 2, and temporarily receives the mail M transmitted from the mail terminal device to be managed. And the mail M is transmitted to an external network or the like according to the destination.

  The mail server 15 receives and accumulates the mail M addressed to each mail terminal device for each mail terminal device to be managed (that is, for each mail account), and is accessed from each mail terminal device. When this is done, the stored mail M is acquired.

  Connected to the internal network 14 are a mail terminal device 16 that transmits and receives mail M based on user operations, and another mail terminal device (not shown) having the same configuration as the mail terminal device 16.

  The mail terminal device 16 has the same configuration as that of a general computer, and by executing mail client software (so-called MUA (Mail User Agent)) on a predetermined OS (Operating System), Transmission and reception can be performed. In addition, the mail terminal device 16 can also transmit an attached file mail MA in which various files are attached to the body BD of the mail M as an attached file FA.

  Further, an attached file encryption device 17 that relays the mail M is connected to the internal network 14. The attached file encryption device 17 encrypts only the attached file FA of the attached file mail MA received from the mail terminal device 16 to form an encrypted file FC and transmits it to the mail server 15 (details will be described later). To do).

  Specifically, the attached file encryption device 17 separates the attached file FA from the body text BD of the attached file mail MA transmitted from the mail terminal device 16, and uses the predetermined encryption key (encryption password PC). An encrypted file FC is generated by encrypting the FA. Subsequently, the attached file encryption device 17 generates an encrypted file mail MC by attaching the encrypted file FC to the body BD, and delivers this to the mail server 15.

  Incidentally, when a normal mail M without an attached file FA is transmitted from the mail terminal device 16, the attached file encryption apparatus 17 delivers the mail M to the mail server 15 without change. ing.

  Also, the attached file encryption device 17 appends inquiry information INF for inquiring the password of the encrypted file FC to the end of the body BD of the original electronic mail, and from the mail terminal device that has received the encrypted file mail MC. Based on the inquiry information INF, an inquiry about the encryption password PC of the encryption file FC is received, the user of the mail terminal device is authenticated by a predetermined authentication process, and the encryption password PC of the encryption file FC is notified to the user It is made to do.

  As described above, the attached file encryption device 17 relays the attached file mail MA transmitted from the mail terminal device 16 and delivers it to the mail server 15. At that time, the attached file of the attached file mail MA is transmitted. By converting the FA into the encrypted file FC, the encrypted file mail MC is transmitted instead of the attached file mail MA.

  When the attached file encryption apparatus 17 receives an inquiry about the encryption password PC of the encryption file FC from the mail terminal apparatus that has received the encryption file mail MC, the attachment file encryption apparatus 17 can notify the user who has been correctly authenticated of the encryption password PC. It has also been made.

  On the other hand, the second network group 3 is separated into an inner network 22 and an outer network (that is, the Internet 4) by a firewall 21 having the same configuration as the firewall 11. A mail server 23 having the same configuration as the mail server 15 and a mail terminal device 24 having the same configuration as the mail terminal device 16 are connected to the network 22.

  As described above, in the electronic mail system 1, the mail terminal device 16 and the mail terminal device 24 are connected via various networks including the Internet 4, and data (actually packets) are mutually transmitted via these networks. It can be sent and received.

(1-2) Transmission / Reception of E-mail with Attachment File (1-2-1) Encryption and Transmission of Attachment File Next, attachment file mail MA with attachment file FA in e-mail system 1 is e-mailed A sequence when transmitting from the terminal device 16 to the mail terminal device 24 will be described with reference to FIGS. 2, 3, 4, and 5.

  In FIG. 2, the mail terminal device 16 that is the transmission side of the attached file mail MA first attaches the attached file FA to the body text BD based on the user's operation in the sequence SQ1 as shown in FIG. A file mail MA is created, and the mail M is transmitted to the attached file encryption apparatus 17 using SMTP (Simple Mail Transfer Protocol).

  In this case, it is assumed that the attached file mail MA is addressed to the receiving mail address ADR (that is, the address of the mail terminal apparatus 24) from the transmitting mail address ADS (that is, the address of the mail terminal apparatus 16).

  In response to this, the attached file encryption apparatus 17 receives the attached file mail MA in the sequence SQ11 (FIG. 2), and proceeds to the next sequence SQ12.

  In sequence SQ12, the attached file encryption device 17 generates an encrypted file FC by encrypting the attached file FA using a predetermined encryption password PC (details will be described later), and further, unique to the encrypted file FC. Is assigned to the next sequence SQ13.

  In sequence SQ13, as shown in FIG. 3 (B), the attached file encryption apparatus 17 makes a URL (Uniform Resource Locator) and file identifier FID of the attached file encryption apparatus 17 for inquiring about the password of the encrypted file FC. In addition, the inquiry information INF including the receiving side mail address ADR and the like is added to the end of the body BD, and the encrypted file mail MC is generated by attaching the encrypted file FC instead of the attached file FA, and the process proceeds to the next sequence SQ14. .

  In sequence SQ14 (FIG. 2), the attached file encryption apparatus 17 transmits the encrypted file mail MC to the mail server 23 (FIG. 1) via various networks such as the Internet 4 using SMTP, and proceeds to the next sequence SQ15. Move.

  On the other hand, the mail terminal device 24 which is the transmission destination of the encrypted file mail MC acquires the encrypted file mail FC from the mail server 23 (FIG. 1) using the POP (Post Office Protocol) in the sequence SQ21 (FIG. 2). (Receive)

  In sequence SQ15, the attached file encryption apparatus 17 generates a transmission completion mail MN for notifying that the attached file has been transmitted, as shown in FIG. 4, and sends it to the mail terminal apparatus 24 to the mail server 15 by SMTP. Send.

  In response to this, the mail terminal device 24 obtains a transmission completion mail by accessing the mail server 15 in sequence SQ2, completes the encryption and transmission of the attached file FA, and sets the encryption password PC to the user ( That is, it is notified to the sender of the attached mail MA.

  Here, the delivery of the mail M and the attached file FA is organized with reference to FIG. First, the mail terminal device 16 transmits the attached file mail MA to the attached file encryption device 17. The attached file encryption device 17 converts the attached file mail MA into the encrypted file mail MC by encrypting the attached file FA of the attached file mail MA and replacing it with the encrypted file FC, and transmits this to the mail server 15. To do.

  The mail server 15 transmits the encrypted file mail MC to the mail server 23 via the Internet 4 and temporarily stores it. The mail terminal device 24 acquires the encrypted file mail MC by accessing the mail server 23.

  As described above, in the electronic mail system 1, when the attached file mail MA is transmitted from the mail terminal device 16 to the mail terminal device 24, the encrypted file mail MC is transmitted between the attached file encryption device 17 and the mail terminal device 24. In other words, it is transferred in the state of the encrypted file FC obtained by encrypting the attached file FA.

  For this reason, in the electronic mail system 1, even if the encrypted file mail MC is intercepted (wiretapped) by a third party during the transfer, the encrypted file FC can be obtained by a third party who cannot know the encrypted password PC of the encrypted file FC. Can be almost completely decrypted into the attached file FA, so that the security of the attached file FA can be maintained.

