CN113159736B - Mailbox management method and device - Google Patents
Mailbox management method and device Download PDFInfo
- Publication number
- CN113159736B CN113159736B CN202110557802.2A CN202110557802A CN113159736B CN 113159736 B CN113159736 B CN 113159736B CN 202110557802 A CN202110557802 A CN 202110557802A CN 113159736 B CN113159736 B CN 113159736B
- Authority
- CN
- China
- Prior art keywords
- password
- preset
- sent
- authentication password
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000007726 management method Methods 0.000 title claims abstract description 35
- 230000002159 abnormal effect Effects 0.000 claims abstract description 66
- 238000000034 method Methods 0.000 claims abstract description 30
- 230000004048 modification Effects 0.000 claims description 13
- 238000012986 modification Methods 0.000 claims description 13
- 238000004590 computer program Methods 0.000 claims description 9
- 238000012545 processing Methods 0.000 claims description 8
- 241000700605 Viruses Species 0.000 claims description 4
- 238000010586 diagram Methods 0.000 description 13
- 230000008569 process Effects 0.000 description 13
- 238000004891 communication Methods 0.000 description 7
- 230000006870 function Effects 0.000 description 6
- 230000003287 optical effect Effects 0.000 description 4
- 230000005540 biological transmission Effects 0.000 description 3
- 230000008901 benefit Effects 0.000 description 2
- 239000000835 fiber Substances 0.000 description 2
- 230000000644 propagated effect Effects 0.000 description 2
- 239000004065 semiconductor Substances 0.000 description 2
- 206010033799 Paralysis Diseases 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 239000004973 liquid crystal related substance Substances 0.000 description 1
- 239000013307 optical fiber Substances 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q10/00—Administration; Management
- G06Q10/10—Office automation; Time management
- G06Q10/107—Computer-aided management of electronic mailing [e-mailing]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/45—Structures or tools for the administration of authentication
- G06F21/46—Structures or tools for the administration of authentication by designing passwords or checking the strength of passwords
Landscapes
- Engineering & Computer Science (AREA)
- Business, Economics & Management (AREA)
- Theoretical Computer Science (AREA)
- Human Resources & Organizations (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Strategic Management (AREA)
- Physics & Mathematics (AREA)
- Entrepreneurship & Innovation (AREA)
- General Physics & Mathematics (AREA)
- Data Mining & Analysis (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Economics (AREA)
- Marketing (AREA)
- Operations Research (AREA)
- Quality & Reliability (AREA)
- Tourism & Hospitality (AREA)
- General Business, Economics & Management (AREA)
- Information Transfer Between Computers (AREA)
Abstract
The invention discloses a mailbox management method and device, and relates to the technical field of Internet. One embodiment of the method comprises the following steps: receiving a mail sending request sent by a user side, wherein the mail sending request comprises a mail to be sent and an authentication password; determining whether the authentication password meets a preset password strategy; when the authentication password meets a preset password strategy, identifying the mail to be sent, and judging whether the mail to be sent is a normal mail or not; when judging that the mail to be sent is abnormal mail, increasing the quantity of the abnormal mail sent by the user terminal in a preset first time period, determining whether the quantity is larger than the preset quantity, and if so, suspending the use of the user terminal in a preset second time period. According to the embodiment, when the user terminal is maliciously utilized and abnormal mails are continuously sent outwards, the user terminal can be paused, resources are prevented from being excessively occupied by the user terminal, and normal use of other users on the mailbox is further ensured.
Description
Technical Field
The present invention relates to the field of internet technologies, and in particular, to a mailbox management method and device.
Background
In a use scenario for enterprise mailboxes, one mail server may serve mailboxes for multiple users. If a mailbox of one user is maliciously utilized due to attack or password leakage, abnormal mails are continuously sent outwards, so that resources of a mail server are occupied, and even the whole mail server is possibly paralyzed, and normal use of the mailbox by other users in an enterprise is affected.
Disclosure of Invention
In view of this, an embodiment of the present invention provides a mailbox management method and apparatus, which can determine whether an authentication password included in a mail sending request sent by a user terminal meets a preset password policy, identify a mail to be sent when determining that the authentication password meets the preset password policy, determine whether the mail to be sent is a normal mail, if yes, determine whether the number of abnormal mails sent by the user terminal within a preset first time period is greater than a preset number, and pause the use of the user terminal within a preset second time period when the user terminal sends the abnormal mails greater than the preset number within the preset first time period, so that when a mailbox is maliciously utilized and continuously sends the abnormal mails outwards due to attack or password leakage of a certain user terminal, the user terminal can be paused, so that resources are prevented from being excessively occupied by the user terminal, and normal use of other users for mailboxes is further ensured.
To achieve the above object, according to one aspect of the embodiments of the present invention, there is provided a mailbox management method.
The mailbox management method of the embodiment of the invention comprises the following steps:
receiving a mail sending request sent by a user side, wherein the mail sending request comprises a mail to be sent and an authentication password;
determining whether the authentication password meets a preset password strategy;
When the authentication password meets a preset password strategy, identifying the mail to be sent, and judging whether the mail to be sent is a normal mail or not;
when judging that the mail to be sent is abnormal mail, increasing the quantity of the abnormal mail sent by the user terminal in a preset first time period, determining whether the quantity is larger than the preset quantity, and if so, suspending the use of the user terminal in a preset second time period.
