CN101977111B - Anti-spam method based on privacy protection - Google Patents

Anti-spam method based on privacy protection Download PDF

Info

Publication number
CN101977111B
CN101977111B CN2010105157928A CN201010515792A CN101977111B CN 101977111 B CN101977111 B CN 101977111B CN 2010105157928 A CN2010105157928 A CN 2010105157928A CN 201010515792 A CN201010515792 A CN 201010515792A CN 101977111 B CN101977111 B CN 101977111B
Authority
CN
China
Prior art keywords
sub
mail address
mail
body
user
Prior art date
Application number
CN2010105157928A
Other languages
Chinese (zh)
Other versions
CN101977111A (en
Inventor
何泾沙
张旸
张玉强
徐晶
徐菲
马书南
Original Assignee
北京工业大学
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 北京工业大学 filed Critical 北京工业大学
Priority to CN2010105157928A priority Critical patent/CN101977111B/en
Publication of CN101977111A publication Critical patent/CN101977111A/en
Application granted granted Critical
Publication of CN101977111B publication Critical patent/CN101977111B/en

Links

Abstract

The invention provides an anti-spam method based on privacy protection, belonging to the computer network security field. The method is applicable to internet in which email address information needs to be protected. In the method, the frequently-used email address of a user is protected as privacy information without disclosure on the premise of guaranteeing smooth network interaction; and a sub-email address code with term of validity which can be flexibly controlled by the user replaces the frequently-used email address, and the frequently-used email address of the user is hidden as the privacy information, wherein, the sub-email address code is generated according to the email address, the system time and the random number of an interaction party and only used in the case of one-on-one communication between the specific interaction party and the user. The anti-spam method of the invention can keep the frequently-used email address of the user unpublished, emphasize autonomy of theuser, and help the user independently judge and identify a spam and stop sending the spam from a source.

Description

一种基于隐私保护的反垃圾邮件的方法 Based anti-spam privacy protection method

技术领域 FIELD

[0001] 本发明提出一种在网络环境下,不仅能够很好的保护用户邮箱隐私信息,而且能够有效防止垃圾邮件的干扰并很容易找到垃圾邮件的源头的方法。 [0001] The present invention proposes a network environment, not only well protected the privacy of the user mailbox information, and the method can effectively prevent interference spam and it is easy to find the source of spam. 本发明成果是基于把用户常用邮箱地址作为隐私信息进行保护的反垃圾邮件模型和方法,能够用于互联网中需要对邮箱地址信息进行保护并对垃圾邮件及源头进行阻止和查找的网络应用。 The present invention is based on the results of the common user email addresses anti-spam protection models and methods as private information can be used to address the information needs to be protected mailboxes and spam sources and carry out stop and search the Internet network applications.

背景技术 Background technique

[0002] 现有反垃圾邮件方法ー种是利用制定法律法规来约束垃圾邮件发送方,另ー种就是在邮件服务器端或用户端采取技术手段进行过滤,而用户不公开自己的邮箱地址也是一种方法,但是在现有交互方式下这种用户自身毫无控制权的防范很弱势,也在一定程度上影响交互的进行,一旦有某个网络交互方得到了用户的常用邮箱地址,网络的不安全性很容易就会造成了用户常用地址的永久性泄漏,而用户的常用地址一旦泄漏,用户便没有其它办法再让其成为保密信息,用户自身就没有能力再拒绝接收垃圾邮件,所有的希望只能放在服务商采取的反垃圾邮件技术上。 [0002] Existing anti-spam methods ー species is the use of legislation and regulations to restrict junk mail sender, is to take another ー kinds of technical means to filter the mail server or client, and users do not open their e-mail address is a ways, but under the current user interaction that there is no control over their own prevention is very vulnerable, but also to some extent, affected the interaction of conduct, if there is a network interactively by the user's frequently used e-mail address, network unsafe sex can easily cause permanent leakage address common user, and the user's usual address once the leak, there is no other way to let users become their confidential information, users themselves can not afford to again reject spam, all of We hope only on anti-spam service providers to adopt the technology.