(1-2-2) Notification of Encryption Password Thereafter, the mail terminal device 24 performs the sequence SQ22 (FIG. 2) by the user's operation referring to the inquiry information INF (FIG. 3B) written in the encryption file mail MC. ) Inquires the attached file encryption apparatus 17 about the encryption password PC of the encryption file FC.

  Specifically, the mail terminal device 24 accesses the attached file encryption device 17 via a web browser or the like installed in the mail terminal device 24. At this time, the mail terminal device 24 transmits the receiving side mail address ADR and the file identifier FID, which are user identifiers, to the attached file encryption device 17 based on the inquiry information INF.

  Incidentally, the mail terminal device 24 is configured to access the attached file encryption device 17 by encrypted communication using SSL (Secure Socket Layer) based on the inquiry information INF. It is virtually impossible to be deciphered.

  In response to this, the attached file encryption device 17 performs a user authentication process in which the user of the mail terminal device 24 inputs the inquiry password PI in sequence SQ16, and proceeds to the next sequence SQ16.

  Incidentally, when the user of the mail terminal device 24 is unregistered, the attached file encryption device 17 issues an authentication password PE to the user by performing a predetermined initial authentication registration process. Authentication processing is performed.

  In the sequence SQ17, the attached file encryption device 17 compares the inquiry password PI input to the user of the mail terminal device 24 with the registered authentication password PE, and determines that the authentication is successful if the two match. The encrypted password PC corresponding to the encrypted file FC is transmitted to the mail terminal device 24 based on the file identifier FID.

  In response to this, the mail terminal device 24 receives the encryption password PC corresponding to the encryption file FC in the sequence SQ23, and moves to the next sequence SQ24.

  In the sequence SQ24, the mail terminal device 24 acquires the original attached file FA by decrypting the encrypted file FC using the received encrypted password PC.

  In practice, the encrypted file FC has a format called “ZIP format with password”, and the original attached file FA is compression-encoded using the encrypted password PC as an encryption key. For this reason, for example, if the mail terminal device 24 uses Windows (registered trademark) XP, which is generally widely used as an OS (Operating System), by specifying the correct encryption password PC, the standard of the OS Using this function, the encrypted file FC can be restored to the attached file FA.

  As described above, in the electronic mail system 1, as shown in FIG. 5B, when the attached file encryption device 17 receives an inquiry about the encryption password PC from the mail terminal device 24, the user identifier (that is, the receiving side mail address ADR). The authentication password PE is used to authenticate the user, and only when the authentication is successful, the encrypted password PC is notified to the mail terminal device 24 to decrypt the encrypted file FC.

  For this reason, in the electronic mail system 1, only the user who is a valid recipient of the encrypted file FC can be notified of the encrypted password PC from the attached file encryption device 17, and the encrypted file FC is transmitted by the mail terminal device 24. Can be decrypted to obtain the original attached file FA.

(1-3) Detailed Configuration of Attached File Encryption Device (1-3-1) Circuit Configuration of Attached File Encryption Device First, the circuit configuration of the attached file encryption device 17 will be described. As shown in FIG. 6, the attached file encryption device 17 has substantially the same configuration as a general computer device, and the CPU (Central Processing Unit) 31 of the control unit 30 performs overall control. Has been made.

  The CPU 31 of the attached file encryption device 17 reads out the basic program and OS from the ROM 33 and hard disk drive 34 connected via the bus 32, expands and executes them in the RAM 35, and further encrypts the attached file from the hard disk drive 34. Various programs such as a program and an encryption password notification program are read out and executed on the RAM 35, whereby the attached file FA is encrypted and the encryption password PC is notified.

(1-3-2) Transmission / reception of electronic mail with attached file Next, the functional configuration of the attached file encryption apparatus 17 will be described. As shown in FIG. 7, when the attached file mail MA is transmitted from the mail terminal device 16, the attached file encrypting device 17 receives the attached file mail MA by the mail receiving unit 41, and receives the received mail mail MA. 42.

  The mail discriminating / generating unit 42 refers to the encryption rule database DB1 stored in advance in the hard disk drive 34 and storing rules for encrypting the attached file FA.

  As shown in FIG. 8, the encryption rule database DB1 stores an encryption keyword KW and a password type TP as encryption rules for each reception mail address ADR in association with the transmission mail address ADS. Yes.

  Here, as the keyword KW, a character string included in the “subject” field of the attached mail MA is stored as a condition for determining whether or not the attached file FA is to be encrypted. In addition to the column, “All” unconditionally encrypts all attached file FAs, “None” not encrypts all attached file FAs at all, and an encryption password with instructions to encrypt attached file FAs Any one of “password:” to be designated is selected in advance.

  Also, as the password type TP, “disposable” that does not generate and reuse a new encrypted password PC every time, “fixed” that uses a pre-designated encrypted password PC every time, “designated every time” that allows the user to designate each time, and One of the four types “None”, which means that the attached file FA is not encrypted, is selected.

  Incidentally, the contents of the encryption rule database DB1 can be freely set by the user of the mail terminal device 16, the administrator of the electronic mail system 1, or the like.

  In practice, the mail discriminating / generating unit 42 performs encryption based on the sender mail address ADS (that is, the From: field of the mail header) and the receiver mail address ADR (that is, the To: field of the mail header) of the attached file mail MA. As a rule, the keyword KW and the password type TP corresponding to the attached file mail MA are read out.

  Subsequently, when the keyword is included in the subject field of the attached mail MA (that is, the Subject: field of the mail header) or the keyword is “all”, the mail discrimination generation unit 42 sets the password type TP to “ If it is “disposable”, a random encryption password PC is generated. If it is “fixed”, a password designated in advance is used as the encryption password PC. If it is “specified every time”, “ The character string following “password:” is set as the encryption password PC, and the attached file FA and the encryption password PC are supplied to the attached file encryption unit 43.

  In response to this, the attached file encryption unit 43 generates an encrypted encrypted file FC by converting the attached file FA into the “ZIP format with password” using the encrypted password PC, and this is generated as a mail discrimination generating unit. 42.

  At this time, the mail discrimination and generation unit 42 assigns a unique file identifier FID to the encrypted file FC, and associates the encrypted password PC, the sender mail address ADS, and the receiver mail address ADR with the file identifier FID. Store in the attached file information database DB2.

  Incidentally, the attached file information database DB2 is stored in the hard disk drive 34 (FIG. 6). As shown in FIG. 8B, the file identifier FID includes the encryption password PC, the transmission side mail address ADS, and the reception side mail address ADR. Are stored in association with each other.

  Thereafter, the mail discriminating / generating unit 42 adds the inquiry information INF (FIG. 3B) including the file identifier FID to the original attached file mail MA at the end of the text BD, and further replaces the attached file FA. The encrypted file mail MC is generated by attaching the encrypted file FC, and the encrypted file mail MC is supplied to the mail transmitting unit 44, and the history information including the date and time, the receiving side mail address ADR and the like is stored in the log database DB3.

  On the other hand, when the mail M (that is, the mail without the attached file FA) is supplied, or when the attached mail FA is received and the attached file FA is not encrypted as a result in accordance with the encryption rule, the mail discrimination generation unit 42 The original mail M or the attached file mail MA is supplied to the mail transmission unit 44 as it is.

  The mail transmission unit 44 transmits the encrypted file mail MC, the mail M, or the attached file mail MA to the mail server 23 that manages the receiving side mail address ADR.