Alternatively, the process may be carried out in a single-stage,
Determining whether the authentication password meets a preset password policy comprises:
calculating the single purity of the authentication password;
determining whether the single purity is greater than a first preset threshold included in the preset password policy, and if not, determining that the authentication password does not meet the preset password policy.
Alternatively, the process may be carried out in a single-stage,
The preset password strategy comprises the following steps: a plurality of weak passwords;
determining whether the authentication password meets a preset password policy comprises:
And determining whether the complexity of the authentication password is greater than a second preset threshold included in the preset password strategy, if so, determining whether the authentication password is included in the plurality of weak passwords, and if so, determining that the authentication password does not meet the preset password strategy.
Alternatively, the process may be carried out in a single-stage,
The mail sending request further includes: a user end mark;
determining whether the authentication password meets a preset password policy comprises:
calculating the similarity between the authentication password and the user identifier;
And determining whether the similarity is larger than a third preset threshold included in the preset password strategy, and if so, determining that the authentication password does not meet the preset password strategy.
Alternatively, the process may be carried out in a single-stage,
The preset password strategy comprises the following steps: the user end marks the corresponding effective time length of the password;
determining whether the authentication password meets a preset password policy comprises:
And determining whether the using time length of the authentication password is longer than the effective time length of the password, and if so, determining that the authentication password does not meet the preset password strategy.
Alternatively, the process may be carried out in a single-stage,
When the authentication password is determined not to meet the preset password policy, the method further comprises the following steps:
refusing to send the mail to be sent;
Suspending the use of the user terminal in a preset third duration; and/or sending a password modification prompt mail to the user terminal, wherein the content of the password modification prompt mail comprises information which is not sent by the mail to be sent and the reason that the authentication password does not meet the preset password policy, so that the user terminal modifies the authentication password.
Alternatively, the process may be carried out in a single-stage,
When the authentication password meets the preset password strategy, identifying the mail to be sent, and judging whether the mail to be sent is a normal mail or not, wherein the method comprises the following steps:
Analyzing the content and the attachment of the mail to be sent;
And determining whether the content or the attachment of the mail to be sent comprises an abnormal link, and if so, determining that the mail to be sent is an abnormal mail.
Alternatively, the process may be carried out in a single-stage,
In the case that the content of the mail to be sent and the attachment do not include the abnormal link are determined, the method further includes:
determining whether the mail to be sent is junk mail or not according to the content of the mail to be sent by utilizing a semantic recognition model, and if so, determining that the mail to be sent is abnormal mail;
And/or the number of the groups of groups,
And determining whether the attachment of the mail to be sent comprises viruses or not, and if so, determining that the mail to be sent is an abnormal mail.
Alternatively, the process may be carried out in a single-stage,
The user end corresponds to the working time;
the preset second duration is dynamically set according to the interval between the working time and the current time.
Alternatively, the process may be carried out in a single-stage,
When determining that the number of the abnormal mails sent by the user side in the preset first time period is greater than the preset number, the method further comprises the following steps:
And sending a notification mail to the user terminal, wherein the content of the notification mail comprises the reason that the user terminal is suspended to use and the suggested processing mode adopted by the user terminal.
In order to achieve the above object, according to still another aspect of the embodiments of the present invention, there is provided a mailbox management apparatus.
The mailbox management device comprises a request receiving module, a password determining module, a mail judging module and a quantity determining module; wherein:
the request receiving module is used for receiving a mail sending request sent by a user side, wherein the mail sending request comprises a mail to be sent and an authentication password;
the password determining module is used for determining whether the authentication password meets a preset password strategy;
The mail judging module is used for identifying the mail to be sent and judging whether the mail to be sent is a normal mail or not when the authentication password meets the preset password strategy;
the quantity determining module is used for increasing the quantity of the abnormal mails sent by the user terminal in the preset first time period when judging that the mails to be sent are abnormal mails, determining whether the quantity is larger than the preset quantity, and if so, suspending the use of the user terminal in the preset second time period.
To achieve the above object, according to still another aspect of the embodiments of the present invention, there is provided a mailbox management electronic device.
The mailbox management electronic device of the embodiment of the invention comprises: one or more processors; and the storage device is used for storing one or more programs, and when the one or more programs are executed by the one or more processors, the one or more processors realize a mailbox management method of the embodiment of the invention.
To achieve the above object, according to still another aspect of the embodiments of the present invention, there is provided a computer-readable storage medium.
A computer-readable storage medium of an embodiment of the present invention stores a computer program thereon, which when executed by a processor implements a mailbox management method of an embodiment of the present invention.
One embodiment of the above invention has the following advantages or benefits: the method comprises the steps that whether an authentication password contained in a mail sending request sent by a user terminal meets a preset password strategy can be determined, when the authentication password meets the preset password strategy, the mail to be sent is identified, whether the mail to be sent is a normal mail or not is judged, if the mail to be sent is an abnormal mail, whether the number of the abnormal mails sent by the user terminal in a preset first time period is larger than the preset number is determined, when the user terminal sends the abnormal mails larger than the preset number in the preset first time period, the use of the user terminal is suspended in a preset second time period, and therefore when a mailbox is maliciously utilized and the abnormal mails are continuously sent outwards due to the fact that a certain user terminal is attacked or the password is leaked, the user terminal can be suspended in use, excessive occupation of resources by the user terminal is avoided, and normal use of other users on the mailbox is guaranteed.
Further effects of the above-described non-conventional alternatives are described below in connection with the embodiments.