[0003] 采取技术手段是现在反垃圾邮件的主要方法,怎样找到最有效的技术来从根本上解决这ー问题是现在主要的研究方向。 [0003] adopt technical means is the main method now antispam, how to find the most effective technology to fundamentally solve this problem ー is now the main research directions. 现在的反垃圾邮件的技术基本上是从服务器端入手的垃圾邮件过滤技术,从两个方面分类有从角色区分的过滤技术,包括MAT过滤技术、MDA过滤技术、MIJA过滤技术;从方法区分的过滤技术,包括基于关键字符的过滤技术、基于白名单的过滤技术基于黑名单的过滤技术、反向DNS查询技术、基于规则的过滤技术、基于内容的过滤技术和其他邮件过滤技术。 Current anti-spam technology is basically from the server to start filtering spam technology, both technical classification from the character has to distinguish from the filter, comprising MAT filtration technology, filtration technology of MDA, Mija filtration techniques; distinguishing method from filtering technology, including filtering technology key character-based, technology-based whitelist filtering blacklist-based filtering technology, reverse DNS lookup technology, rules-based filtering technology, filtering based on content filtering technology and other messaging technologies. 这些技术从一定程度上解决了垃圾邮件的大量传递问题,但是垃圾邮件发送方也相应有新的反过滤技术出现,只要有用户的邮箱地址,垃圾邮件发送发总有办法突破在邮件传递过程中的封锁,到达目的地。 These techniques to solve a certain extent, a lot of delivery problems of spam, but spam sender accordingly have a new anti-filtering technologies appear, as long as the user's e-mail address, spammers send always a way to break through in the mail transfer process the blockade, to reach the destination.

[0004] 要从根本上解决垃圾邮件泛滥的问题,最有效的方法就是把用户的邮箱地址作为隐私信息进行保护,不泄漏给任何网络交互方,当然,这要在保证网络交互能正常进行的前提下,对用户常用邮箱进行保密才有意义,但把邮箱地址作为隐私信息进行保护为基础的研究反垃圾邮件的方法现在还很少。 [0004] want to solve the problem of spam flooding the fundamental and most effective way is to put the user's email address as private information is protected, not disclosed to any network interactively, of course, we want to ensure that the network can interact with normal under the premise of the user mailbox used to maintain the confidentiality makes sense, but the email address as private information protection method based anti-spam research is still very small. 本发明从这个源头出发研究实现ー种基于隐私保护的反垃圾邮件模型和方法。 Research models and methods to achieve anti-spam ー kinds of privacy protection based on the present invention from this source.

发明内容 SUMMARY

[0005] 本发明的目的是利用ー种新的隐私保护方法,把用户常用邮箱地址作为隐私信息进行有效保护,通过改变网络通信交互方式,并采用子邮箱地址代码代替用户常用邮箱地址的方法保护用户常用邮箱地址,用户可以自主的灵活控制这些子邮箱地址代码,以便自主甄别确定垃圾邮件,很容易的找到垃圾邮件的发送者,并有效阻止垃圾邮件的接收,及时举报垃圾邮件发送者。 [0005] The object of the present invention is to utilize ー kind of new privacy protection method, the common user email address as the privacy information effective protection, by changing the network communication interaction, and using sub-mail address code instead of a common user email address ways to protect users commonly-mail address, the user can customize the flexible control over these sub-mail address code in order to determine the independent screening spam, it's easy to find the sender of spam and effectively block spam received in a timely manner to report spammers. 本方法在保证网络交互顺利进行的前提下,在有效保护了用户隐私信息的基础上,从根本上了解决垃圾邮件问题,如图I所示。 Under this method to ensure the smooth conduct of the premise of network interactions in the effective protection of user privacy information on the foundation, fundamentally solve the spam problem, as I illustrated.

[0006] 本发明整体设计采用父子关系邮箱结构模式。 [0006] The overall design of the present invention uses the structure of parent-child relationship mailbox mode. 常用邮箱作为用户隐私信息被重点保护,在用户与他人或其它网站进行交互时,若需要提供用户的邮箱地址,用户就登录其常用邮箱服务器,把常用邮箱作为父邮箱,申请生成一个子邮箱地址代码,此子邮箱地址代码仅供用户与特定的他人或网站交互时使用,灵活性强,不仅包含与用户交互的他人或网站的邮箱地址,还包括随机数信息和系统当前时间,以及可以根据双方交互情况设置的有效期限、加密方式、数字签名等安全參数,子邮箱地址代码生成之后,其所含信息被父邮箱存储并与父邮箱绑定,用户从父邮箱得到生成的子邮箱地址代码,传递给交互方,这样交互方就在没有得到用户常用邮箱地址的前提下也能通过这个子邮箱地址代码和用户交流,父邮箱在生成子邮箱地址代码并存储的同时,用户能够自主选择这个子邮箱地址代码的功能开启或 Common mailbox as a user's privacy information protection, while the user with other people or other sites to interact, if necessary to provide the user's email address, users log on to their usual mail server, the common mailbox as a parent-mail application generates a sub-mail address Code, this sub-codes when using the e-mail address only specific users to interact with others or website, flexibility, includes not only user interaction with others or site mailbox address, also includes a random number information and the current time, and can expiration date, encryption, digital signatures and other security parameters on the setting both interaction, e-mail address after the sub-code generator, which is the information contained in the parent and the parent mailbox store mailbox binding, to give the sub-user email address generated from the parent mailbox code is transmitted to the interactive side, the interactive side so not in common with the user's e-mail address is also through this sub-address code and user email exchanges, the parent mailbox while generating sub-code and stored e-mail address, the user can choose this sub-function code on or e-mail address 闭,以及改变子邮箱地址代码有效期限,甚至取消该子邮箱地址代码。 Closed, and changing the period of the sub-code is valid email address, email address or even cancel the sub-code. 当用户发现通过这个子邮箱地址代码与之交互的网站不仅给用户发送ー些用户定制的服务,还发送ー些用户根本不需要的垃圾邮件,用户能够把此邮箱关闭或者取消,这样,不仅很容易确定垃圾邮件的源头,还能够自主灵活的处理这种垃圾邮件事件。 When a user interacts found by this sub-mail address code is sent to the user of the site not only ー these customized services, but also send ー these users do not need to spam, the user can put off or cancel this mailbox, so that not only is easy to determine the source of spam, but also to autonomy and flexibility to deal with this spam events. 当用户发现通过某个子邮箱地址代码接收的邮件是用户不需要的垃圾邮件,用户能够很容易的知道这是与哪个交互网站的子邮箱地址代码,也就知道了是哪个网站发送的垃圾邮件,这样,如果用户还需要这个网站提供的服务,那就可以和此网站沟通,希望他们不要再给用户发送除定制服务以外的垃圾邮件,沟通成功此子邮箱继续使用,避免了垃圾邮件的影响,如果沟通不成功,那用户可以自主取消或关闭该子邮箱地址代码功能,甚至可以向反垃圾邮件系统或部门举报该网站行为。 When the user finds a child received via e-mail address e-mail users do not need the code spam, the user can easily know which is which interact with the site's e-mail address sub-code will know which site is spam sent, in this way, if the user needs to provide the services of this website, and it can communicate on this site, I hope they do not give users send spam addition to customized services, the success of this sub-mail communication to continue to use, to avoid the impact of spam, If communication is not successful, then the user will be free to cancel or close the sub-mail address code feature, you can even report the site to conduct anti-spam mail systems or departments.

[0007] 在网络交互过程中,用户登录网站和其它用户交互往往需要填写用户的邮箱地址,在我们方便交流的同时,也产生了很多问题,如垃圾邮件、邮箱地址的泄漏。 [0007] In the network interactive process, users log on the site and interact with other users often need to fill in the user's email address, at the same time we facilitate communication, but also created a lot of problems, such as leakage spam, email address. 在此设计了ー种新型的邮箱隐私保护模型,采用这种模型能够从根本上解决这ー问题。 In this design, a new type of mailbox ー privacy protection model, using this model can solve this problem fundamentally ー.

[0008] 本发明采取了如下技术方案。 [0008] The present invention adopts the following technical solutions. 基于隐私保护的反垃圾邮件方法,实现本方法的整个框架包括常用邮箱的拥有者用户,邮箱服务器和与用户交互的他人或网站。 Anti-spam privacy protection method based on the overall framework of implementation of the method include common mailbox owner user, mailbox server and user interaction with others or website. 常用邮箱的拥有者用户为主体A,与用户交互的他人或网站为客体B,邮箱服务器为C,,本方法总体流程如图2,包括以下步骤: Common mailbox owner as the main user A, user interaction with the site or others as the object B, C ,, mailbox server process shown in Figure 2 generally the present method, comprising the steps of:

[0009](一)主体A需要与他人或网站客体B进行交互,B需要A的邮箱地址进行通信。 [0009] (a) A body needs to interact with others or site object B, B-mail address A need to communicate.

[0010] (ニ)主体A检测是否已经知道客体B的邮箱地址。 If [0010] (Ni) A body detection object already knows B's e-mail address. 分两类情况I和II。 Two types of cases I and II.

[0011] I.检测成功,主体A获得客体B的邮箱地址。 [0011] I. detection is successful, the main object A obtains B's e-mail address.

[0012] I)主体A登录到邮件服务器C,根据客体B的邮箱地址和随机数及系统当前时间,使用SHA-I算法产生消息摘要,并使用RSA算法对摘要进行数字签名,来生成子邮箱地址代码。 [0012] I) the main body A to log on to the mail server C, according to the email address and the random number and the system object B, the current time, using the SHA-I algorithm to generate a message digest, using the RSA algorithm digest digitally signed, generating submailboxes address code.

[0013] 2)主体A获得邮件服务器C根据申请信息生成的子邮箱地址代码,将子邮箱地址代码和主体A的常用邮箱进行绑定,并在常用邮箱中保存所有子邮箱信息,以方便主体A在以后与客体B交互过程中根据交互情况对此子邮箱进行管理,并对此子邮箱进行初步设置:设置子邮箱的有效期、子邮箱的简称、交互业务关键字以及加密方式、数字签名等安全參数。 [0013] 2) A body C obtained according to the mail server request information generating sub-codes mail address, the mail sub-mail address used code and bind body A, and save all the information in a common sub mailboxes mailbox, to facilitate body a mailbox after this child and object interaction in B depending on the interaction management and son-mail this initial settings: duration settings sub-mailboxes, submailboxes short, interactive services and key encryption, digital signatures, etc. security parameters.

[0014] 3)主体A把此子邮箱地址代码发送给客体B,以此作为仅供A、B间交互使用的通信手段。 [0014] 3) A body of this sub-mail address to send the code to the object B, as only A, B between the communication means used interchangeably. [0015] 4)客体B通过子邮箱地址代码发信给主体A。 [0015] 4) the object B through the sub transmission mail address codes to the subject A. [0016] 5)主体A对通过子邮箱地址代码通信的邮件发件人的ID进行验证,发件人的邮箱地址与客体B的邮箱地址是否相同,是,发送到子邮箱地址代码的信件由主邮箱来接收,否贝IJ,被拒绝。 [0016] 5) A body of the e-mail address through the communication sub-codes mailbox to verify the sender's ID, email address, and email address of the sender object B are the same, is sent to the mail address of the sub-code from the mail main mailbox to receive, no shellfish IJ, is rejected.

[0017] 这样就实现了有且只有主体A和客体B使用此子邮箱地址代码进行交互。 [0017] This realizes the body and only the object A, and B sub-mail address using this code to interact. 从主体A发往客体B的邮件也是通过子邮箱地址来发送的,但是在通信过程中对主体A来说子邮箱地址代码是透明的。 A message sent from the body of the object is transmitted through B sub-mail address, but in the communication process of the sub-body A-mail address code is transparent. 在客体B的终端显示的邮件发件人是子邮箱地址代码,而不是主体A的常用邮箱。 Message sender object at the terminal B is displayed sub-mail address code, rather than conventional mail main body A.

[0018] II.检测失败,主体A不知道客体B的邮箱地址。 [0018] II. Test fails, the main object A does not know B's e-mail address.

[0019] I)主体A登录到邮件服务器C,将在缺省客体B的邮箱地址的情况下根据随机数及系统当前时间,使用SHA-I算法产生消息摘要,并使用RSA算法对摘要进行数字签名,来生成特别子邮箱地址代码,同时将特别子邮箱地址代码和主体A的常用邮箱进行绑定,并在常用邮箱中保存所有特别子邮箱的信息,以方便主体A对此子邮箱进行管理。 [0019] I) A body to the mail server log C, according to the random number and the current system time, using the SHA-I algorithm generates a message digest in the case of the default e-mail address B of the object, using the RSA algorithm and the digest digitally signature, e-mail address to generate a particular sub-code while the common mailbox particular sub-mail address code and bind the body a, and save all information is particularly common in sub-mailboxes mailbox, to facilitate the body of this child a mailbox management . 主体A将特别子邮箱地址代码公开。 A special sub-body to the email address codes is disclosed.

[0020] 2)主体A获得邮件服务器C根据申请信息生成的特别子邮箱地址代码,并对特别子邮箱进行初步设置:设置子邮箱的有效期、子邮箱的简称、交互业务关键字以及加密方式、数字签名等安全參数。 [0020] 2) A body to get the mail server C according to particular sub-mail address code is generated by the application information, and in particular submailboxes initial settings: Set submailboxes valid, submailboxes short, interactive services and encryption key, digital signatures and other security parameters.

[0021] 3)主体A告诉客体B特别子邮箱地址代码。 [0021] 3) A main object B tell particular sub-mail address code.

[0022] 4)客体B通过特别子邮箱地址代码发信给主体A。 [0022] 4) in particular, the object B by the sub-mail address to the code transmission body A.

[0023] 5)特别子邮箱地址将发送一个提醒信息给主体A的常用邮箱,此提醒信息包含发件人、邮件主题、发件时间、以及邮件大小,邮件关键字等信息。 [0023] 5) special sub-mail address to send an alert message to a mailbox common body A, which contains information about the sender, the message subject, the time information of the sender, and message size, and the like mail keyword.

[0024] 6)主体A查看提醒信息。 [0024] 6) A body to view reminders information. 对邮件感兴趣,在常用邮箱中收取此邮件,这样主体A就获得了与之交互的客体B的邮箱地址,将重复上述I过程,主体A到邮件服务器C申请ー个子邮箱地址代码发送给B,此子邮箱地址代码仅供A与B之间交互使用。 Interested in the message, in a common mailbox receive this message, so that the body A is obtained e-mail address of the object B interact, I will repeat the procedure, the main body A to the mail server application ー C submailboxes address code is sent to B this sub-mail address code can only be used interactively between A and B. 主体A对提醒信息不感兴趣,认为是垃圾邮件就将其列入黑名単,邮件将自动删除。 A reminder of the main information is not interested, it will be considered spam blacklisted radiolabeling, the message is automatically deleted.

[0025] 使用该方法对常用邮箱地址作为用户隐私信息进行保护的有以下几个特征: [0025] There are several common features with this method as the email address of the user privacy protection information:

[0026] I)和传统方式不同,本发明中用户和网站交互时,不用把自己的常用邮箱地址直接告诉交互网站,而是利用一个专用的灵活的子邮箱地址代码来代替常用邮箱地址,通过这个子邮箱地址,用户的交互网站直接把用户所需服务信息发送到用户的常用邮箱,这样既保护了用户的常用邮箱地址又完成了整个交互服务过程。 [0026] I) and conventional ways, and user interaction the present invention, in the site, without their own e-mail address used to tell the interactive website, but to use a dedicated e-mail address of the flexible sub-code instead of the usual e-mail address, by this sub-mail address, Web site user interaction required by the user directly to the service sends information to the user's mailbox common, so common not only protect the user's e-mail address and complete the entire process of interactive services.

[0027] 2)对子邮箱地址代码的设计是以用户为中心,具有临时性,管理灵活性等特点,子邮箱是由用户常用邮箱生成,代替用户常用邮箱地址来收发邮件,但是它具有专用性。 Design is based on the user [0027] 2) sub-mail address code as the center, a temporary nature, management flexibility, etc., is generated by the user submailboxes common mailbox, in place of the user email address used to send and receive messages, but it has a dedicated sex.

[0028] 3)本发明以用户为主体,考虑不同用户的不同偏好以及对垃圾邮件不同的界定,灵活自主的对垃圾邮件进行定位和处理,并根据和网站的交互情况灵活管理子邮箱地址代码。 [0028] 3) of the present invention to a user as the main consideration of different users different preferences and spam different definitions, a flexible autonomous spam positioning and processing, and in accordance with the code and interaction situation site flexible management sub-mail address .

附图说明 BRIEF DESCRIPTION

[0029] 图I本发明的总体应用过程图 [0029] FIG overall process of Figure I of the present invention.

[0030] 图2本发明主要框架结构应用流程图、具体实施方式 [0030] The main application flowchart of FIG frame structure 2 of the present invention, DETAILED DESCRIPTION

[0031] 下面用一个例子来说明本发明在用户和服务网站在交互过程中怎样在保证用户和网站顺利交互完成的前提下,保护了用户的邮箱地址信息不被无关第三方获得,说明利用本发明可以很好的解决垃圾邮件问题,并很容易的知道垃圾邮件的来源,可以有效的从源头解决垃圾邮件问题。 [0031] Below an example to illustrate the invention in user interaction and service sites in the process of how the premise of ensuring the smooth interaction of the user and the site is completed, the protection of the user's e-mail address information is not unrelated third parties, indicating the use of this the invention can solve the spam problem, and it is easy to know the source of spam, you can effectively solve the problem of spam at the source. 本例中有三个实例实体,主体A-用户,客体B-天气预报服务网站,邮箱服务器C-网易邮箱服务器,流程和步骤如图2。 In this example there are three examples of entities, the main user A-, B- object weather forecast service websites, email servers C- Netease mail server, and the process step shown in Figure 2.

[0032] I)用户A登录天气预报服务网站B,定制半年的天气预报信息,天气预报网站B需要用户A提供他的常用邮箱地址,以便把用户定制的天气预报信息准时发送到用户邮箱。 [0032] I) A user logon weather forecast service B site, weather information customized six months, weather forecast website B A user needs to provide his usual email address so that the user customized weather forecast information is sent on time to the user's mailbox.

[0033] 2)用户A从天气预报网站B获知给网址的邮箱地址,但不想把常用邮箱地址告知此网站,以预防此网站把其泄漏出去,受垃圾邮件等问题困扰。 [0033] 2) A user is known from the B weather forecast website URL to the e-mail address, but do not want to inform this site frequently used e-mail address in order to prevent its leak to this site, plagued by spam and other issues.

[0034] 3)就登录其常用邮箱地址所在网易邮箱服务器C,根据天气预报服务网站B的邮箱地址、随机数、系统当前时间,使用SHA-I算法产生消息摘要,并使用RSA算法对摘要进行数字签名,生成一个子邮箱地址代码。 [0034] 3) Log on its popular e-mail address where the NetEase mailbox server C, according to the weather forecast service e-mail address of the site B, a random number, the current time, using the SHA-I algorithm produces message digest and use the RSA algorithm to digest digital signature, generating a sub-mail address code.

[0035] 4)用户A获得获得邮件服务器C根据申请信息生成的子邮箱地址代码,把子邮箱地址代码与用户A常用邮箱进行绑定,并在常用邮箱中保存所有子邮箱信息,以方便主体A在以后与客体B交互过程中根据交互情况对此子邮箱进行管理。 [0035] 4) A user C is obtained according to the mail server to obtain information request mail address generated sub-codes, handle user code-mail address A common mailbox bound, and save all the information in a common sub-mail mailbox, to facilitate body A child this mailbox managed depending on the interaction with the object B after the interaction process. 对此子邮箱进行初步设置:子邮箱有效期限为6个月,子邮箱的简称为天气预报邮箱,定制服务关键字为天气,カロ密方式采用DES加密,使用数字签名等信息。 E-mail this sub initial settings: submailboxes valid for a period of six months, referred to as sub-mailbox weather forecast mailbox, custom keywords weather service, ka ro-tight manner using DES encryption, the use of digital signatures and other information.

[0036] 5)用户A把此子邮箱地址代码发送给天气预报服务网站B,以此作为仅供A、B间交互使用的通信手段。 [0036] 5) A user sends e-mail address code for this sub-site for a weather forecast service B, as only A, B means of communication between interactive use.

[0037] 6)天气预报网站B通过子邮箱地址代码发送天气预报信息给用户A。 [0037] 6) B transmits weather forecast weather forecast website information through the sub-codes to the user mail address A.

[0038] 7)用户A对通过子邮箱地址代码通信的邮件发件人的ID进行验证,发件人的邮箱地址与天气预报网站B的邮箱地址是否相同,是,发送到子邮箱地址代码的信件由主邮箱来接收,否则,被拒绝。 [0038] 7) A user of the e-mail address code for communicating via a sub-ID to verify the sender's mailbox, e-mail address and e-mail address of the sender of the weather forecast site B is the same, is sent to the email address of the code sub letter mail is received by the master, otherwise is rejected. 这样就实现了有且只有用户A和天气预报网站B使用此子邮箱地址代码进行交互。 This realization has one and only user A and B weather forecast website Use this sub-mail address code interaction. 从用户A发往天气预报网站B的邮件也是通过子邮箱地址来发送的,但是在通信过程中对用户A来说子邮箱地址代码是透明的。 Weather forecast messages sent from the user A to site B is transmitted through the sub-mail address, but in the course of communication A user code-mail address for the sub transparent.

[0039] 8)在天气预报网站B的终端显示的邮件发件人是子邮箱地址代码,而不是用户A的常用邮箱。 [0039] 8) the message sender site B terminal weather forecast is displayed sub-mail address code, rather than the user A common mailbox.

[0040] 此后,用户可以根据与天气预报网站交互情况通过子邮箱的灵活管理完成对子邮箱功能的更改和设置。 [0040] Thereafter, the user can complete the change and settings pairs mailbox function according to weather forecast website interaction situation through flexible management of the sub-mailbox.

[0041] 本发明使用隐私保护技术,使得用户可以依照自己的隐私需要,灵活的对子邮箱地址代码进行管理,能够快速准确的找到垃圾邮件的发送者,从根本上阻止了垃圾邮件事件的发生,保护了用户的常用邮箱隐私信息。 [0041] The present invention uses privacy protection technology, allows users flexible sub-mail address code management in accordance with their own privacy needs, can quickly and accurately locate the sender of spam, prevent the occurrence of spam events fundamentally , commonly used to protect the user's mailbox private information.

[0042] 以上实例仅为本发明的ー个实施举例,仅用于更好的说明本发明的功用和流程,并不代表本发明仅限于本实例应用,凡在本发明的精神、原则及技术范围内,所做的修改、等同替换、改进等,均应包含在本发明的保护范围之内。 [0042] The above examples merely present invention ー embodiment example, the function merely to better illustrate the process of the present invention and do not represent the present invention is applied to only the present example, where the spirit of the present invention, the principles and techniques the range, made modifications, equivalent substitutions and improvements should be included within the scope of the present invention.

Claims (1)

1. 一种基于隐私保护的反垃圾邮件的方法,其特征在于: 常用邮箱的拥有者用户为主体A,与用户交互的他人或网站为客体B,邮件服务器为C ;总体流程技术实现步骤如下: (一)主体A需要与他人或网站客体B进行交互,B需要A的邮箱地址进行通信; (二)主体A检测是否已经知道客体B的邮箱地址;分以下两类情况I和II . I.当检测成功,主体A获得客体B的邮箱地址: a)主体A登录到邮件服务器C,邮件服务器C根据客体B的邮箱地址和随机数及系统当前时间,使用SHA-I算法产生消息摘要,使用RSA算法对摘要进行数字签名,来生成子邮箱地址代码; b)主体A获得邮件服务器C根据申请信息生成的子邮箱地址代码;邮件服务器C将子邮箱地址代码和主体A的常用邮箱进行绑定,并在常用邮箱中保存所有子邮箱信息,以方便主体A在以后与客体B交互过程中根据交互情况对此 1. A method for anti-spam based on privacy, wherein: the user common mailbox owner is subject A, user interaction with others or objects B site, the mail server are C; overall process technology steps are as follows : (a) a body needs to be with other people or objects B website interactive, B-mail address a need to communicate; if (b) a body has been known to detect e-mail address of the object B; divided into the following two categories I and II I. when the detection is successful, subject a obtained object B e-mail address: a) the main body a to log on to the mail server C, the mail server C the email address and the random number and the system object B, the current time, using the SHA-I algorithm generates a message digest, using the RSA algorithm digest digitally signed, generating a sub-mail address codes; b) body a obtained Mail server C according to the application information generation sub-mail address codes; Mail server C common mailbox sub-mail address code and the main body a is tied set, and save all the information in a common sub-mail mailbox, to facilitate body A and the object B after the interaction process depending on the interaction of this 邮箱进行管理;主体A对此子邮箱进行初步设置:至少设置子邮箱的有效期、子邮箱的简称、交互业务关键字以及加密方式、数字签名这些安全参数; c)主体A把此子邮箱地址代码发送给客体B,以此作为仅供A、B间交互使用的通信手段; d)客体B通过子邮箱地址代码发信给主体A ; e)主体A对通过子邮箱地址代码通信的邮件发件人的ID进行验证,发件人的邮箱地址与客体B的邮箱地址是否相同,是,发送到子邮箱地址代码的信件由主邮箱来接收,否则,被拒绝; II.如果检测失败,主体A不知道客体B的邮箱地址: 1)主体A登录到邮件服务器C ;邮件服务器C将在缺省客体B的邮箱地址的情况下根据随机数及系统当前时间,产生消息摘要,并对摘要进行数字签名,来生成特别子邮箱地址代码,邮件服务器C同时将特别子邮箱地址代码和主体A的常用邮箱进行绑定,并在 Mailbox management; A subject of this preliminary sub-mail: Set valid for at least sub-mailboxes, submailboxes short, interactive services and key encryption, digital signatures, these security parameters; c) A body of code to this sub-mail address sent to the object B, as only a, B between the communication means used interchangeably; D) a main object B to the e-mail address through the sub transmission codes; E) a body of the mail sender's address code for communicating submailboxes ID of the person to verify, e-mail address and e-mail address of the sender object B are the same, is transmitted to the sub-mail address is received by the code letters main mailbox, otherwise, be rejected; II If the test fails, the body a. B does not know the object's e-mail address: 1) a body to the mail server log C; C according to the mail server random number and the current time, generates a message digest in the case of the default e-mail address of the object B, and the digital digest signatures, to generate code for particular sub-mail address, the mail server C while the common mailbox particular sub-mail address code and bind the body a, and 用邮箱中保存所有特别子邮箱的信息,以方便主体A对此子邮箱进行管理;主体A将特别子邮箱地址代码公开; 2)主体A获得邮件服务器C根据申请信息生成的特别子邮箱地址代码,并对特别子邮箱进行初步设置:至少设置子邮箱的有效期、子邮箱的简称、交互业务关键字以及加密方式、数字签名这些安全参数; 3)主体A告诉客体B特别子邮箱地址代码; 4)客体B通过特别子邮箱地址代码发信给主体A ; 5)特别子邮箱地址将发送一个提醒信息给主体A的常用邮箱,此提醒信息包含发件人、邮件主题、发件时间、以及邮件大小,邮件关键字; 6)主体A查看提醒信息;如果对邮件感兴趣,在常用邮箱中收取此邮件,这样主体A就获得了与之交互的客体B的邮箱地址,将重复上述I过程,主体A到邮件服务器C申请一个子邮箱地址代码发送给B,此子邮箱地址代码仅供A与B之 All information is stored with the mailbox of mailboxes particular child, this body A to facilitate submailboxes management; the particular sub-body A discloses mail address codes; 2) A body C obtained according to the mail server request information generating special codes sub-mail address , and in particular submailboxes initial settings: at least submailboxes valid, submailboxes short, interactive services and key encryption, digital signatures, these security parameters; 3) tell a subject object B especially sub-mail address codes; 4 ) object B sub-mail address by special codes to the letter a body;. 5) in particular sub-mail address to send an alert message to a mailbox common body a, which contains information about the sender, the message subject, the time the sender, and the mail size, message keyword; 6) a view information about the body; if interested e-mail, receive this message in the common mailbox, so that the body a gained the email address of the object B interact, I will repeat the process, a body to the mail server application C code for a sub-address send email to B, this is only for sub-mail address codes a and B of 交互使用;如果主体A对提醒信息不感兴趣,认为是垃圾邮件就将其列入黑名单,邮件将自动删除。 Interactive use; if subject A reminder of the information is not interested, it will be considered a spam blacklist, the message is automatically deleted.
CN2010105157928A 2010-10-15 2010-10-15 Anti-spam method based on privacy protection CN101977111B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN2010105157928A CN101977111B (en) 2010-10-15 2010-10-15 Anti-spam method based on privacy protection

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN2010105157928A CN101977111B (en) 2010-10-15 2010-10-15 Anti-spam method based on privacy protection

Publications (2)

Publication Number Publication Date
CN101977111A CN101977111A (en) 2011-02-16
CN101977111B true CN101977111B (en) 2012-08-15

Family

ID=43576960

Family Applications (1)

Application Number Title Priority Date Filing Date
CN2010105157928A CN101977111B (en) 2010-10-15 2010-10-15 Anti-spam method based on privacy protection

Country Status (1)

Country Link
CN (1) CN101977111B (en)

Families Citing this family (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP5639511B2 (en) * 2011-03-18 2014-12-10 株式会社沖データ Information processing apparatus, composite apparatus, image reading apparatus, and information processing method
CN102663321B (en) * 2012-04-24 2016-01-13 百度在线网络技术(北京)有限公司 For security enhancement system and the method for software
CN102843313B (en) * 2012-09-27 2015-05-20 深圳中兴网信科技有限公司 Safety management system of e-mail address and safety management method
CN104660485B (en) * 2013-11-22 2019-12-13 腾讯科技(深圳)有限公司 Message processing method, device and system
CN104463605A (en) * 2014-12-19 2015-03-25 百度在线网络技术(北京)有限公司 Coupon code anti-cheating method and device
CN107743111A (en) * 2016-10-27 2018-02-27 腾讯科技(深圳)有限公司 A kind of E-mail processing method, device and system

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1601540A (en) 2004-10-25 2005-03-30 汤溪蔚 Method of preventing electronic refuse mail
CN1794284A (en) 2005-12-26 2006-06-28 上海洲信信息技术有限公司 Method and system of realizing single account multiuser of electron mail box

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040193685A1 (en) * 2003-03-31 2004-09-30 Sony Corporation/Sony Electronics, Inc. Method and apparatus for managing and sharing personal identities in a peer-to-peer environment
US20090259725A1 (en) * 2008-04-14 2009-10-15 Case Western Reserve University Email consumer reputation

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1601540A (en) 2004-10-25 2005-03-30 汤溪蔚 Method of preventing electronic refuse mail
CN1794284A (en) 2005-12-26 2006-06-28 上海洲信信息技术有限公司 Method and system of realizing single account multiuser of electron mail box

Also Published As

Publication number Publication date
CN101977111A (en) 2011-02-16

Similar Documents

Publication Publication Date Title
Shirey Internet security glossary, version 2
US9037660B2 (en) Managing electronic messages
US9009829B2 (en) Methods, systems, and media for baiting inside attackers
US7529802B2 (en) Method for performing multiple hierarchically tests to verify identity of sender of an email message and assigning the highest confidence value
US6732101B1 (en) Secure message forwarding system detecting user's preferences including security preferences
US9002018B2 (en) Encryption key exchange system and method
US8423758B2 (en) Method and apparatus for packet source validation architecture system for enhanced internet security
US7437558B2 (en) Method and system for verifying identification of an electronic mail message
US8103732B2 (en) Methods for control and management of electronic messaging based on sender information
US7299361B1 (en) Remote e-mail scanning system and method
JP2007504563A (en) Data message mirroring and destination change
US20060200855A1 (en) Electronic verification systems
US9137048B2 (en) User interface for email inbox to call attention differently to different classes of email
US8819410B2 (en) Private electronic information exchange
US9177293B1 (en) Spam filtering system and method
US8307431B2 (en) Method and apparatus for identifying phishing websites in network traffic using generated regular expressions
US20040203589A1 (en) Method and system for controlling messages in a communication network
US20100318614A1 (en) Displaying User Profile and Reputation with a Communication Message
US5930479A (en) Communications addressing system
Sotirov et al. MD5 considered harmful today, creating a rogue CA certificate
US7493403B2 (en) Domain name ownership validation
US8645478B2 (en) System and method for monitoring social engineering in a computer network environment
US10326779B2 (en) Reputation-based threat protection
US8359360B2 (en) Electronic message system with federation of trusted senders
US20060200523A1 (en) User interface for email inbox to call attention differently to different classes of email

Legal Events

Date Code Title Description
C06 Publication
C10 Entry into substantive examination
C14 Grant of patent or utility model
CF01