  In addition, after the encrypted mail mail MC is transmitted by the mail transmission unit 44, the mail discrimination generation unit 42 generates a transmission completion mail MN and transmits it to the mail terminal device 16 via the mail transmission unit 44.

  In response to this, the mail server 23 receives and temporarily stores the encrypted file mail MC, mail M or attached file mail MA, and responds to the access from the mail terminal device 24, and the encrypted file mail MC, mail M or attached file. The mail MA is transmitted to the mail terminal device 24.

  When the mail terminal device 24 receives the encrypted file mail MC, the web terminal installed in the mail terminal device 24 is operated by a user operation referring to the inquiry information INF (FIG. 3B) of the encrypted file mail MC. The attached file encryption device 17 is accessed via a browser or the like, and the file identifier FID and the receiving side mail address ADR included in the inquiry information INF are transmitted.

  In response to this, the password notification unit 45 of the attached file encryption apparatus 17 refers to the user information database DB4. Here, as shown in FIG. 8C, the user information database DB4 stores an authentication password PE issued in advance to the user of the receiving mail address ADR in association with the receiving mail address ADR. Yes.

  The password notifying unit 45 reads the authentication password PE corresponding to the receiving side mail address ADR transmitted from the mail terminal device 24 from the user information database DB4, and also asks the user for a reference password via the web browser of the mail terminal device 24. Input PI.

  At this time, the password notification unit 45 compares the authentication password PE with the inquiry password PI. If they match, the password notification unit 45 considers that the authentication is successful, that is, the operator of the mail terminal device 24 is a valid user, and the attached file information The encryption password PC associated with the file identifier FID is read from the database DB2 and displayed on the web browser of the mail terminal device 24 to notify the encryption password PC.

  The password notifying unit 45 records the authentication result in the log database DB3 as history information together with the receiving side mail address ADR, date and time, and the history information is sent to the administrator when there is an unauthorized access. It can be referred to.

(1-3-3) Attachment File Encryption Processing Next, the attachment file encryption processing procedure RT1 in the attachment file encryption device 17 will be described with reference to the flowchart shown in FIG.

  When the power is turned on and the OS is started, the control unit 30 (FIG. 6) of the attached file encryption apparatus 17 starts the attached file encryption processing procedure RT1 by reading and executing the attached file encryption program from the hard disk drive 34. Then, the process proceeds to step SP1.

  In step SP1, the control unit 30 determines whether the mail receiving unit 41 has received the mail M or the attached file mail MA from the mail terminal device 16. If a negative result is obtained here, the control unit 30 waits for the reception of the mail M or the attached file mail MA from the mail terminal device 16 by repeating step SP1 again.

  On the other hand, if a positive result is obtained in step SP1, the control unit 30 moves to the next step SP2. In step SP2, the control unit 30 determines whether or not the attached file FA exists, that is, whether or not the attached file mail MA has been received, by the mail discrimination / generation unit 42. If a negative result is obtained here, this means that the mail M without the attached file FA has been received, and therefore it is not necessary to perform processing related to the attached file FA. Control goes to step SP5.

  On the other hand, if an affirmative result is obtained in step SP2, the control unit 30 proceeds to the next step SP3 to perform processing related to the attached file mail FA. In step SP3, the control unit 30 uses the encryption rule database DB1 (FIG. 8 (A)) as an encryption rule for the keyword KW and the password based on the transmission side mail address ADS and the reception side mail address ADR of the attached file mail MA. The type TP is read out, and the process proceeds to the next step SP4.

  In step SP4, the control unit 30 determines whether to encrypt the attached file FA according to the read encryption rule (that is, the keyword KW and the password type TP). If a negative result is obtained here, this indicates that the original attached file mail MA should be transmitted as it is from the mail transmitting unit 44, and at this time, the control unit 30 proceeds to the next step SP5.

  In step SP5, the control unit 30 causes the mail transmitting unit 44 (FIG. 7) to transmit the mail M or the attached file mail MA to the receiving side mail address, and completes a series of processes related to the mail M or the attached file mail MA. Then, the process returns to step SP1 and waits for the next mail M or the attached file mail MA.

  On the other hand, when a positive result is obtained in step SP4, the control unit 30 proceeds to next step SP6. In step SP6, the control unit 30 encrypts the attachment file FA using the encryption password PC according to the encryption rule (that is, the keyword KW and the password type TP) by the attachment file encryption unit 43 (FIG. 7). Is converted into the encrypted file FC, and the process proceeds to the next step SP7.

  In step SP7, the control part 30 adds the inquiry information INF (FIG. 3 (B)) to the end of the mail body BD by the mail discrimination / generation part 42, and proceeds to the next step SP8.

  In step SP8, the control unit 30 generates the encrypted file mail MC by attaching the encrypted file FC to the mail body BD by the mail discrimination generating unit 42, and proceeds to the next step SP9.

  In step SP9, the control unit 30 transmits the encrypted file mail MC from the mail transmission unit 44 to the reception side mail address ADR, and proceeds to the next step SP10.

  In step SP10, the control unit 30 generates a transmission completion mail MN by the mail discrimination generation unit 42 and transmits it to the transmission side mail address ADS from the mail transmission unit 44, thereby performing a series of attachment file encryption processing. When the process ends, the process returns to step SP1 and waits for the next mail M or the attached mail MA.

  Thereafter, the control unit 30 repeats the attached file encryption processing procedure RT1 until the attached file encryption apparatus 17 is turned off or the attached file encryption program is stopped by an administrator or the like.

(1-3-4) Encryption Password Notification Processing Procedure Next, the encryption password notification processing procedure RT2 when the attached file encryption device 17 receives and notifies the encryption password FC from the mail terminal device 24 will be described with reference to FIG. This will be described with reference to a flowchart.

  When the power is input and the OS is activated, the control unit 30 of the attached file encryption apparatus 17 starts the encryption password notification processing procedure RT2 by reading and executing the encryption password notification program from the hard disk drive 34, and proceeds to step SP11. .

  In step SP11, the control unit 30 determines whether or not the password notification unit 45 (FIG. 7) has received an inquiry regarding the encryption password FC of the encryption file FC attached to the encryption file mail MC from the mail terminal device 24. If a negative result is obtained here, the control unit 30 waits for an inquiry about the encryption password FC from the mail terminal device 24 by repeating step SP11 again.

  On the other hand, if a positive result is obtained in step SP11, the control unit 30 proceeds to the next step SP12. In step SP12, the control unit 30 acquires the file identifier FID and the receiving side mail address ADR from the mail terminal device 24 by the password notification unit 45, and proceeds to the next step SP13.

  In step SP13, the control unit 30 refers to the user information database DB4 by using the password notification unit 45 to acquire the authentication password PE corresponding to the receiving side mail address ADR, and proceeds to the next step SP14.

  In step SP14, the control unit 30 causes the password notification unit 45 to input the inquiry password PI to the user of the mail terminal device 24, and proceeds to the next step SP15.

  In step SP15, the control unit 30 compares the authentication password PE and the inquiry password PI, and determines whether or not they match, that is, whether or not the authentication is successful. If a negative result is obtained here, this means that the user of the mail terminal device 24 may not be a valid user. At this time, the control unit 30 sends a predetermined error message to the mail terminal device 24. , The process related to the notification of the encryption password PC is interrupted, and the process returns to step SP11 again.

  On the other hand, if an affirmative result is obtained in step SP15, this indicates that the user of the mail terminal device 24 can be regarded as a legitimate user who has already been registered. At this time, the control unit 30 performs the next step SP16. Move on.

  In step SP16, the control unit 30 refers to the attached file information database DB2 (FIG. 8B) by the password notification unit 45, receives the transmission side mail address ADS corresponding to the file identifier FID transmitted from the mail terminal device 24, and receives it. The side mail address ADR and the encryption password PC are read out, and the process proceeds to the next step SP17.

  In step SP17, the control unit 30 determines whether or not the reception side mail address ADR transmitted from the mail terminal device matches the transmission side mail address ADS or the reception side mail address ADR read from the attached file information database DB2.

  If a negative result is obtained here, this means that the user of the mail terminal device 24 is a user registered in the user information database DB4, but is neither a valid recipient nor a valid sender of the encrypted file FC. At this time, the control unit 30 displays a predetermined error message on the display screen of the mail terminal device 24, interrupts the process related to the notification of the encryption password PC, and returns to step SP11 again.

  On the other hand, if a positive result is obtained in step SP17, this indicates that the user of the mail terminal device 24 is a valid receiver or a valid sender of the encrypted file FC. Control goes to step SP18.

  In step SP18, the control unit 30 transmits the encrypted password PC to the mail terminal device 24, thereby ending the series of processes for notifying the encrypted password PC, and returning to step SP11 again to inquire the next encrypted password PC. Await.

  Thereafter, the control unit 30 repeats this encryption password notification processing procedure RT2 until the power of the attached file encryption device 17 is turned off or the encryption password notification program is stopped by an administrator or the like.

(1-4) Operation and Effect In the above configuration, the attached file encryption device 17 of the electronic mail system 1 according to the first embodiment, when the attached file mail MA is transmitted from the mail terminal device 16, the transmission side The attached file FA is encrypted according to the encryption rule associated with the mail address ADS and the receiving side mail address ADR to make an encrypted file FC, and the encrypted file mail MC attached with the encrypted file FC is set as the receiving side mail address ADR. The data is transmitted to the mail terminal device 24 and is received by the mail terminal device 24.

  As a result, the attached file encryption device 17 of the e-mail system 1 can be received by the mail terminal device 24 via various networks in the state of the encrypted file FC obtained by encrypting the attached file FA. Security can be maintained, and there is virtually no possibility that the contents of the original attached file FA will be known or altered by a third party.

  In particular, in the electronic mail system 1, when the keyword of the encryption rule database DB1 (FIG. 8A) is “all”, the attached file encryption device 17 automatically encrypts all attached files FA. Therefore, it is possible to prevent a human error such that the user does not have to perform a troublesome encryption operation, and the user inadvertently forgets the encryption and transmits the attached file FA.

  In addition to this, in the electronic mail system 1, when a character string corresponding to the keyword KW in the encryption rule database DB1 (FIG. 8A) is included in the subject field of the attached mail MA, whether or not encryption is possible and the password are set. Since the user can also be instructed, for example, when the user does not want to encrypt the attached file FA, or when he / she wants to use a specific encryption password PC, the user can flexibly respond.

  Further, in the electronic mail system 1, when the type of password is “disposable” as the encryption rule, different encryption passwords PC can be generated for each encryption file FC. Even if the encryption password PC is known to a third party, other encryption files FC cannot be decrypted by the encryption password PC, so that information leakage can be minimized.

  On the other hand, the attached file encryption device 17 receives secure access using SSL from the mail terminal device 24 that has received the encrypted file mail MC, and is input to the receiving side mail address ADR of the mail terminal device 24 and the user. The encryption password PC of the encrypted file FC is authenticated only when the user is authenticated based on the inquiry password PI, and the authentication is successful and the user is a valid receiver or sender of the encrypted file FC. To be notified.

  As a result, the attached file encryption device 17 of the e-mail system 1 secures the encryption password PC of the encryption file FC only to the user of the mail terminal device 24 who is a valid recipient or sender of the encrypted file mail MC. Therefore, it is possible to prevent the encryption password PC from being known to a third party, and it is possible to substantially eliminate the risk that the encrypted file FC is illegally decrypted.

  In the e-mail system 1, since the attached file encryption apparatus 17 manages the encryption password PC when the attached file FA is encrypted by the attached file information database DB2 (FIG. 8B), the original attached file is stored. The user of the mail terminal device 16 that has sent the mail MA is made aware of the encryption password PC, or the user of the mail terminal device 24 is notified of the encryption password PC by another communication means such as mail, mail, telephone, or facsimile. This eliminates the troublesome task of making it happen.

  Further, in the electronic mail system 1, when the encrypted file FC is encrypted by the attached file encryption device 17, the “ZIP format with password” is combined with the ZIP method widely used as the compression method and the encryption by the password. Therefore, when the correct encrypted password PC can be acquired by the mail terminal device 24 that has received the encrypted file mail MC, the mail terminal device 24 can almost certainly restore the original attached file FA.

  Further, after transmitting the encrypted file mail MC, the electronic mail system 1 transmits a transmission completion mail MN in which the encrypted password PC is described to the user of the mail terminal device 16 that is the sender of the attached file mail MA. As a result, in the electronic mail system 1, if the user of the mail terminal device 24 fails to inquire the encrypted password PC well, the encrypted password PC recorded in the transmission completion mail MN is changed to the electronic mail by the user's manual work. The encrypted password PC can also be notified if it is transferred to and transmitted.

  According to the above configuration, the electronic mail system 1 according to the first embodiment encrypts the attached file FA of the attached file mail MA transmitted from the mail terminal device 16 by the attached file encryption device 17 according to the encryption rule. The encryption password PC is managed and the encrypted password PC is notified only to an authorized legitimate user, so that the attached file FA can be automatically encrypted and the user is troublesome. Therefore, since the encryption password PC can be notified only to a legitimate user safely, the attached file FA can be delivered safely and easily using a mail delivery mechanism.

(2) Second embodiment (2-1) Configuration of electronic mail system The electronic mail system 50 according to the second embodiment is an attached file as compared with the electronic mail system 1 according to the first embodiment. Although the attachment file encryption device 57 is provided instead of the encryption device 17, the other configuration is the same.

  The attached file encryption device 57 is designed to perform a part of the same operation as the attached file encryption device 17 and separates the attached file FA from the body BD of the attached file mail MA transmitted from the mail terminal device 16. Then, the encrypted file FC is generated by encrypting the attached file FA using a predetermined encryption key (encryption password PC). Subsequently, the attached file encryption device 17 generates an encrypted file mail MC by attaching the encrypted file FC to the body BD, and delivers this to the mail server 15.

(2-2) Transmission / reception of e-mail with attached file Next, in the e-mail system 50, when the attached file mail MA with the attached file FA is transmitted from the mail terminal device 16 to the mail terminal device 24. The sequence will be described with reference to FIGS. 11, 12, 13, and 14 corresponding to FIGS. 2, 3, 4, and 5, respectively.

  In FIG. 11, the mail terminal device 16, the attached file encryption device 57, and the mail terminal device 24 are respectively the same as the mail terminal device 16, the attached file encryption device 17, and the mail terminal device 24 in the first embodiment. Processing of sequences SQ1 to SQ2, SQ11 to SQ15, and SQ21 (that is, processing before the one-dot chain line in the figure) is performed.

  In this case, the attached file encryption device 57 does not append the inquiry information INF (FIG. 3 (B)) to the body BD as shown in FIG. 12 (B) corresponding to FIG. 3 (B) in the sequence SQ13. The encrypted file mail MC2 is generated by attaching the encrypted file FC, and is transmitted to the mail server 23 (FIG. 1) in the next sequence SQ14.

  Further, in the sequence SQ15, the attached file encryption apparatus 57 sends the transmission completion mail MN2 in which a predetermined URL (Uniform Resource Locator, hereinafter referred to as a reference address ADA) is written to the mail terminal apparatus 16 as shown in FIG. It is made to send.

  Here, for the reference address ADA as the instruction reception destination written in the transmission completion mail MN2, a dedicated address is generated for each destination of the attached file mail MA by the attached file encryption device 57, and each address is individually set. It is made to be managed.

  The mail terminal device 16 is installed in the mail terminal device 16 by the operation of the user (that is, the sender of the attached mail MA) referring to the inquiry address ADA (FIG. 13) written in the transmission completion mail MN2 in the sequence SQ31. The attached file encryption device 17 is accessed via a web browser or the like.

  On the other hand, when the attached file encryption device 57 detects in the sequence SQ41 that the access receiving unit 61 (FIG. 15) has accessed the address dedicated to the attached file mail MA (that is, the inquiry address AR), the mail terminal device It is assumed that an instruction to notify the 24 users of the encryption password PC is accepted, and the process proceeds to the next sequence SQ42.

  In sequence SQ42, the attached file encryption device 57 generates a password notification mail MP in which the encrypted password PC is written, and uses the SMTP to transmit the Internet 4 using the SMTP 4 in the same manner as when the attached file mail MA is transmitted in sequences SQ13 and SQ14. The password notification mail MP is transmitted to the mail server 23 (FIG. 1) through various networks such as.

  In response to this, the mail terminal device 24 acquires (receives) the password notification mail MP from the mail server 23 (FIG. 1) using the POP, IMAP or groupware unique protocol in sequence SQ51. Move to sequence SQ52.

  In sequence SQ52, the mail terminal device 24 obtains the original attached file FA by decrypting the encrypted file FC using the encrypted password PC written in the received password notification mail MP based on the user's operation or the like. To do.

  Thus, in the electronic mail system 50 in the second embodiment, unlike the first embodiment, when the inquiry address ADA is accessed from the mail terminal device 16, the attached file encryption device 57 sends the mail terminal device 24. On the other hand, the encryption password PC of the encryption file FC is notified by the password notification mail MP which is an e-mail separate from the encryption file mail MC2.

  Incidentally, as in the first embodiment, the delivery of the mail M and the attached file FA in the second embodiment can be summarized as shown in FIG. 14 corresponding to FIG.

  Thus, in the electronic mail system 50 according to the second embodiment, since the user of the mail terminal device 24 can acquire the encryption password PC without accessing the attached file encryption device 57, as in the first embodiment, Registration of the user of the mail terminal device 24 to the attached file encryption device 57 can be made unnecessary.

(2-3) Detailed Configuration of Attached File Encryption Device Next, a detailed configuration of the attached file encryption device 57 will be described. The attached file encryption device 57 is substantially the same circuit as the attached file encryption device 17 (FIG. 6) in the first embodiment except that it has a control unit 60 corresponding to the control unit 30. Since it has a configuration, its description is omitted.

  On the other hand, the attached file encryption device 57 is generally similar to the attached file encryption device 17 in the first embodiment, as shown in FIG. However, it has a partially different functional configuration.

  Specifically, in the attached file encryption device 57, an access receiving unit 61 is provided in the control unit 60 in place of the password notification unit 45 (FIG. 7) of the control unit 30. The attached file encryption device 57 includes the attached file information database DB12 shown in FIG. 16 in place of the attached file information database DB2 (FIG. 8), and the user information database DB4 is omitted.

  The attached file information database DB12 stores a different inquiry address ADA for each file identifier FID.

  In the second embodiment, the user of the mail terminal device 16 refers to the transmission completion mail MN2 (FIG. 13), clicks the reference address ADA, etc., and the web browser installed in the mail terminal device 16 The inquiry address ADA, that is, the attached file encryption device 57 is accessed through the above.

  At this time, when the attached file encryption device 57 detects that the access receiving unit 61 has accessed from the mail terminal device 16, the encrypted password PC and the receiving side mail address associated with the inquiry address ADA from the attached file information database DB2. The ADR is read out and supplied to the mail discrimination generation unit 42.

  The mail discriminating / generating unit 42 generates the password notification mail MP addressed to the receiving side mail address ADR with the encrypted password PC written in the body, and transmits it to the mail server 23 from the mail transmitting unit 44.

  In response to this, the mail server 23 receives and temporarily stores the password notification mail MP, and transmits the password notification mail MP to the mail terminal apparatus 24 in response to access from the mail terminal apparatus 24.

  As described above, when the attached file encryption apparatus 57 detects an access to the inquiry address ADA, the attached file encryption apparatus 57 transmits the encryption password PC associated with the inquiry address ADA to the receiving side mail address ADR associated with the inquiry address ADA. It is made to do.

(2-4) Attachment File Encryption Process and Encryption Password Notification Process Next, an attachment file encryption process procedure and an encryption password notification process procedure in the attachment file encryption apparatus 57 will be described.

  The attached file encryption processing procedure by the attached file encryption device 57 differs from the attached file encryption processing procedure RT1 (FIG. 9) by the attached file encryption device 17 in the first embodiment in part of the processing. ing.

  Specifically, the control unit 60 of the attached file encryption device 57 omits the process of step SP7 in the attached file encryption processing procedure RT1, generates the encrypted file mail MC2 in step SP8, and in step SP9 the encrypted file mail MC2 In step SP10, a transmission completion mail MN2 is transmitted.

  On the other hand, the attached file encryption device 57 is configured to transmit the password notification mail MP to the mail terminal device 24 in accordance with the encryption password notification processing procedure RT3 shown in FIG. 17 corresponding to FIG.

  That is, when the power is input and the OS is started, the control unit 60 of the attached file encryption device 57 starts the encryption password notification processing procedure RT3 by reading and executing the encryption password notification program from the hard disk drive 34, and goes to step SP21. Move.

  In step SP21, the control unit 60 determines whether or not the reference address ADA has been accessed by the access receiving unit 61 (FIG. 15). If a negative result is obtained here, the control unit 60 waits for access to the inquiry address ADA from the mail terminal device 16 by repeating step SP21 again.

  In step SP22, the control unit 60 refers to the attached file information database DB12 by the access receiving unit 61 to obtain the encryption password PC and the receiving side mail address ADR associated with the inquiry address ADA, and then proceeds to the next step SP23. Move.

  In step SP23, the control unit 60 generates a password notification mail MP in which the encrypted password PC is written in the text, and proceeds to the next step SP24.

  In step SP24, the control unit 60 terminates the process of notifying a series of encryption passwords PC by sending a password notification mail MP to the receiving side mail address ADR, and returns to step SP21 again to return to the next inquiry. Wait for access to the address.

(2-5) Operation and Effect In the above configuration, when the attached file mail MA is transmitted from the mail terminal device 16, the attached file encryption device 57 of the electronic mail system 50 in the second embodiment transmits the transmission side. The attached file FA is encrypted according to the encryption rule associated with the mail address ADS and the receiving side mail address ADR to make an encrypted file FC, and the encrypted file mail MC2 attached with the encrypted file FC is set as the receiving side mail address ADR. The data is transmitted to the mail terminal device 24 and is received by the mail terminal device 24.

  Further, the attached file encryption apparatus 57 transmits a transmission completion mail MN2 in which the inquiry address ADA is described to the mail terminal apparatus 16. In response to this, when the user of the mail terminal device 16 accesses the inquiry address ADA, the attached file encryption device 57 sends a password notification mail consisting of an email separate from the encrypted file mail MC2 to the mail terminal device 24. The encryption password PC of the encryption file FC is notified by the MP.

  That is, the attached file encryption device 57 is received by the mail terminal device 24 via various networks in the state of the encrypted file FC obtained by encrypting the attached file FA, similarly to the attached file encryption device 17 in the first embodiment. In addition, since the encryption password PC necessary for decrypting the encryption file FC is transmitted as a separate e-mail, even if the encryption file mail MC2 is wiretapped by a third party, the encryption password PC is not known. Therefore, there is virtually no possibility that the encrypted file FC is decrypted and the content of the attached file FA is known or tampered with.

  At this time, in the e-mail system 50, the password notification mail MP can be transmitted simply by accessing the inquiry address ADA by the user of the mail terminal device 16, so that the user can create the password notification mail MP or mail Thus, it is not necessary to perform a complicated operation of notifying the encryption password PC by communication means such as a telephone or a facsimile.

  In the electronic mail system 50, for example, when the encrypted password PC is pasted into the text of the password notification mail MP by copying and pasting manually by the user, “-” or “=” is selected when a word is selected by double-clicking. It is not necessary to induce an artificial mistake such as notifying an incomplete password because a symbol such as is not selected.

  Further, in the electronic mail system 50, the user of the mail terminal device 16 dares to manually click the reference address ADA written in the transmission completion mail MN2, so that the user confirms the electronic mail address of the transmission destination at this time. Can do. For this reason, in the electronic mail system 50, even if the transmission destination address of the encrypted file mail MC2 is mistakenly transmitted to the third party, the user notices that the transmission destination address is incorrect and the inquiry is made. Since the third party cannot decrypt the encrypted file FC by not accessing the address ADA and not transmitting the password notification mail MP, the contents of the attached file FA need not be known to the third party.

  Further, the attached file encryption device 57 generates a dedicated inquiry address ADA for each encrypted file mail MC2, writes it in the transmission completion mail MN2, and transmits it to the mail terminal device 16. The inquiry address ADA is not known to anyone other than the user of the mail terminal device 16 that has transmitted, and the password notification mail MP can be prevented from being transmitted against the user's will.

  Further, in the electronic mail system 50, as in the first embodiment, when the encrypted file FC is encrypted by the attached file encryption device 57, the ZIP method widely used as a compression method and the encryption by the password are combined. In addition, since it is in the “ZIP format with password”, the mail terminal device 24 that received the encrypted file mail MC2 is notified of the encryption password PC so that the mail terminal device 24 can almost certainly restore the original attached file FA. Can do.

  According to the above configuration, the electronic mail system 50 encrypts the attachment file FA of the attachment file mail MA transmitted from the mail terminal apparatus 16 by the attachment file encryption apparatus 57 and sends the encrypted file mail MC2 to the mail terminal apparatus 24. By transmitting the transmission completion mail MN2 to the mail terminal device 16 and transmitting the password notification mail MP in response to access to the inquiry address ADA described in the transmission completion mail MN2, the attached file FA is It is possible to automatically encrypt and securely notify only the legitimate user of the encryption password PC without making the user troublesome, so it is safe and easy to use the mail delivery mechanism for the attached file FA. Can be handed over to.

(3) Other Embodiments In the second embodiment described above, the case where the encryption password PC is written together with the inquiry address ADA in the transmission completion mail MN2 has been described (FIG. 13). Not limited to this, only the reference address ADA may be written in the transmission completion mail MN2 without writing the encryption password PC. This eliminates the need for the user of the mail terminal device 16 to manage the encryption password PC.

  In the above-described second embodiment, the case where the password notification mail MP is transmitted only when the inquiry address ADA is accessed has been described. However, the present invention is not limited to this, and for example, attachment file encryption is performed. The device 57 may send the encrypted file mail MC and unconditionally notify the password notification mail MP, or may include these by including a predetermined keyword in the “subject” column of the attached file mail MA. You may make it switch.

  Further, in the above-described first embodiment, the encryption rule database DB1 (FIG. 8A) is used to determine the encryption rule corresponding to the transmission side mail address ADS and the reception side mail address ADR. As described above, the present invention is not limited to this. For example, the encryption rule is determined only according to the transmission side mail address ADS regardless of the reception side mail address ADR, or conversely, reception is performed regardless of the transmission side mail address ADS. The encryption rule may be determined according to only the side mail address ADR, and further, the only encryption rule may be determined regardless of the transmission side mail address ADS and the reception side mail address ADR.

  Further, in the above-described first embodiment, the case where the inquiry information INF is added to the end of the mail text BD (FIG. 3B) has been described. However, the present invention is not limited to this, for example, The inquiry information INF is not added to the body BD of the encrypted file mail MC for the specific recipient mail address ADR, or the inquiry information INF is displayed when the password type TP (FIG. 8A) is “fixed”. The inquiry information INF may not be added to the text BD depending on various conditions, such as not adding.

  Thereby, it is possible to prevent the third party who has intercepted the encrypted file mail MC from knowing that there is a means for obtaining the encrypted password PC.

  Furthermore, in the first embodiment described above, any one of the character strings that are keywords, “all”, “none”, or “password:” is selected in advance as the encryption rule keyword (FIG. 8A). However, the present invention is not limited to this. For example, “None” cannot be selected, or “password:” is unconditionally set, and the selection target is limited. good.

  In addition to the subject field of the attached file mail MA, various keywords such as the beginning and end of the body text BD or the destination field may be used as the keyword description location.

  Furthermore, in the first embodiment described above, there are four types of passwords TP (FIG. 8A) of the encryption rule: “disposable”, “fixed”, “designated every time”, and “none”. Although the case where any one is selected has been described, the present invention is not limited to this. For example, “None” cannot be selected, or “Disposable” is unconditionally set to limit the selection target. Anyway.

  Furthermore, in the above-described embodiment, the case where the attached file FA is encrypted is converted to the encrypted file FC of “ZIP format with password”. However, the present invention is not limited to this, and the attached file FA is not limited thereto. The file FA may be converted into an encrypted file FC having various file formats. In this case, it is desirable that an arbitrary encryption password PC can be designated as the encryption key, and that the encrypted file FC can be decrypted easily and reliably by the mail terminal device 24.

  Furthermore, in the second embodiment described above, the case where the attached file encryption device 57 generates the dedicated inquiry address ADA for each destination of the attached mail MA has been described. For example, when a plurality of attachment files FA are attached to the attachment mail MA, each attachment file FA is encrypted using a different encryption password PC, and a dedicated inquiry address ADA is generated for each attachment file FA. You may do it.

  Further, in the second embodiment described above, the transmission completion mail MN2 in which the dedicated inquiry address ADA generated for each destination of the attached file mail MA is written is transmitted to the mail terminal apparatus 16, and the mail terminal apparatus 16 Although the case where the password notification mail MP is generated and transmitted when the inquiry address ADA is accessed through a web browser or the like by a user operation, the present invention is not limited to this. A dedicated inquiry e-mail address is generated for each mail MA destination, and the inquiry e-mail address is designated as a reply destination, or the transmission completion e-mail MN2 in which the inquiry e-mail address is described in the text is sent to the mail terminal Sent to the device 16, and the inquiry e-mail If the e-mail was sent back or sent addressed to, or may be equal to generate and transmit a password notification mail MP.

  Further, in the second embodiment described above, the case where the password password notification mail MP is used to notify the user of the mail terminal device 24 in the sequence SQ42 of FIG. 11 has been described. For example, the encryption password PC is notified by an instant message, or a document in which the encryption password PC is described is automatically generated and transmitted by facsimile, or the encryption password PC voiced by speech synthesis or the like is called. Various notification means such as notification may be used.

  Further, in the above-described second embodiment, the case where only the attached file FA is encrypted and the mail body BD remains plain text has been described, but the present invention is not limited to this, and the mail body is also encrypted. Anyway. In this case, for example, by describing a predetermined keyword in the subject field of the attached mail MA, it may be possible to specify that the mail body BD is also encrypted.

  Furthermore, in the above-described embodiment, a case where the unique file identifier FID in the attached file information database DB2 (FIG. 8B) is assigned to the attached file FA by the mail discriminating / generating unit 42 (FIG. 7). As described above, the present invention is not limited to this. For example, the encrypted file FC may be specified by using “Message-Id” that is included in the mail header and is unique in nature.

  Further, in the above-described first embodiment, a case where secure communication using SSL is used via a web browser when accessing the attached file encryption device 17 from the mail terminal device 24 will be described. However, the present invention is not limited to this. For example, the encryption password PC may be notified by secure communication combining telnet and SSL, secure communication combining FTP (File Transfer Protocol) and SSL, or the like. good.

  Further, in the above-described first embodiment, the case where the attached file encryption apparatus 17 notifies the encryption password PC has been described. However, the present invention is not limited to this, and for example, the attached file encryption apparatus 17 and Separately, an encryption password notification server having the user information database DB4 and capable of accessing the attachment file DB of the attachment file encryption device 17 is prepared, and the encryption password notification server performs encryption password notification processing procedure RT2 (FIG. 10) may be executed to notify the mail terminal device 24 of the encryption password PC. In this case, it is desirable that security is ensured for communication between the attached file encryption device 17 and the encryption password notification server.

  Similarly, in the second embodiment, the case where the attached file encryption device 57 accepts access based on the inquiry address ADA has been described. However, the present invention is not limited to this, for example, attached file encryption. A password notification server that accepts access from the mail terminal device 16 or the like and transmits the password notification mail MP may be prepared separately from the device 57. In this case, for example, the password notification server generates and manages the inquiry address ADA in cooperation with the attached file encryption device 57, and based on access to the inquiry address ADA, the password notification mail MP is sent to the mail terminal device. You may make it transmit to 24.

  Furthermore, in the first embodiment described above, the encryption password PC is notified when the attached file encryption device 17 is correctly accessed from the mail terminal device 24. In the second embodiment, the mail terminal device 16 is notified. The case where the attached file encryption apparatus 57 transmits the password notification mail MP when the inquiry address ADA is accessed from the above is described, but the present invention is not limited to this, and for example, both may be combined. .

  In this case, the attached file encryption device 17 uses the method of the first embodiment if the receiving side mail address ADR is already registered, and if the receiving side mail address ADR is not registered, What is necessary is just to use the method of 2nd Embodiment.

  Further, in the first and second embodiments described above, the attachment file encryption devices 17 and 57 are connected to the internal network 14 in the first network group (FIG. 1) as independent devices. As described above, the present invention is not limited to this. For example, the attachment file encryption program and the encryption password notification program are installed in the mail server 15, and the attachment file encryption processing procedure RT1 (FIG. 9) and the encryption password notification processing procedure RT2 ( 10) and RT3 (FIG. 17) are executed, so that the functions of the attached file encryption devices 17 and 57 are implemented in the mail server 15, and the attached file encryption is performed on various information processing devices on the network. Processing procedure RT1 (FIG. 9), encryption password notification processing procedure RT2 (FIG. 10) and RT3 may be implement features of the attached file encryption apparatus 17 and 57 by executing (FIG. 17).

  In this case, the information processing apparatus in which the functions of the attached file encryption apparatuses 17 and 57 are mounted may have a circuit configuration as shown in FIG. 6 such as a general computer apparatus or server apparatus.

  Furthermore, in the first embodiment described above, the attached file FA is encrypted by software by executing the attached file encryption processing procedure RT1 (FIG. 9) and the encrypted password notification processing procedure RT2 (FIG. 10) in the control unit 30. However, the present invention is not limited to this. For example, the mail receiving unit 41, the mail discrimination generating unit 42 (FIG. 7), and the attached file encrypting unit are described. 43. The mail transmission unit 44 and the password notification unit 45 may be implemented by hardware, so that the encryption process of the attached file FA and the notification process of the encrypted password PC may be executed.

  Similarly, in the second embodiment, the attached file FA is encrypted by software by executing the attached file encryption processing procedure RT1 (FIG. 9) and the encrypted password notification processing procedure RT3 (FIG. 17) in the control unit 60. The case where the process and the notification process of the encryption password PC are executed has been described. However, the present invention is not limited to this. The mail transmission unit 44 and the access reception unit 61 may be realized by hardware, so that the encryption process of the attached file FA and the notification process of the encryption password PC may be executed.

  Furthermore, in the first and second embodiments described above, the case where the attached file encryption program and the encryption password notification program are stored in the hard disk drive 34 has been described. The file encryption program and the encryption password notification program are stored in advance in the ROM 33, for example, or read from a removable storage medium such as a CD-ROM (Compact Disc-Read Only Memory) or a small memory card (not shown), or a network The attached file encryption program and the encryption password notification program may be acquired from the outside and executed, for example, received from an external computer or the like via the interface 36 or a USB (Universal Serial Bus) interface (not shown).

  Further, in the above-described embodiment, the mail receiving unit 41 as the receiving unit, the mail discrimination generating unit 42 and the attached file encryption unit 43 as the encrypting unit, the mail transmitting unit 44 as the transmitting unit, and the accepting unit The case where the attached file encryption device 57 as the electronic mail relay device is configured by the access receiving unit 61 as the mail receiving unit 61 and the mail discriminating / generating unit 42 and the mail transmission unit 44 as the notification means has been described. The electronic mail relay apparatus may be configured by receiving means, encryption means, transmitting means, accepting means, and notifying means having other various circuit configurations.

  The present invention can also be used in various networks that deliver an attached file using electronic mail.

It is a block diagram which shows the whole structure of an electronic mail system. It is a sequence chart which shows the transmission / reception sequence of the mail and attached file in 1st Embodiment. It is a basic diagram which shows the example of the content of the mail in 1st Embodiment. It is a basic diagram which shows the example of the transmission completion mail in 1st Embodiment. It is a basic diagram which shows the flow of the mail and attached file in 1st Embodiment. It is a block diagram which shows the circuit structure of an attached file encryption apparatus. It is a block diagram which shows the function structure of the attached file encryption apparatus in 1st Embodiment. It is a basic diagram which shows the structure of the database in 1st Embodiment. It is a flowchart which shows an attachment file encryption processing procedure. It is a flowchart which shows the encryption password notification process procedure in 1st Embodiment. It is a sequence chart which shows the transmission / reception sequence of the mail and attached file in 2nd Embodiment. It is a basic diagram which shows the example of the content of the mail in 2nd Embodiment. It is a basic diagram which shows the example of the transmission completion mail in 2nd Embodiment. It is a basic diagram which shows the flow of the mail and attached file in 2nd Embodiment. It is a block diagram which shows the function structure of the attached file encryption apparatus in 2nd Embodiment. It is a basic diagram which shows the structure of the database in 2nd Embodiment. It is a flowchart which shows the encryption password notification process procedure in 2nd Embodiment.

Explanation of symbols

  DESCRIPTION OF SYMBOLS 1,50 ... E-mail system 16, 24 ... Mail terminal device, 17, 57 ... Attached file encryption device, 30, 60 ... Control part, 31 ... CPU, 34 ... Hard disk drive, 41 ... ... mail receiving part, 42 ... mail discrimination generating part, 43 ... attached file encryption part, 44 ... mail sending part, 45 ... password notifying part, 61 ... access accepting part, M ... mail, MA ... ... Attached file mail, MC, MC2 ... Encrypted file mail, MN, MN2 ... Encryption notification mail, MP ... Password notification email, FA ... Attached file, MA ... Encryption file, PC ... Encryption password, INF ... ... Inquiry information, ADS ... Sending mail address, ADR ... Receiving mail address, ADA ... Inquiry address, FID ... File identifier, PE ... authentication password, PI ...... query for a password, DB1 ...... encryption rule database, DB2 ...... attachment information database, DB4 ...... user information database.

Claims (10)

Receiving means for receiving an e-mail addressed to the receiving-side e-mail terminal from the sending-side e-mail terminal;
An encryption means for generating an encrypted file by encrypting the attached file using a predetermined encryption password as an encryption key when the attached file is attached to the e-mail;
Sending an encrypted file e-mail attached with the encrypted file instead of the attached file to the receiving-side e-mail terminal and sending a transmission completion e-mail notifying an instruction reception destination associated with the encrypted password to the transmitting side A transmission means for sending to an e-mail terminal;
Receiving means for receiving a notification instruction from the transmission-side e-mail terminal for the instruction receiving destination;
A notification means for generating a password notification mail describing the encryption password associated with the encrypted file and transmitting it to the receiving e-mail terminal when the notification instruction is received by the reception means; An e-mail relay device characterized by the above. The transmission means is
Generate and notify the dedicated instruction reception destination for each encrypted file e-mail,
The notification means is
The e-mail relay apparatus according to claim 1, wherein the encryption password is transmitted to the correct e-mail terminal on the receiving side according to the instruction reception destination that has received the notification instruction. The notification means is
The electronic mail relay device according to claim 1, wherein the password notification mail is not transmitted when the notification means is not received by the reception means. The transmission means is
Sending the instruction acceptance destination consisting of a URL (Uniform Resource Locator) to the sending e-mail terminal by the sending completion mail,
The electronic mail relay apparatus according to claim 1, wherein the reception unit receives, as the notification instruction, access to the instruction reception destination. The transmission means is
Sending the instruction reception destination consisting of an email address to the sending email terminal by the transmission completion email,
The electronic mail relay device according to claim 1, wherein the reception unit receives an electronic mail for the instruction reception destination as the notification instruction. The encryption means is
The electronic mail relay device according to claim 1, wherein the encryption password that is different for each attached file is generated and encrypted. The notification means is
When the user of the receiving e-mail terminal is authenticated, the cipher associated with the cipher file only when the user confirms that the user is a legitimate receiver or legitimate sender of the cipher file. The e-mail relay apparatus according to claim 1, wherein the e-mail terminal is notified of a password. A receiving step of receiving an e-mail addressed to the receiving-side e-mail terminal from the sending-side e-mail terminal by the receiving means of the e-mail relay device ;
When an attached file is attached to the e-mail, an encryption step of generating an encrypted file by encrypting the attached file using a predetermined encryption password as an encryption key by an encryption unit of the e-mail relay device ;
The transmission means of the e-mail relay apparatus transmits an encrypted file e-mail attached with the encrypted file instead of the attached file to the receiving e-mail terminal, and an instruction reception destination associated with the encrypted password A transmission step of transmitting a transmission completion mail to notify the above-mentioned sending side e-mail terminal;
A reception step of receiving a notification instruction from the transmission-side electronic mail terminal for the instruction reception destination by the reception unit of the electronic mail relay device;
When the notification instruction is received in the reception step, the notification means of the electronic mail relay device generates a password notification mail describing the encryption password associated with the encryption file and sends it to the receiving electronic mail terminal An e-mail relay method comprising: a notification step for transmission. For information processing equipment
A receiving step of receiving an e-mail addressed to the receiving-side e-mail terminal from the sending-side e-mail terminal by the receiving means of the information processing apparatus ;
When an attached file is attached to the e-mail, an encryption step of generating an encrypted file by encrypting the attached file with a predetermined encryption password as an encryption key by an encryption unit of the information processing apparatus ;
The transmission means of the information processing device transmits an encrypted file e-mail attached with the encrypted file instead of the attached file to the receiving e-mail terminal, and an inquiry address associated with the encrypted password A transmission step of transmitting a notification of a transmission completion mail to be sent to the above-mentioned sending side e-mail terminal;
A reception step of receiving a notification instruction from the transmission-side e-mail terminal for the instruction reception destination by the reception unit of the information processing apparatus;
When the notification instruction is received in the reception step, the notification means of the information processing device generates a password notification mail describing the encryption password associated with the encrypted file and transmits it to the receiving e-mail terminal An e-mail relay program characterized by causing the notification step to be executed. An e-mail system that relays an e-mail transmitted from a sending-side e-mail terminal by an e-mail relay device and receives the e-mail by a receiving-side e-mail terminal,
The above e-mail relay device
Receiving means for receiving an e-mail addressed to the receiving e-mail terminal from the transmitting e-mail terminal;
An encryption means for generating an encrypted file by encrypting the attached file using a predetermined encryption password as an encryption key when the attached file is attached to the e-mail;
Sending the encrypted file e-mail attached with the encrypted file instead of the attached file to the receiving-side e-mail terminal, and sending the transmission completion e-mail notifying the instruction reception destination associated with the encrypted file e-mail A sending means for sending to the sending e-mail terminal;
Receiving means for receiving a notification instruction from the transmission-side e-mail terminal for the instruction receiving destination;
A notification means for generating a password notification mail describing the encryption password associated with the encrypted file and transmitting it to the receiving e-mail terminal when the notification instruction is received by the reception means;
The receiving e-mail terminal
An e-mail system comprising decryption means for decrypting the encrypted file attached to the encrypted file mail using the encrypted password recorded in the password notification mail.

Images