Drawings
The drawings are included to provide a better understanding of the invention and are not to be construed as unduly limiting the invention. Wherein:
fig. 1 is a schematic diagram of main steps of a mailbox management method according to an embodiment of the present invention;
FIG. 2 is a schematic diagram of the main steps of another mailbox management method according to embodiments of the present invention;
fig. 3 is a schematic diagram of main modules of a mailbox management device according to an embodiment of the present invention;
FIG. 4 is an exemplary system architecture diagram in which embodiments of the present invention may be applied;
fig. 5 is a schematic diagram of a computer system suitable for use in implementing an embodiment of the invention.
Detailed Description
Exemplary embodiments of the present invention will now be described with reference to the accompanying drawings, in which various details of the embodiments of the present invention are included to facilitate understanding, and are to be considered merely exemplary. Accordingly, those of ordinary skill in the art will recognize that various changes and modifications of the embodiments described herein can be made without departing from the scope and spirit of the invention. Also, descriptions of well-known functions and constructions are omitted in the following description for clarity and conciseness.
It should be noted that the embodiments of the present invention and the technical features in the embodiments may be combined with each other without collision.
Fig. 1 is a schematic diagram illustrating main steps of a mailbox management method according to an embodiment of the present invention.
As shown in fig. 1, a mailbox management method according to an embodiment of the present invention mainly includes the following steps:
step S101: and receiving a mail sending request sent by the user side, wherein the mail sending request comprises a mail to be sent and an authentication password.
In the embodiment of the invention, the authentication password can be a mailbox login password, a mail sending password or other passwords for verifying whether the state of the user terminal is normal.
Step S102: and determining whether the authentication password meets a preset password strategy.
In the embodiment of the invention, the mailbox service is a 24-hour running service, and the user side can possibly send a mail sending request at any moment, so that whether the user corresponding to the user side correctly uses the authentication password or not can be timely determined through the built-in preset password strategy, and the problem that the authentication password is abused in a mail channel due to malicious intrusion of the host of the user side can be timely found out although the user correctly uses the authentication password.
In the embodiment of the invention, the simplicity of the authentication password can be calculated, and whether the simplicity is larger than the first preset threshold included in the preset password strategy or not is determined so as to determine whether the authentication password meets the preset password strategy or not. If the single purity is determined to be not greater than the first preset threshold, determining that the authentication password does not meet a preset password strategy; and if the single purity is determined to be greater than the first preset threshold value, determining that the authentication password meets a preset password strategy. The simplicity refers to the proportion of the number of different characters in the authentication password to the total characters.
For example, the first preset threshold included in the preset password policy is 50%, and the authentication password included in a certain mail sending request is abc123, where the number of different characters is 6, and the number of total characters is 6, the single purity is calculated to be 100%, and is greater than the first preset threshold by 50%, so that it can be determined that the authentication password satisfies the preset password policy. And the authentication password included in the other mail sending request is aaaabbbbcccc, wherein the number of different characters is 3, and the number of total characters is 12, the single purity is calculated to be 25% and less than the first preset threshold value of 50%, so that the authentication password can be determined to not meet the preset password policy.
In the embodiment of the present invention, the preset password policy may further include: the weak passwords are authentication passwords with complexity meeting the requirements of a preset password strategy and being common, and the complexity is determined according to the length of the authentication passwords and the types of characters used by the authentication passwords. At this time, when determining whether the authentication password satisfies the preset password policy, it may be determined whether the complexity of the authentication password is greater than a second preset threshold included in the preset password policy, if the complexity is not greater than the second preset threshold, it is directly determined that the authentication password does not satisfy the preset password policy, if the complexity is greater than the second preset threshold, it is determined whether the authentication password is included in the plurality of weak passwords, if yes, it is determined that the authentication password does not satisfy the preset password policy, and if no, it is determined that the authentication password satisfies the preset password policy.
In the embodiment of the present invention, the second preset threshold included in the preset password policy may be the same as the first preset threshold, or may be different from the first preset threshold.
For example, while the authentication password included in a certain mail transmission request is ABC123ABC, the authentication password is 9 bits in length, and 3 characters of capital letters, numbers, and lowercase letters are used, it may be determined that the complexity of the authentication password is greater than the second preset threshold included in the preset password policy. At this time, it is determined whether the authentication password is included in the plurality of weak passwords: since ABC123ABC is too common, the preset password policy has treated the password as a weak password, and thus it is determined that the authentication password does not satisfy the preset password policy. While the authentication password included in the other mail transmission request is AOE @ x-! The dc123 may determine that the complexity of the authentication password is greater than a second preset threshold included in the preset password policy, and the authentication password is not included in the plurality of weak passwords included in the preset password policy, so as to determine that the authentication password meets the preset password policy.
In the embodiment of the present invention, the mail sending request may further include: a user end mark; at this time, the similarity between the authentication password and the user terminal identifier may be calculated, and whether the similarity is greater than a third preset threshold included in the preset password policy is determined, so as to determine whether the authentication password meets the preset password policy. If the similarity is larger than a third preset threshold value, determining that the authentication password does not meet a preset password strategy; and if the similarity is not greater than a third preset threshold, determining that the authentication password meets a preset password strategy. The similarity is calculated according to the number of the same characters in the authentication password and the user terminal identifier.
In the embodiment of the present invention, the third preset threshold included in the preset password policy may be the same as the first preset threshold and/or the second preset threshold, or may be different from the first preset threshold and/or the second preset threshold.
For example, the third preset threshold included in the preset password policy is 50%, the user terminal identifier included in a certain mail sending request is abcdef, the authentication password is abcdef123, the number of the same characters in the authentication password and the user terminal identifier is 6, and the length of the authentication password is 9, so that the similarity is 66.7% and is greater than the third preset threshold, and it is determined that the authentication password does not meet the preset password policy. The user terminal identifier included in the other mail sending request is ABCDEF, the authentication password is a12345, the number of the same characters in the authentication password and the user terminal identifier is 1, the length of the authentication password is 6, the similarity is 16.7% and is smaller than a third preset threshold, and therefore it can be determined that the authentication password meets a preset password policy.
In the embodiment of the present invention, the preset password policy may further include: the user end marks the corresponding effective time length of the password; at this time, it may be determined whether the use time period of the authentication password is longer than the password valid time period, so as to determine whether the authentication password satisfies a preset password policy. If the using time of the authentication password is longer than the effective time of the password, determining that the authentication password does not meet a preset password strategy; and if the using time of the authentication password is not longer than the effective time of the password, determining that the authentication password meets the preset password strategy.
In the embodiment of the invention, when the authentication password is determined not to meet the preset password strategy, the mail to be sent can be refused to be sent, and the use of the user terminal is paused in the preset third duration.
In the embodiment of the invention, when the authentication password is determined not to meet the preset password policy, the mail to be sent can be refused to be sent, the password modification prompt mail is sent to the user terminal, and the content of the password modification prompt mail comprises information which is not sent by the mail to be sent and the reason that the authentication password does not meet the preset password policy, so that the user terminal modifies the authentication password.
Step S103: when the authentication password meets the preset password strategy, the mail to be sent is identified, and whether the mail to be sent is a normal mail or not is judged.
In the embodiment of the invention, the mail to be sent comprises content and an attachment, and when the authentication password is determined to meet the preset password strategy, the mail to be sent is identified, and the process of judging whether the mail to be sent is a normal mail comprises the following steps: analyzing the content and the attachment of the mail to be sent; and determining whether the content or the attachment of the mail to be sent comprises an abnormal link, and if so, determining that the mail to be sent is an abnormal mail.
In the embodiment of the present invention, in the case that it is determined that the content of the mail to be sent and the attachment do not include the abnormal link, the method may further include: and determining whether the mail to be sent is junk mail or not according to the content of the mail to be sent by utilizing the semantic recognition model, and if so, determining that the mail to be sent is abnormal mail.
In the embodiment of the present invention, in the case that it is determined that the content of the mail to be sent and the attachment do not include the abnormal link, the method may further include: and determining whether the attachment of the mail to be sent comprises viruses or not, and if so, determining that the mail to be sent is an abnormal mail.
Step S104: when judging that the mail to be sent is abnormal mail, increasing the quantity of the abnormal mail sent by the user terminal in a preset first time period, determining whether the quantity is larger than the preset quantity, and if so, suspending the use of the user terminal in a preset second time period.
In the embodiment of the invention, the user side corresponds to the working time; and the preset second duration is dynamically set according to the interval between the working time and the current time. For example, if the working time of a user terminal is from monday to friday 8:00-18:00, and the current time when the number of abnormal mails sent by the user terminal in the preset first time period is greater than the preset number is from friday to friday 22:00, the preset second time period may be set to ten hours, so that the user terminal is suspended from the current time period to eight am on the second day. By setting the preset second duration, the mailbox can be managed more flexibly, and particularly, the mailbox management requirements of enterprises with inconsistent employee working time can be better met.
In the embodiment of the invention, when the number of the abnormal mails sent by the user terminal in the preset first time period is determined to be greater than the preset number, notification mails can be further sent to the user terminal, and the content of the notification mails comprises the reason that the user terminal is suspended to use and the processing mode adopted by the user terminal is suggested so that the user terminal can check the mailbox.
The following describes a mailbox management method according to the present embodiment in more detail. Fig. 2 is a schematic diagram of main steps of another mailbox management method, which mainly includes the following steps:
Step S201: receiving a mail sending request sent by a user side, wherein the mail sending request comprises a mail to be sent and an authentication password;
step S202: determining whether the authentication password meets a preset password policy, if not, executing step S203, and if yes, executing step S205;
step S203: refusing to send the mail to be sent;
Step S204: suspending the use of the user terminal in a preset third duration; and/or sending a password modification prompt mail to the user terminal, wherein the content of the password modification prompt mail comprises information which is not sent by the mail to be sent and the reason that the authentication password does not meet the preset password policy, so that the user terminal modifies the authentication password;
Step S205: identifying the mail to be sent, judging whether the mail to be sent is a normal mail, if not, executing step S206, and if so, executing step S209;
step S206: refusing to send the mail to be sent, and increasing the number of abnormal mails sent by the user side in a preset first time period;
step S207: determining whether the number of abnormal mails sent by the user side in the preset first time period is greater than the preset number, if yes, executing step S208, and if not, executing step S209;
Step S208: suspending the use of the user terminal in a preset second time period;
step S209: and forwarding the mail to be sent.
According to the mailbox management method provided by the embodiment of the invention, whether the authentication password included in the mail sending request sent by the user terminal meets the preset password strategy can be determined, when the authentication password meets the preset password strategy, the mail to be sent is identified, whether the mail to be sent is a normal mail or not is judged, if the mail to be sent is an abnormal mail, whether the number of the abnormal mails sent by the user terminal in the preset first time period is larger than the preset number is determined, when the user terminal sends the abnormal mails larger than the preset number in the preset first time period, the use of the user terminal is suspended in the preset second time period, so that when the mailbox is maliciously utilized due to attack or password leakage and the like on a certain user terminal and the abnormal mails are continuously sent outwards, the user terminal can be suspended, resources are prevented from being excessively occupied by the user terminal, and the normal use of other users on the mailbox is further ensured.
Fig. 3 is a schematic diagram of main modules of a mailbox management device according to an embodiment of the present invention.
As shown in fig. 3, a mailbox management device 300 according to an embodiment of the present invention includes a request receiving module 301, a password determining module 302, a mail judging module 303, and a quantity determining module 304; wherein:
The request receiving module 301 is configured to receive a mail sending request sent by a user, where the mail sending request includes a mail to be sent and an authentication password;
a password determination module 302, configured to determine whether the authentication password meets a preset password policy;
The mail judging module 303 is configured to identify a mail to be sent and judge whether the mail to be sent is a normal mail when it is determined that the authentication password meets a preset password policy;
The number determining module 304 is configured to increment the number of abnormal mails sent by the user terminal in the preset first time period when the mail to be sent is judged to be the abnormal mail, and determine whether the number is greater than the preset number, if so, suspend the use of the user terminal in the preset second time period.
In an embodiment of the present invention, the password determination module 302 is further configured to: calculating the single purity of the authentication password; determining whether the single purity is greater than a first preset threshold included in the preset password policy, and if not, determining that the authentication password does not meet the preset password policy.
In the embodiment of the invention, the preset password strategy comprises the following steps: a plurality of weak passwords; the password determination module 302 is further configured to: and determining whether the complexity of the authentication password is greater than a second preset threshold included in the preset password strategy, if so, determining whether the authentication password is included in the plurality of weak passwords, and if so, determining that the authentication password does not meet the preset password strategy.
In the embodiment of the invention, the mail sending request further comprises: a user end mark; the password determination module 302 is further configured to: calculating the similarity between the authentication password and the user identifier; and determining whether the similarity is larger than a third preset threshold included in the preset password strategy, and if so, determining that the authentication password does not meet the preset password strategy.
In the embodiment of the invention, the preset password strategy comprises the following steps: the user end marks the corresponding effective time length of the password; the password determination module 302 is further configured to: and determining whether the using time length of the authentication password is longer than the effective time length of the password, and if so, determining that the authentication password does not meet the preset password strategy.
In an embodiment of the present invention, when it is determined that the authentication password does not satisfy the preset password policy, the password determination module 302 is further configured to: refusing to send the mail to be sent; suspending the use of the user terminal in a preset third duration; and/or sending a password modification prompt mail to the user terminal, wherein the content of the password modification prompt mail comprises information which is not sent by the mail to be sent and the reason that the authentication password does not meet the preset password policy, so that the user terminal modifies the authentication password.
In the embodiment of the present invention, the mail judging module 303 is further configured to: analyzing the content and the attachment of the mail to be sent; and determining whether the content or the attachment of the mail to be sent comprises an abnormal link, and if so, determining that the mail to be sent is an abnormal mail.
In the embodiment of the present invention, in the case of determining that the content of the mail to be sent and the attachment do not include the abnormal link, the mail judging module 303 is further configured to: and determining whether the mail to be sent is junk mail or not according to the content of the mail to be sent by utilizing the semantic recognition model, and if so, determining that the mail to be sent is abnormal mail.
In the embodiment of the present invention, in the case of determining that the content of the mail to be sent and the attachment do not include the abnormal link, the mail judging module 303 is further configured to: and determining whether the attachment of the mail to be sent comprises viruses or not, and if so, determining that the mail to be sent is an abnormal mail.
In the embodiment of the invention, the user side corresponds to the working time; the preset second duration is dynamically set according to the interval between the working time and the current time.
In the embodiment of the present invention, when determining that the number of abnormal mails sent by the user side in the preset first time period is greater than the preset number, the number determining module 304 is further configured to: and sending a notification mail to the user terminal, wherein the content of the notification mail comprises the reason that the user terminal is suspended to use and the suggested processing mode adopted by the user terminal.
According to the mailbox management device provided by the embodiment of the invention, whether the authentication password included in the mail sending request sent by the user terminal meets the preset password strategy can be determined, when the authentication password meets the preset password strategy, the mail to be sent is identified, whether the mail to be sent is a normal mail or not is judged, if the mail to be sent is an abnormal mail, whether the number of the abnormal mails sent by the user terminal in the preset first time period is larger than the preset number is determined, when the user terminal sends the abnormal mails larger than the preset number in the preset first time period, the use of the user terminal is suspended in the preset second time period, so that when the mailbox is maliciously utilized due to attack or password leakage and the like on a certain user terminal and the abnormal mails are continuously sent outwards, the user terminal can be suspended, resources are prevented from being excessively occupied by the user terminal, and the normal use of other users on the mailbox is further ensured.
Fig. 4 illustrates an exemplary system architecture 400 to which a mailbox management method or a mailbox management apparatus of embodiments of the present invention may be applied.
As shown in fig. 4, the system architecture 400 may include terminal devices 401, 402, 403, a network 404, and an electronic device 405. The network 404 is used as a medium to provide communication links between the terminal devices 401, 402, 403 and the electronic device 405. The network 404 may include various connection types, such as wired, wireless communication links, or fiber optic cables, among others.
A user may interact with the electronic device 405 via the network 404 using the terminal devices 401, 402, 403 to receive or send messages or the like. Various communication client applications, such as a web browser application, a mailbox client, etc., may be installed on the terminal devices 401, 402, 403.
The terminal devices 401, 402, 403 may be various electronic devices having a display screen and supporting web browsing, including but not limited to smartphones, tablets, laptop and desktop computers, and the like.
The electronic device 405 may be a server providing various services, such as a background management server providing support for mailbox clients used by users with the terminal devices 401, 402, 403. The background management server may analyze and process the received data such as the mail sending request, and feed back the processing result (for example, sending success or failure information) to the terminal device.
It should be noted that, in the embodiment of the present invention, a mailbox management method is generally executed by the electronic device 405, and accordingly, a mailbox management apparatus is generally disposed in the electronic device 405.
It should be understood that the number of terminal devices, networks and electronic devices in fig. 4 is merely illustrative. There may be any number of terminal devices, networks, and electronic devices, as desired for implementation.
Referring now to FIG. 5, there is illustrated a schematic diagram of a computer system 500 suitable for use in implementing an embodiment of the present invention. The terminal device shown in fig. 5 is only an example, and should not impose any limitation on the functions and the scope of use of the embodiment of the present invention.
As shown in fig. 5, the computer system 500 includes a Central Processing Unit (CPU) 501, which can perform various appropriate actions and processes according to a program stored in a Read Only Memory (ROM) 502 or a program loaded from a storage section 508 into a Random Access Memory (RAM) 503. In the RAM 503, various programs and data required for the operation of the system 500 are also stored. The CPU 501, ROM 502, and RAM 503 are connected to each other through a bus 504. An input/output (I/O) interface 505 is also connected to bus 504.
The following components are connected to the I/O interface 505: an input section 506 including a keyboard, a mouse, and the like; an output portion 507 including a Cathode Ray Tube (CRT), a Liquid Crystal Display (LCD), and the like, and a speaker, and the like; a storage portion 508 including a hard disk and the like; and a communication section 509 including a network interface card such as a LAN card, a modem, or the like. The communication section 509 performs communication processing via a network such as the internet. The drive 510 is also connected to the I/O interface 505 as needed. A removable medium 511 such as a magnetic disk, an optical disk, a magneto-optical disk, a semiconductor memory, or the like is mounted on the drive 510 as needed so that a computer program read therefrom is mounted into the storage section 508 as needed.
In particular, according to embodiments of the present disclosure, the processes described above with reference to flowcharts may be implemented as computer software programs. For example, embodiments of the present disclosure include a computer program product comprising a computer program embodied on a computer readable medium, the computer program comprising program code for performing the method shown in the flow chart. In such an embodiment, the computer program may be downloaded and installed from a network via the communication portion 509, and/or installed from the removable media 511. The above-described functions defined in the system of the present invention are performed when the computer program is executed by a Central Processing Unit (CPU) 501.
The computer readable medium shown in the present invention may be a computer readable signal medium or a computer readable storage medium, or any combination of the two. The computer readable storage medium can be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or a combination of any of the foregoing. More specific examples of the computer-readable storage medium may include, but are not limited to: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the context of this document, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. In the present invention, however, the computer-readable signal medium may include a data signal propagated in baseband or as part of a carrier wave, with the computer-readable program code embodied therein. Such a propagated data signal may take any of a variety of forms, including, but not limited to, electro-magnetic, optical, or any suitable combination of the foregoing. A computer readable signal medium may also be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to: wireless, wire, fiber optic cable, RF, etc., or any suitable combination of the foregoing.
The flowcharts and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present invention. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams or flowchart illustration, and combinations of blocks in the block diagrams or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
The modules involved in the embodiments of the present invention may be implemented in software or in hardware. The described modules may also be provided in a processor, for example, as: a processor includes a request receiving module, a password determination module, a mail determination module, and a quantity determination module. The names of these modules do not limit the module itself in some cases, and for example, the request receiving module may also be described as "a module for receiving a mail transmission request sent from the user side".
As another aspect, the present invention also provides a computer-readable medium that may be contained in the apparatus described in the above embodiments; or may be present alone without being fitted into the device. The computer readable medium carries one or more programs which, when executed by a device, cause the device to include: receiving a mail sending request sent by a user side, wherein the mail sending request comprises a mail to be sent and an authentication password; determining whether the authentication password meets a preset password strategy; when the authentication password meets a preset password strategy, identifying the mail to be sent, and judging whether the mail to be sent is a normal mail or not; when judging that the mail to be sent is abnormal mail, increasing the quantity of the abnormal mail sent by the user terminal in a preset first time period, determining whether the quantity is larger than the preset quantity, and if so, suspending the use of the user terminal in a preset second time period.
According to the technical scheme of the embodiment of the invention, whether the authentication password included in the mail sending request sent by the user terminal meets the preset password strategy can be determined, when the authentication password meets the preset password strategy, the mail to be sent is identified, whether the mail to be sent is a normal mail or not is judged, if the mail to be sent is an abnormal mail, whether the number of the abnormal mails sent by the user terminal in the preset first time period is larger than the preset number is determined, when the user terminal sends the abnormal mails larger than the preset number in the preset first time period, the use of the user terminal is suspended in the preset second time period, so that when a mailbox is maliciously utilized and the abnormal mails are continuously sent outwards due to attack or password leakage of a certain user terminal, the user terminal can be suspended, excessive occupation of resources by the user terminal is avoided, and the normal use of other users on the mailbox is further ensured.
The above embodiments do not limit the scope of the present invention. It will be apparent to those skilled in the art that various modifications, combinations, sub-combinations and alternatives can occur depending upon design requirements and other factors. Any modifications, equivalent substitutions and improvements made within the spirit and principles of the present invention should be included in the scope of the present invention.
Claims (9)
1. The mailbox management method is characterized by being applied to a background management server for providing support for a mailbox client and comprising the following steps:
Receiving a mail sending request sent by a user side, wherein the mail sending request comprises a mail to be sent and an authentication password, and the authentication password is one or more of a mailbox login password, a mail sending password and a password for verifying whether the state of the user side is normal;
Determining whether the authentication password meets a preset password strategy;
when the authentication password is determined not to meet the preset password strategy, refusing to send the mail to be sent; when the authentication password meets the preset password strategy, identifying the mail to be sent, and judging whether the mail to be sent is a normal mail or not;
When judging that the mail to be sent is abnormal mail, increasing the quantity of the abnormal mail sent by the user side in a preset first time period, determining whether the quantity is larger than the preset quantity, and if so, suspending the use of the user side in a preset second time period;
wherein the determining whether the authentication password meets a preset password policy comprises:
Calculating the single purity of the authentication password, wherein the single purity refers to the proportion of the number of different characters in the authentication password to the total characters;
determining whether the simplicity is greater than a first preset threshold included in the preset password strategy, and if not, determining that the authentication password does not meet the preset password strategy;
The preset password strategy comprises the following steps: a plurality of weak passwords;
Determining whether the complexity of the authentication password is greater than a second preset threshold included in the preset password strategy, if so, determining whether the authentication password is included in the plurality of weak passwords, and if so, determining that the authentication password does not meet the preset password strategy, wherein the complexity is determined according to the length of the authentication password and the number of types of characters used by the authentication password;
The mail sending request further includes: a user end mark;
calculating the similarity between the authentication password and the user identifier;
determining whether the similarity is larger than a third preset threshold included in the preset password strategy, and if so, determining that the authentication password does not meet the preset password strategy;
the preset password strategy comprises the following steps: the user side identifies the corresponding effective time length of the password;
And determining whether the using time length of the authentication password is longer than the password effective time length, and if so, determining that the authentication password does not meet the preset password strategy.
2. The method of claim 1, wherein when it is determined that the authentication password does not satisfy the preset password policy, further comprising:
Suspending the use of the user terminal in a preset third duration; and/or sending a password modification prompt mail to the user terminal, wherein the content of the password modification prompt mail comprises information which is not sent by the mail to be sent and a reason that the authentication password does not meet the preset password policy, so that the user terminal modifies the authentication password.
3. The method according to claim 1, wherein when the authentication password is determined to satisfy the preset password policy, the identifying the mail to be sent, and determining whether the mail to be sent is a normal mail, includes:
Analyzing the content and the attachment of the mail to be sent;
And determining whether the content or the attachment of the mail to be sent comprises an abnormal link, and if so, determining that the mail to be sent is an abnormal mail.
4. A method according to claim 3, further comprising, in the event that it is determined that the content of the mail to be sent and the attachment do not include an abnormal link:
Determining whether the mail to be sent is junk mail or not according to the content of the mail to be sent by utilizing a semantic recognition model, and if so, determining that the mail to be sent is abnormal mail;
And/or the number of the groups of groups,
And determining whether the attachment of the mail to be sent comprises viruses or not, and if so, determining that the mail to be sent is an abnormal mail.
5. The method of claim 1, wherein the user side corresponds to a working time;
the preset second duration is dynamically set according to the interval between the working time and the current time.
6. The method of claim 1, wherein when determining that the number of abnormal mails sent by the user terminal in the preset first period is greater than the preset number, further comprises:
And sending a notification mail to the user terminal, wherein the content of the notification mail comprises the reason that the user terminal is suspended to use and the processing mode adopted by the user terminal is suggested.
7. The mailbox management device is characterized by comprising a request receiving module, a password determining module, a mail judging module and a quantity determining module; wherein:
The request receiving module is used for receiving a mail sending request sent by a user side, wherein the mail sending request comprises a mail to be sent and an authentication password, and the authentication password is one or more of a mail box login password, a mail sending password and a password for verifying whether the state of the user side is normal;
the password determining module is used for determining whether the authentication password meets a preset password strategy or not; when the authentication password is determined not to meet the preset password strategy, refusing to send the mail to be sent;
the mail judging module is used for identifying the mail to be sent and judging whether the mail to be sent is a normal mail or not when the authentication password meets the preset password strategy;
The quantity determining module is used for increasing the quantity of the abnormal mails sent by the user side in a preset first time period when judging that the mails to be sent are abnormal mails, determining whether the quantity is larger than the preset quantity, and if so, suspending the use of the user side in a preset second time period;
the password determining module is used for:
Calculating the single purity of the authentication password, wherein the single purity refers to the proportion of the number of different characters in the authentication password to the total characters;
determining whether the simplicity is greater than a first preset threshold included in the preset password strategy, and if not, determining that the authentication password does not meet the preset password strategy;
Determining whether the complexity of the authentication password is greater than a second preset threshold included in the preset password strategy, if so, determining whether the authentication password is included in a plurality of weak passwords included in the preset password strategy, and if so, determining that the authentication password does not meet the preset password strategy, wherein the complexity is determined according to the length of the authentication password and the number of types of characters used by the authentication password;
Calculating the similarity between the authentication password and the user identifier included in the mail sending request;
determining whether the similarity is larger than a third preset threshold included in the preset password strategy, and if so, determining that the authentication password does not meet the preset password strategy;
And determining whether the using time length of the authentication password is longer than the effective time length of the password corresponding to the user end identifier included in the preset password strategy, and if so, determining that the authentication password does not meet the preset password strategy.
8. A mailbox management electronic device, comprising:
One or more processors;
storage means for storing one or more programs,
When executed by the one or more processors, causes the one or more processors to implement the method of any of claims 1-6.
9. A computer readable medium, on which a computer program is stored, characterized in that the program, when being executed by a processor, implements the method according to any of claims 1-6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110557802.2A CN113159736B (en) | 2021-05-21 | 2021-05-21 | Mailbox management method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110557802.2A CN113159736B (en) | 2021-05-21 | 2021-05-21 | Mailbox management method and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN113159736A CN113159736A (en) | 2021-07-23 |
| CN113159736B true CN113159736B (en) | 2024-09-24 |
Family
ID=76877015
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110557802.2A Active CN113159736B (en) | 2021-05-21 | 2021-05-21 | Mailbox management method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113159736B (en) |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104539618A (en) * | 2014-12-29 | 2015-04-22 | 宁波江东远通计算机有限公司 | Mail management method, device and terminal |
| CN106888148A (en) * | 2015-12-16 | 2017-06-23 | 中国电信股份有限公司 | For processing the excessively simple method and apparatus of mailing system user cipher |
| CN109862029A (en) * | 2019-03-01 | 2019-06-07 | 论客科技(广州)有限公司 | A kind of method and system of the reply Brute Force behavior using big data analysis |
Family Cites Families (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102255922A (en) * | 2011-08-24 | 2011-11-23 | 山东师范大学 | Intelligent multilevel junk email filtering method |
| CN102801644B (en) * | 2011-12-31 | 2015-01-21 | 华为数字技术(成都)有限公司 | Method and device for blocking mail behavior and gateway |
| JP5612180B2 (en) * | 2012-08-10 | 2014-10-22 | 財團法人工業技術研究院 | Multilayer network connection communication system, smart terminal device and communication method thereof |
| CN104580197A (en) * | 2014-12-31 | 2015-04-29 | 北京奇虎科技有限公司 | Code detection method and code detection system |
| CN106411709A (en) * | 2016-10-13 | 2017-02-15 | 国家电网公司 | Secure mail transmission method and device |
| CN110048936B (en) * | 2019-04-18 | 2021-09-10 | 宁波青年优品信息科技有限公司 | Method for judging junk mail by semantic associated words |
-
2021
- 2021-05-21 CN CN202110557802.2A patent/CN113159736B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104539618A (en) * | 2014-12-29 | 2015-04-22 | 宁波江东远通计算机有限公司 | Mail management method, device and terminal |
| CN106888148A (en) * | 2015-12-16 | 2017-06-23 | 中国电信股份有限公司 | For processing the excessively simple method and apparatus of mailing system user cipher |
| CN109862029A (en) * | 2019-03-01 | 2019-06-07 | 论客科技(广州)有限公司 | A kind of method and system of the reply Brute Force behavior using big data analysis |
Also Published As
| Publication number | Publication date |
|---|---|
| CN113159736A (en) | 2021-07-23 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109981647B (en) | Method and apparatus for detecting brute force cracking | |
| US11443037B2 (en) | Identification of invalid requests | |
| US20200267181A1 (en) | Early detection of potentially-compromised email accounts | |
| CN115277566A (en) | Load balancing method and device for data access, computer equipment and medium | |
| CN117131516B (en) | Operation and maintenance method and device | |
| CN113765871B (en) | Method and device for managing fort machine | |
| CN116961918A (en) | Token acquisition method and device | |
| CN112953719B (en) | Token authentication method and device | |
| CN113159736B (en) | Mailbox management method and device | |
| US9450906B2 (en) | Managing a messaging queue in an asynchronous messaging system | |
| CN112825519B (en) | Method and device for identifying abnormal login | |
| CN113595887A (en) | Flow control method and device in mail system | |
| CN113765864B (en) | Service request processing method and device | |
| CN113765986B (en) | Flow control method of open platform and server | |
| CN112882838B (en) | Method and apparatus for vacating resource instances | |
| US11941438B2 (en) | Method, electronic device, and computer program product for using virtual desktop | |
| CN112069517B (en) | Method and device for managing user rights | |
| CN113766437B (en) | Short message sending method and device | |
| CN115118775B (en) | Browser access request processing method and device and electronic equipment | |
| US20230412546A1 (en) | Reminder notification for permission/access to links in electronic mail transmissions | |
| CN113094332B (en) | File management method and device | |
| CN116561780A (en) | Method and device for processing printing task | |
| CN118803056A (en) | Method, apparatus, device and computer readable medium for front end storage of data | |
| CN116112235A (en) | Data access method and device | |
| CN116800595A (en) | Service log processing method, device and system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |