CN111343080A - Agent-based mail service method, server, client and system - Google Patents

Agent-based mail service method, server, client and system Download PDF

Info

Publication number
CN111343080A
CN111343080A CN202010127988.3A CN202010127988A CN111343080A CN 111343080 A CN111343080 A CN 111343080A CN 202010127988 A CN202010127988 A CN 202010127988A CN 111343080 A CN111343080 A CN 111343080A
Authority
CN
China
Prior art keywords
authentication
mail
user
server
request
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202010127988.3A
Other languages
Chinese (zh)
Other versions
CN111343080B (en
Inventor
袁春旭
杜超超
赵军
李川
李超
郭晓鹏
孙悦
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Trusfort Technology Co ltd
Original Assignee
Beijing Trusfort Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Trusfort Technology Co ltd filed Critical Beijing Trusfort Technology Co ltd
Priority to CN202010127988.3A priority Critical patent/CN111343080B/en
Publication of CN111343080A publication Critical patent/CN111343080A/en
Application granted granted Critical
Publication of CN111343080B publication Critical patent/CN111343080B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L51/00User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail
    • H04L51/42Mailbox-related aspects, e.g. synchronisation of mailboxes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/55Push-based network services
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/56Provisioning of proxy services

Abstract

The invention discloses a mail service method, a server, a client and a system based on an agent, wherein the agent server receives a mail request sent by a user through a mail client; caching the mail request, and analyzing a user account from the mail request; then sending a user authentication request carrying a user account to an authentication server to indicate the authentication server to perform user authentication according to the user account and a mobile authentication client pre-bound by a user, and feeding back an authentication passing message with mail server address information after the user authentication passes; after receiving an authentication passing message attached with mail server address information and fed back by an authentication server, establishing a proxy communication channel according to the mail server address information; and then the mail request is forwarded to the mail server by utilizing the established proxy communication channel.

Description

Agent-based mail service method, server, client and system
Technical Field
The invention relates to an agent authentication technology, in particular to an agent-based mail service method, a server, a client and a system.
Background
The email service is one of the business services that are used most frequently at ordinary times. In normal use, most users use the mail client, such as: foxmail, outlook, email mail master, windows live mail, Gmail Notifier, Thunderbird, etc. In specific use, a user needs to configure account password information at a mail client.
However, there are two possible security risks in simply configuring account password information at the mail client: 1) as long as a user configures an account password at a mail client, the user does not need any authentication and identity verification when receiving and sending mails every time; 2) once the account number and password of the user are cracked, any mail client which configures the user to any computer equipment can download the mail of the account and can impersonate the account to send the mail.
Disclosure of Invention
The embodiment of the invention provides an agent-based mail service method, a server, a client and a system in order to effectively overcome various problems of the existing electronic mail service.
According to a first aspect of the present invention, there is provided a proxy-based mail service method, applied to a proxy server, including: receiving a mail request sent by a user through a mail client, wherein the mail request is a mail sending request or a mail receiving request; caching the mail request, and analyzing a user account from the mail request; sending a user authentication request carrying the user account to an authentication server to indicate the authentication server to perform user authentication according to the user account and a mobile authentication client pre-bound by a user, and feeding back an authentication passing message with mail server address information after the user authentication passes; receiving an authentication passing message which is fed back by an authentication server and is attached with mail server address information; establishing an agent communication channel according to the address information of the mail server; and forwarding the mail request to a mail server by utilizing the established proxy communication channel.
According to an embodiment of the present invention, the authentication passing message is further accompanied by an authentication validity period; the method further comprises the following steps: receiving a secondary mail request sent by a user through a mail client in the authentication validity period; and forwarding the secondary mail request to a mail server by utilizing the established proxy communication channel.
According to the second aspect of the present invention, there is also provided an agent-based mail service method applied to an authentication server, including: receiving a user authentication request carrying a user account sent by a proxy server; performing user authentication according to the user account and a mobile authentication client pre-bound by the user; and after the user passes the authentication, feeding back an authentication passing message attached with the address information of the mail server to instruct the proxy server to establish a proxy communication channel according to the address information of the mail server.
According to an embodiment of the present invention, the performing user authentication according to the mobile authentication client pre-bound to the user account includes: inquiring whether the user is registered and bound with a mobile authentication client in advance according to the user account to obtain an inquiry result; and if the query result indicates that the user is registered and bound with the mobile authentication client in advance, directly authenticating the user with the mobile authentication client bound in advance.
According to an embodiment of the present invention, the performing user authentication according to the mobile authentication client pre-bound to the user account includes: pushing an authentication notification message to a mobile authentication client to instruct the mobile authentication client to send authentication credential information input by a user; and receiving authentication credential information sent by the mobile authentication client, and performing user authentication according to the authentication credential information.
According to the third aspect of the present invention, there is also provided a mail service method based on an agent, applied to a mobile authentication client, including: receiving an authentication notification message pushed by an authentication server; receiving authentication credential information of a user in response to the authentication notification message; and sending the authentication credential information to allow the authentication server to carry out user authentication according to the authentication credential information.
According to a fourth aspect of the present invention, there is provided a proxy server, comprising: the receiving module is used for sending a mail request through a mail client by a user, wherein the mail request is a mail sending request or a mail receiving request; the cache analysis module is used for caching the mail request and analyzing a user account from the mail request; a sending module, configured to send a user authentication request carrying the user account to an authentication server, so as to instruct the authentication server to perform user authentication according to the user account and a mobile authentication client pre-bound to the user, and after the user authentication is passed, feed back an authentication pass message with address information of the mail server; the receiving module is also used for receiving an authentication passing message which is fed back by the authentication server and is attached with the address information of the mail server; the channel establishing module is used for establishing an agent communication channel according to the address information of the mail server; and the forwarding module is used for forwarding the mail request to the mail server by utilizing the established proxy communication channel.
According to an embodiment of the present invention, the authentication passing message is further accompanied by an authentication validity period; the receiving module is further used for receiving a secondary mail request sent by a user through a mail client in the authentication validity period; and the forwarding module is also used for forwarding the secondary mail request to a mail server by utilizing the established proxy communication channel.
According to a fifth aspect of the present invention, there is provided an authentication server comprising: the receiving module is used for sending a user authentication request carrying a user account by the proxy server; the user authentication module is used for carrying out user authentication according to the user account and a mobile authentication client pre-bound by the user; and the sending module is used for feeding back an authentication passing message attached with the address information of the mail server after the user passes the authentication so as to indicate the proxy server to establish a proxy communication channel according to the address information of the mail server.
According to an embodiment of the present invention, the user authentication module is specifically configured to query, according to the user account, whether the user is registered and bound with the mobile authentication client in advance, so as to obtain a query result; and if the query result indicates that the user is registered and bound with the mobile authentication client in advance, directly authenticating the user with the mobile authentication client bound in advance.
According to an embodiment of the present invention, the user authentication module is specifically configured to push an authentication notification message to a mobile authentication client to instruct the mobile authentication client to send authentication credential information input by a user; and receiving authentication credential information sent by the mobile authentication client, and performing user authentication according to the authentication credential information.
According to a sixth aspect of the present invention, there is provided a mobile authentication client, comprising: a receiving module for receiving the authentication notification message pushed by the authentication server; further for receiving authentication credential information of the user in response to the authentication notification message; and the sending module is used for sending the authentication credential information so that the authentication server can carry out user authentication according to the authentication credential information.
According to the seventh aspect of the present invention, there is provided a mail service system based on an agent, the system comprising an agent server, an authentication server, a mobile authentication client, a mail client and a mail server; the proxy server is used for receiving a mail request sent by a user through a mail client, wherein the mail request is a mail sending request or a mail receiving request; caching the mail request, and analyzing a user account from the mail request; sending a user authentication request carrying the user account to an authentication server; receiving an authentication passing message which is fed back by an authentication server and is attached with mail server address information; establishing an agent communication channel according to the address information of the mail server; forwarding the mail request to a mail server using the established proxy communication channel; the authentication server is used for receiving a user authentication request carrying a user account sent by the proxy server; performing user authentication according to the user account and a mobile authentication client pre-bound by the user; after the user passes the authentication, feeding back an authentication passing message attached with the address information of the mail server; and the mobile authentication client is used for carrying out user authentication with the authentication server.
The embodiment of the invention relates to a mail service method, a server, a client and a system based on an agent, wherein firstly, the agent server receives a mail request sent by a user through a mail client; caching the mail request, and analyzing a user account from the mail request; then sending a user authentication request carrying a user account to an authentication server to indicate the authentication server to perform user authentication according to the user account and a mobile authentication client pre-bound by a user, and feeding back an authentication passing message with mail server address information after the user authentication passes; after receiving an authentication passing message attached with mail server address information and fed back by an authentication server, establishing a proxy communication channel according to the mail server address information; and then the mail request is forwarded to the mail server by utilizing the established proxy communication channel. Therefore, the invention adds a mail client control means realized by the mobile authentication client, the proxy server and the authentication server on the basis of the mail service between the normal mail client and the mail server, greatly reduces the security risk caused by the stealing of the user account password information through the proxy mail service of the proxy server and the real-time authentication of the mobile authentication client and the authentication server to the user identity, thereby effectively protecting the user side in the mail service; in addition, the whole process does not need the transformation of a mail server side or the customization and development of a mail client side, the realization mechanism is simple, and the practicability is strong.
Drawings
The above and other objects, features and advantages of exemplary embodiments of the present invention will become readily apparent from the following detailed description read in conjunction with the accompanying drawings. Several embodiments of the invention are illustrated by way of example, and not by way of limitation, in the figures of the accompanying drawings and in which:
in the drawings, the same or corresponding reference numerals indicate the same or corresponding parts.
FIG. 1 is a flow chart illustrating an implementation of a proxy server-based mail service method according to an embodiment of the present invention;
FIG. 2 is a flow chart illustrating the implementation of the agent-based mail service method of the authentication server according to the embodiment of the invention;
FIG. 3 is a flow chart illustrating the implementation of the method for the proxy-based mail service of the mobile authentication client according to the embodiment of the present invention;
FIG. 4 is a flowchart illustrating a specific implementation of the agent-based mail service method according to an embodiment of the present invention;
FIG. 5 is a schematic diagram illustrating the structure of a proxy server according to an embodiment of the present invention;
fig. 6 is a schematic diagram illustrating a configuration of an authentication server according to an embodiment of the present invention;
fig. 7 is a schematic diagram illustrating a component structure of a mobile authentication client according to an embodiment of the present invention;
fig. 8 is a schematic diagram showing a composition structure of the agent-based mail service system according to the embodiment of the present invention.
Detailed Description
In order to make the objects, features and advantages of the present invention more obvious and understandable, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present invention, and it is apparent that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
In the description herein, references to the description of the term "one embodiment," "some embodiments," "an example," "a specific example," or "some examples," etc., mean that a particular feature, structure, material, or characteristic described in connection with the embodiment or example is included in at least one embodiment or example of the invention. Furthermore, the particular features, structures, materials, or characteristics described may be combined in any suitable manner in any one or more embodiments or examples. Furthermore, various embodiments or examples and features of different embodiments or examples described in this specification can be combined and combined by one skilled in the art without contradiction.
Furthermore, the terms "first", "second" and "first" are used for descriptive purposes only and are not to be construed as indicating or implying relative importance or implicitly indicating the number of technical features indicated. Thus, a feature defined as "first" or "second" may explicitly or implicitly include at least one such feature. In the description of the present invention, "a plurality" means two or more unless specifically defined otherwise.
Fig. 1 is a schematic flow chart showing an implementation flow of a proxy server mail service method based on a proxy according to an embodiment of the present invention.
Referring to fig. 1, the method for servicing a mail based on an agent according to an embodiment of the present invention includes: operation 101, receiving a mail request sent by a user through a mail client; operation 102, caching the mail request, and analyzing a user account from the mail request; operation 103, sending a user authentication request carrying the user account to an authentication server to instruct the authentication server to perform user authentication according to the user account and a mobile authentication client pre-bound to the user, and feeding back an authentication passing message accompanied with address information of the mail server after the user authentication passes; an operation 104 of receiving an authentication passing message attached with the mail server address information fed back by the authentication server; an operation 105 of establishing a proxy communication channel according to the mail server address information; at operation 106, the mail request is forwarded to the mail server using the established proxy communication channel.
In operation 101, the mail request may be a mail sending request or a mail receiving request. In addition, the mail request carries the user account. Specifically, referring to fig. 4, when the user opens the email client, no matter whether the user receives or sends the email, the user information, i.e. the user account, needs to be submitted to the server according to the standard POP3 or SMTP protocol, such as: com. for the convenience of the following description, the information of this request will be referred to as S for short.
In operation 102, referring to fig. 4, after receiving the mail request from the mail client, the proxy server caches the mail request, and parses the user account corresponding field yunchunxu @ trusfort.
In operation 103, referring to fig. 4, the proxy server sends a user authentication request carrying the user account to the authentication server, that is, attaches the parsed user account yunchunxu @ reusfort.com, so as to instruct the authentication server to perform user authentication according to the user account and the mobile authentication client pre-bound to the user, and feeds back an authentication passing message attached with the address information of the mail server after the user authentication passes.
In operations 104-105, referring to fig. 4, after the proxy server receives the authentication pass message accompanied with the mail server address information fed back by the authentication server, a proxy communication channel is established for the user according to the mail server address information. Here, the mail server address information may be a domain name or an IP address of the mail service.
In operation 106, referring to fig. 4, the mail request S cached in operation 102 is forwarded to the mail server using the established proxy communication channel. Thus, after receiving the mail request of the standard protocol, the mail server can normally respond to the mail request.
According to one embodiment of the invention, the authentication server generally sets an authentication validity period and attaches the authentication validity period to the authentication passing message, so that the proxy server can directly proxy the mail service in the subsequent authentication validity period. Specifically, after the proxy server receives the secondary mail request sent by the user through the mail client within the authentication validity period, the secondary mail request can be directly forwarded to the mail server by using the established proxy communication channel. Of course, the shorter the authentication validity period, the more secure the local use.
The invention embodiment is a mail service method based on agent, firstly, an agent server receives a mail request sent by a user through a mail client; caching the mail request, and analyzing a user account from the mail request; then sending a user authentication request carrying a user account to an authentication server to indicate the authentication server to perform user authentication according to the user account and a mobile authentication client pre-bound by a user, and feeding back an authentication passing message with mail server address information after the user authentication passes; after receiving an authentication passing message attached with mail server address information and fed back by an authentication server, establishing a proxy communication channel according to the mail server address information; and then the mail request is forwarded to the mail server by utilizing the established proxy communication channel. Therefore, the invention adds a mail client control means realized by the mobile authentication client, the proxy server and the authentication server on the basis of the mail service between the normal mail client and the mail server, greatly reduces the security risk caused by the stealing of the user account password information through the proxy mail service of the proxy server and the real-time authentication of the mobile authentication client and the authentication server to the user identity, thereby effectively protecting the user side in the mail service; in addition, the whole process does not need the transformation of a mail server side or the customization and development of a mail client side, the realization mechanism is simple, and the practicability is strong.
Fig. 2 is a flow chart illustrating the implementation of the method for the proxy-based mail service of the authentication server according to the embodiment of the present invention.
Referring to fig. 2, the method for servicing a mail based on an agent according to an embodiment of the present invention includes: operation 201, receiving a user authentication request carrying a user account sent by a proxy server; operation 202, performing user authentication according to the user account and a mobile authentication client pre-bound by the user; in operation 203, after the user passes the authentication, an authentication passing message accompanied with the address information of the mail server is fed back to instruct the proxy server to establish a proxy communication channel according to the address information of the mail server.
Specifically, in operation 202, after the proxy server performs operations 101 to 103, the authentication server receives a user authentication request carrying a user account, and queries whether the user is registered and bound with the mobile authentication client in advance according to the user account to obtain a query result; and if the query result indicates that the user is registered and bound with the mobile authentication client in advance, directly authenticating the user with the mobile authentication client bound in advance.
Referring to fig. 4, the authentication server receives a user authentication request carrying a user account yunchunxu @ tresfort.com; and then, the authentication server inquires whether the user has made mobile terminal registration binding according to the user account yunchunxu @ trusfort.
According to an embodiment of the present invention, in operation 202, the authentication server pushes an authentication notification message to the mobile authentication client to instruct the mobile authentication client to send authentication credential information input by a user; and receiving authentication credential information sent by the mobile authentication client, and performing user authentication according to the authentication credential information. The authentication credential information may be any information that can uniquely identify the user identity, such as a user fingerprint, a voiceprint, a lip print, a face, and the like. Therefore, on the basis of the original mail service, the interaction between the authentication server and the mobile authentication client is increased to carry out user authentication, and the security risk caused by the theft of the user name and the password can be greatly reduced.
Specifically, referring to fig. 4, the authentication server pushes an authentication notification message to the mobile authentication client; then, the user opens the mobile authentication client and inputs authentication credential information, such as: a user fingerprint; the mobile terminal authentication client sends the authentication credential information entered by the user to the authentication server, so that the authentication server performs user authentication according to the authentication credential information, i.e. checks whether the authentication credential information (user fingerprint) is correct or not.
In operation 203, after the user passes the authentication, the authentication server feeds back an authentication pass message accompanied with the address information of the mail server to instruct the proxy server to establish a proxy communication channel according to the address information of the mail server. The mail server address information may be a domain name or an IP address of the mail service.
Therefore, after user authentication is completed through the mobile authentication client and the authentication server, the authentication server provides the mail server address (domain name or IP address) to the proxy server, so that the mail server is not required to be modified or the mail client is not required to be customized and developed in the whole implementation process, the implementation mechanism is simple, and the practicability is high.
Fig. 3 is a schematic flow chart showing the implementation of the agent-based mail service method of the mobile authentication client according to the embodiment of the invention.
Referring to fig. 3, the method for servicing a mail based on an agent according to an embodiment of the present invention includes: operation 301, receiving an authentication notification message pushed by an authentication server; operation 302, receiving authentication credential information of a user in response to the authentication notification message; operation 303, sending the authentication credential information, so that the authentication server performs user authentication according to the authentication credential information.
The authentication credential information may be any information that can uniquely identify the user identity, such as a user fingerprint, a voiceprint, a lip print, a face, and the like.
Here, when the authentication server performs operation 202, it is queried that the user is registered and bound with the mobile authentication client in advance according to the user account, and then the user authentication is directly performed with the mobile authentication client that is bound in advance.
Specifically, in operations 301-303, referring to FIG. 4, a mobile authentication client receives an authentication notification message pushed by an authentication server; then, the user opens the mobile authentication client and inputs authentication credential information, such as: a user fingerprint; the mobile terminal authentication client sends the authentication credential information entered by the user to the authentication server, so that the authentication server performs user authentication according to the authentication credential information, i.e. checks whether the authentication credential information (user fingerprint) is correct or not.
Therefore, on the basis of the original mail service, the interaction between the authentication server and the mobile authentication client is increased to carry out user authentication, and the security risk caused by the theft of the user name and the password can be greatly reduced.
Similarly, based on the above-mentioned proxy-based mail service method of the proxy server, the embodiment of the present invention further provides a proxy server, as shown in fig. 5, where the proxy server 50 includes: a receiving module 501, configured to send a mail request through a mail client by a user, where the mail request is a mail sending request or a mail receiving request; a cache parsing module 502, configured to cache the mail request and parse a user account from the mail request; a sending module 503, configured to send a user authentication request carrying the user account to an authentication server, so as to instruct the authentication server to perform user authentication according to the user account and a mobile authentication client pre-bound to the user, and after the user authentication is passed, feed back an authentication pass message with address information of the mail server; the receiving module 501 is further configured to receive an authentication passing message with address information of the mail server fed back by the authentication server; a channel establishing module 504, configured to establish a proxy communication channel according to the mail server address information; a forwarding module 505, configured to forward the mail request to the mail server by using the established proxy communication channel.
According to an embodiment of the present invention, the authentication passing message is further accompanied by an authentication validity period; the receiving module 501 is further configured to receive a secondary email request sent by a user through an email client in the authentication validity period; and the forwarding module 505 is further configured to forward the secondary mail request to the mail server by using the established proxy communication channel.
Here, it should be noted that: the above description of the embodiment of the proxy server is similar to the description of the embodiment of the method shown in fig. 1 and fig. 4, and has similar beneficial effects to the embodiment of the method shown in fig. 1 and fig. 4, and therefore, the description is omitted. For technical details that are not disclosed in the proxy server embodiment of the present invention, please refer to the description of the method embodiment shown in fig. 1 and fig. 4 for understanding, and therefore, for brevity, will not be described again.
Similarly, based on the above-mentioned mail service method based on proxy for authentication server, the embodiment of the present invention further provides an authentication server, as shown in fig. 6, where the authentication server 60 includes: a receiving module 601, configured to send a user authentication request carrying a user account from a proxy server; a user authentication module 602, configured to perform user authentication according to the user account and a mobile authentication client pre-bound to the user; a sending module 603, configured to feed back an authentication passing message with address information of the mail server after the user passes the authentication, so as to instruct the proxy server to establish a proxy communication channel according to the address information of the mail server.
According to an embodiment of the present invention, the user authentication module 602 is specifically configured to query, according to the user account, whether the user is registered and bound with the mobile authentication client in advance, so as to obtain a query result; and if the query result indicates that the user is registered and bound with the mobile authentication client in advance, directly authenticating the user with the mobile authentication client bound in advance.
According to an embodiment of the present invention, the user authentication module 602 is specifically configured to push an authentication notification message to a mobile authentication client to instruct the mobile authentication client to send authentication credential information input by a user; and receiving authentication credential information sent by the mobile authentication client, and performing user authentication according to the authentication credential information.
Here, it should be noted that: the above description of the embodiment of the authentication server is similar to the description of the embodiment of the method shown in fig. 2 and fig. 4, and has similar beneficial effects to the embodiment of the method shown in fig. 2 and fig. 4, and therefore, the description is omitted. For technical details that are not disclosed in the embodiment of the authentication server of the present invention, please refer to the description of the method embodiment shown in fig. 2 and fig. 4 of the present invention, which will not be repeated herein for brevity.
Similarly, based on the above-mentioned agent-based mail service method for the mobile authentication client, an embodiment of the present invention further provides a mobile authentication client, and as shown in fig. 7, the mobile authentication client 70 includes: a receiving module 701, configured to receive an authentication notification message pushed by an authentication server; further for receiving authentication credential information of the user in response to the authentication notification message; a sending module 702, configured to send the authentication credential information, so that the authentication server performs user authentication according to the authentication credential information.
Here, it should be noted that: the above description of the embodiment of the mobile authentication client is similar to the description of the embodiment of the method shown in fig. 3 and fig. 4, and has similar beneficial effects to the embodiment of the method shown in fig. 3 and fig. 4, and therefore, the description is omitted. For technical details not disclosed in the embodiment of the mobile authentication client of the present invention, please refer to the description of the method embodiments shown in fig. 3 and fig. 4 of the present invention for understanding, and therefore, for brevity, will not be described again.
Further, based on the above-mentioned agent-based mail service method, an embodiment of the present invention further provides an agent-based mail service system, as shown in fig. 8, where the system 80 includes: a proxy server 801, an authentication server 802, a mobile authentication client 803, a mail client 804, and a mail server 805; the proxy server 801 is configured to receive a mail request sent by a user through a mail client 804, where the mail request is a mail sending request or a mail receiving request; caching the mail request, and analyzing a user account from the mail request; sending a user authentication request carrying the user account to an authentication server 802; receiving an authentication passing message attached with mail server address information fed back by the authentication server 802; establishing an agent communication channel according to the address information of the mail server; forwarding the mail request to mail server 805 using the established proxy communication channel; an authentication server 802, configured to receive a user authentication request with a user account sent by the proxy server 801; performing user authentication according to the user account and a mobile authentication client 803 bound with the user in advance; after the user passes the authentication, feeding back an authentication passing message attached with the address information of the mail server; a mobile authentication client 803 for performing user authentication with the authentication server 802.
Here, it should be noted that: the above description of the embodiment of the agent-based mail service system is similar to the description of the method embodiments shown in fig. 1 to 4, and has similar beneficial effects to the method embodiments shown in fig. 1 to 4, and therefore, the description thereof is omitted. For technical details that are not disclosed in the embodiment of the agent-based mail service system of the present invention, please refer to the description of the method embodiments shown in fig. 1 to 4 of the present invention for understanding, and therefore, for brevity, will not be described again.
It should be noted that, in this document, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.
In the several embodiments provided in the present application, it should be understood that the disclosed apparatus and method may be implemented in other ways. The above-described device embodiments are merely illustrative, for example, the division of the unit is only a logical functional division, and there may be other division ways in actual implementation, such as: multiple units or components may be combined, or may be integrated into another device, or some features may be omitted, or not implemented. In addition, the coupling, direct coupling or communication connection between the components shown or discussed may be through some interfaces, and the indirect coupling or communication connection between the devices or units may be electrical, mechanical or other forms.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units; can be located in one place or distributed on a plurality of network units; some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
In addition, all the functional units in the embodiments of the present invention may be integrated into one processing unit, or each unit may be separately regarded as one unit, or two or more units may be integrated into one unit; the integrated unit can be realized in a form of hardware, or in a form of hardware plus a software functional unit.
Those of ordinary skill in the art will understand that: all or part of the steps for realizing the method embodiments can be completed by hardware related to program instructions, the program can be stored in a computer readable storage medium, and the program executes the steps comprising the method embodiments when executed; and the aforementioned storage medium includes: various media that can store program codes, such as a removable Memory device, a Read Only Memory (ROM), a magnetic disk, or an optical disk.
Alternatively, the integrated unit of the present invention may be stored in a computer-readable storage medium if it is implemented in the form of a software functional module and sold or used as a separate product. Based on such understanding, the technical solutions of the embodiments of the present invention may be essentially implemented or a part contributing to the prior art may be embodied in the form of a software product, which is stored in a storage medium and includes several instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the methods described in the embodiments of the present invention. And the aforementioned storage medium includes: a removable storage device, a ROM, a magnetic or optical disk, or other various media that can store program code.
The above description is only for the specific embodiments of the present invention, but the scope of the present invention is not limited thereto, and any person skilled in the art can easily conceive of the changes or substitutions within the technical scope of the present invention, and all the changes or substitutions should be covered within the scope of the present invention. Therefore, the protection scope of the present invention shall be subject to the protection scope of the claims.

Claims (10)

1. An agent-based mail service method, applied to an agent server, the method comprising:
receiving a mail request sent by a user through a mail client, wherein the mail request is a mail sending request or a mail receiving request;
caching the mail request, and analyzing a user account from the mail request;
sending a user authentication request carrying the user account to an authentication server to indicate the authentication server to perform user authentication according to the user account and a mobile authentication client pre-bound by a user, and feeding back an authentication passing message with mail server address information after the user authentication passes;
receiving an authentication passing message which is fed back by an authentication server and is attached with mail server address information;
establishing an agent communication channel according to the address information of the mail server;
and forwarding the mail request to a mail server by utilizing the established proxy communication channel.
2. The method according to claim 1, wherein the authentication passing message is further accompanied by an authentication validity period; the method further comprises the following steps:
receiving a secondary mail request sent by a user through a mail client in the authentication validity period;
and forwarding the secondary mail request to a mail server by utilizing the established proxy communication channel.
3. An agent-based mail service method applied to an authentication server, the method comprising:
receiving a user authentication request carrying a user account sent by a proxy server;
performing user authentication according to the user account and a mobile authentication client pre-bound by the user;
and after the user passes the authentication, feeding back an authentication passing message attached with the address information of the mail server to instruct the proxy server to establish a proxy communication channel according to the address information of the mail server.
4. The method of claim 3, wherein the performing user authentication according to the mobile authentication client pre-bound to the user account comprises:
inquiring whether the user is registered and bound with a mobile authentication client in advance according to the user account to obtain an inquiry result;
and if the query result indicates that the user is registered and bound with the mobile authentication client in advance, directly authenticating the user with the mobile authentication client bound in advance.
5. The method of claim 3, wherein the performing user authentication according to the mobile authentication client pre-bound to the user account comprises:
pushing an authentication notification message to a mobile authentication client to instruct the mobile authentication client to send authentication credential information input by a user;
and receiving authentication credential information sent by the mobile authentication client, and performing user authentication according to the authentication credential information.
6. An agent-based mail service method, applied to a mobile authentication client, the method comprising:
receiving an authentication notification message pushed by an authentication server;
receiving authentication credential information of a user in response to the authentication notification message;
and sending the authentication credential information to allow the authentication server to carry out user authentication according to the authentication credential information.
7. A proxy server, characterized in that the proxy server comprises:
the receiving module is used for sending a mail request through a mail client by a user, wherein the mail request is a mail sending request or a mail receiving request;
the cache analysis module is used for caching the mail request and analyzing a user account from the mail request;
a sending module, configured to send a user authentication request carrying the user account to an authentication server, so as to instruct the authentication server to perform user authentication according to the user account and a mobile authentication client pre-bound to the user, and after the user authentication is passed, feed back an authentication pass message with address information of the mail server;
the receiving module is also used for receiving an authentication passing message which is fed back by the authentication server and is attached with the address information of the mail server;
the channel establishing module is used for establishing an agent communication channel according to the address information of the mail server;
and the forwarding module is used for forwarding the mail request to the mail server by utilizing the established proxy communication channel.
8. An authentication server, characterized in that the authentication server comprises:
the receiving module is used for sending a user authentication request carrying a user account by the proxy server;
the user authentication module is used for carrying out user authentication according to the user account and a mobile authentication client pre-bound by the user;
and the sending module is used for feeding back an authentication passing message attached with the address information of the mail server after the user passes the authentication so as to indicate the proxy server to establish a proxy communication channel according to the address information of the mail server.
9. A mobile authentication client, the mobile authentication client comprising:
a receiving module for receiving the authentication notification message pushed by the authentication server; further for receiving authentication credential information of the user in response to the authentication notification message;
and the sending module is used for sending the authentication credential information so that the authentication server can carry out user authentication according to the authentication credential information.
10. A mail service system based on agent is characterized in that the system comprises an agent server, an authentication server, a mobile authentication client, a mail client and a mail server; wherein the content of the first and second substances,
the proxy server is used for receiving a mail request sent by a user through a mail client, wherein the mail request is a mail sending request or a mail receiving request; caching the mail request, and analyzing a user account from the mail request; sending a user authentication request carrying the user account to an authentication server; receiving an authentication passing message which is fed back by an authentication server and is attached with mail server address information; establishing an agent communication channel according to the address information of the mail server; forwarding the mail request to a mail server using the established proxy communication channel;
the authentication server is used for receiving a user authentication request carrying a user account sent by the proxy server; performing user authentication according to the user account and a mobile authentication client pre-bound by the user; after the user passes the authentication, feeding back an authentication passing message attached with the address information of the mail server;
and the mobile authentication client is used for carrying out user authentication with the authentication server.
CN202010127988.3A 2020-02-28 2020-02-28 Agent-based mail service method, server, client and system Active CN111343080B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010127988.3A CN111343080B (en) 2020-02-28 2020-02-28 Agent-based mail service method, server, client and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010127988.3A CN111343080B (en) 2020-02-28 2020-02-28 Agent-based mail service method, server, client and system

Publications (2)

Publication Number Publication Date
CN111343080A true CN111343080A (en) 2020-06-26
CN111343080B CN111343080B (en) 2020-12-04

Family

ID=71188003

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010127988.3A Active CN111343080B (en) 2020-02-28 2020-02-28 Agent-based mail service method, server, client and system

Country Status (1)

Country Link
CN (1) CN111343080B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111953664A (en) * 2020-07-27 2020-11-17 新浪网技术(中国)有限公司 User request verification method and system based on variable security level

Citations (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101262500A (en) * 2008-04-23 2008-09-10 杭州华三通信技术有限公司 Method, access controller and WEB authentication server for pushing login page
WO2011116546A1 (en) * 2010-03-26 2011-09-29 中兴通讯股份有限公司 Method for accessing mobile email client to server, and mobile terminal
CN102685094A (en) * 2011-12-16 2012-09-19 河南科技大学 Reverse proxy system and method
CN103338188A (en) * 2013-06-08 2013-10-02 北京大学 Dynamic authentication method of client side suitable for mobile cloud
CN103384249A (en) * 2013-07-08 2013-11-06 北京星网锐捷网络技术有限公司 Network access authentication method, device and system and authentication server
CN103535090A (en) * 2011-02-15 2014-01-22 黑莓有限公司 System and method for identity management for mobile devices
CN103873488A (en) * 2014-04-08 2014-06-18 北京极科极客科技有限公司 Internet surfing control method based on router plug-in
CN103944802A (en) * 2014-04-17 2014-07-23 杭州华三通信技术有限公司 Method and device for controlling mobile equipment to use Exchange mailbox
CN103986725A (en) * 2014-05-29 2014-08-13 中国农业银行股份有限公司 Client side, server side and identity authentication system and method
CN105025009A (en) * 2015-06-10 2015-11-04 深圳奥联信息安全技术有限公司 A method for reinforcing mail system access safety and a mail safety access system
CN105959267A (en) * 2016-04-25 2016-09-21 北京九州云腾科技有限公司 Primary token acquiring method of single sign on technology, single sign on method, and single sign on system
US20170034164A1 (en) * 2015-07-30 2017-02-02 Verizon Patent And Licensing Inc. Multifactor authentication for mail server access
CN106506433A (en) * 2015-09-06 2017-03-15 中兴通讯股份有限公司 Login authentication method, certificate server, Authentication Client and login client
CN110572395A (en) * 2019-09-09 2019-12-13 车智互联(北京)科技有限公司 Identity verification method and system

Patent Citations (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101262500A (en) * 2008-04-23 2008-09-10 杭州华三通信技术有限公司 Method, access controller and WEB authentication server for pushing login page
WO2011116546A1 (en) * 2010-03-26 2011-09-29 中兴通讯股份有限公司 Method for accessing mobile email client to server, and mobile terminal
CN103535090A (en) * 2011-02-15 2014-01-22 黑莓有限公司 System and method for identity management for mobile devices
CN102685094A (en) * 2011-12-16 2012-09-19 河南科技大学 Reverse proxy system and method
CN103338188A (en) * 2013-06-08 2013-10-02 北京大学 Dynamic authentication method of client side suitable for mobile cloud
CN103384249A (en) * 2013-07-08 2013-11-06 北京星网锐捷网络技术有限公司 Network access authentication method, device and system and authentication server
CN103873488A (en) * 2014-04-08 2014-06-18 北京极科极客科技有限公司 Internet surfing control method based on router plug-in
CN103944802A (en) * 2014-04-17 2014-07-23 杭州华三通信技术有限公司 Method and device for controlling mobile equipment to use Exchange mailbox
CN103986725A (en) * 2014-05-29 2014-08-13 中国农业银行股份有限公司 Client side, server side and identity authentication system and method
CN105025009A (en) * 2015-06-10 2015-11-04 深圳奥联信息安全技术有限公司 A method for reinforcing mail system access safety and a mail safety access system
US20170034164A1 (en) * 2015-07-30 2017-02-02 Verizon Patent And Licensing Inc. Multifactor authentication for mail server access
CN106506433A (en) * 2015-09-06 2017-03-15 中兴通讯股份有限公司 Login authentication method, certificate server, Authentication Client and login client
CN105959267A (en) * 2016-04-25 2016-09-21 北京九州云腾科技有限公司 Primary token acquiring method of single sign on technology, single sign on method, and single sign on system
CN110572395A (en) * 2019-09-09 2019-12-13 车智互联(北京)科技有限公司 Identity verification method and system

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111953664A (en) * 2020-07-27 2020-11-17 新浪网技术(中国)有限公司 User request verification method and system based on variable security level

Also Published As

Publication number Publication date
CN111343080B (en) 2020-12-04

Similar Documents

Publication Publication Date Title
US9342684B2 (en) Flexible real-time inbox access
US7143118B2 (en) Method and system for alert delivery architecture
CA2584143C (en) A method and system for regulating electronic mail
US20130182849A1 (en) Contact management system and method
US20060075122A1 (en) Method and system for managing cookies according to a privacy policy
CN101094472A (en) Method for configuring parameters of software in mobile terminal, mobile terminal, and server
US20110219135A1 (en) Information processing device, communication address providing system, method and program used for same
US8774760B2 (en) Method and system for providing real-time alert notification
AU2013223989B2 (en) Method for the certification of electronic mail delivery
EP2805455B1 (en) A method, a system and a computer program product for certifying that a destination email server has received an email message sent from a sender to at least one destination address
CN111343080B (en) Agent-based mail service method, server, client and system
WO2008071109A1 (en) A method and system for realizing the third-party mail account management
US20080268883A1 (en) Spam short message blocking system using a call back short message and a method thereof
EP1988671A1 (en) Spam short message blocking system using a call back short message and a method thereof
KR20060120047A (en) Method and system for delivering electronic messages using a trusted delivery system
US20070038709A1 (en) Method and system for identifying spam email
JP6548904B2 (en) Method of generating certified electronic contract by telecommunications company customer
EP2175595B1 (en) System and method for provisioning an email account
US8793318B1 (en) System and method for identifying and reporting improperly registered web sites
NL1024095C1 (en) Spam elimination system for e-mail, SMS and MMS messages, enables direct marketing organisations to send messages only to consenting customers
KR20230052691A (en) Short url processing server and control method therof
US8126972B2 (en) Access management for messaging systems and methods
TWI330020B (en)
CN116541857A (en) Double-link sensitive data transmission method and system
EP1955180A2 (en) Provision of secure rss feeds using a secure rss catcher

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant