CN115460001A - Computer-based cluster mailbox file virus checking and killing method - Google Patents
Computer-based cluster mailbox file virus checking and killing method Download PDFInfo
- Publication number
- CN115460001A CN115460001A CN202211107684.6A CN202211107684A CN115460001A CN 115460001 A CN115460001 A CN 115460001A CN 202211107684 A CN202211107684 A CN 202211107684A CN 115460001 A CN115460001 A CN 115460001A
- Authority
- CN
- China
- Prior art keywords
- file
- data
- virus
- cluster mailbox
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/145—Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Virology (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Information Transfer Between Computers (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention provides a computer-based cluster mailbox file virus checking and killing method, which is characterized in that an independent data storage space composition file receiving space is defined in a cluster mailbox terminal and is used for temporarily storing mail files subjected to file attribute calibration; generating a corresponding mail file queue according to the file attributes, sequentially acquiring data verification information of each mail file, and performing virus checking and killing on each mail file; and finally, classifying and packaging the mail files according to the attachment state information of the mail files which finish virus searching and killing, sending the mail files to different receiving folders of the cluster mailbox terminal, and generating a cluster mailbox file receiving reminding message, so that the mail files received by the cluster mailbox terminal can be searched and killed by viruses in an independent storage space, thereby effectively avoiding the viruses from spreading and spreading through the cluster mailbox terminal and improving the virus searching and killing efficiency and accuracy.
Description
Technical Field
The invention relates to the technical field of mailbox file management, in particular to a cluster mailbox file virus searching and killing method based on a computer.
Background
The computer is usually provided with a cluster mailbox terminal for performing centralized management on mailboxes registered by the user on different internet platforms, so that the user can conveniently perform unified management on all mailboxes at the same application port. The cluster mailbox end of the computer can realize real-time management of sending and receiving mails of different mailboxes. At present, computer viruses are generally spread in a mail mode, and virus searching and killing processing needs to be carried out on mail files in order to avoid spreading of the computer viruses in the process of sending and receiving mails by a computer. The existing virus checking and killing can only perform simple virus scanning on each mail file, occupy more memory resources in the scanning process, cannot perform rapid and comprehensive virus scanning on massive mails in a cluster mailbox end, and can reduce the operating efficiency of a computer.
Disclosure of Invention
Aiming at the defects in the prior art, the invention provides a computer-based cluster mailbox file virus checking and killing method, which is characterized in that an independent data storage space is defined in a cluster mailbox end to serve as a text file receiving space for temporarily storing mail files subjected to file attribute calibration; generating a corresponding mail file queue according to the file attributes, sequentially acquiring data verification information of each mail file, and performing virus checking and killing on each mail file; and finally, according to the attachment state information of the mail file which completes virus check and killing, classifying and packaging the mail file and sending the mail file to different receiving folders of a cluster mailbox end, and generating a cluster mailbox file receiving reminding message, so that the mail file received by the cluster mailbox end can be checked and killed by the virus in an independent storage space, the condition that the user directly opens the mail file at the cluster mailbox end to cause virus diffusion and propagation is avoided, and the mail data of the mail file is comprehensively scanned by the virus, and the occupancy rate of computer memory resources is small in the scanning process, so that the virus is effectively prevented from being diffused and propagated through the cluster mailbox end, and the virus check and killing efficiency and accuracy are improved.
The invention provides a computer-based cluster mailbox file virus checking and killing method, which comprises the following steps:
step S1, according to the current file data storage state of a cluster mailbox terminal of a computer, an independent data storage space is defined from the cluster mailbox terminal to serve as a file receiving space; when the cluster mailbox terminal enters a file receiving state, marking the file attribute of a received mail file and temporarily storing the mail file in the file receiving space;
s2, converting all mail files into mail file queues according to the file attributes obtained by calibration; sequentially acquiring data verification information of each mail file from the mail file queue, and performing virus checking and killing on each mail file according to the data verification information;
s3, classifying and packaging the mail files according to the attachment state information of the mail files which are subjected to virus searching and killing, and sending the mail files to different receiving folders of a cluster mailbox end; and generating a corresponding cluster mailbox file receiving reminding message according to the file receiving state of each receiving folder.
Further, in step S1, according to the current file data storage state of the cluster mailbox of the computer, defining an independent data storage space from the cluster mailbox as a file receiving space specifically includes:
acquiring a current file data storage bit value of a cluster mailbox end of a computer;
if the file data storage bit value is larger than or equal to the preset data bit value, deleting all the read mail files in the cluster mailbox terminal, and then delimiting an independent data storage space with a preset size from the cluster mailbox terminal as a file receiving space;
and if the file data storage bit value is smaller than the preset data bit value, deleting the read mail file in the preset historical time period in the cluster mailbox terminal, and then dividing an independent data storage space with a preset size from the cluster mailbox terminal to serve as a file receiving space.
Further, in step S1, when the cluster mailbox enters the file receiving state, temporarily storing the received mail file after calibrating the file attribute in the file receiving space specifically includes:
when the cluster mailbox terminal is opened on a front-end interface of the computer, indicating the cluster mailbox terminal to enter a file receiving state;
the method comprises the steps of obtaining mail sending source address information of mail files received by a cluster mailbox terminal, calibrating the file emergency level of each mail file according to the mail sending source address information, and temporarily storing the calibrated mail files in a file receiving space.
Further, in step S2, converting all the mail files into a mail file queue according to the file attributes obtained by calibration specifically includes:
and arranging and converting all the mail files into a mail file queue according to the sequence of the file urgency level of each mail file from high to low.
Further, in the step S2, sequentially obtaining the data verification information of each mail file from the mail file queue, and then performing virus checking and killing on each mail file according to the data verification information specifically includes:
sequentially acquiring data verification codes given by a cluster mailbox end in the sending process of each mail file from the mail file queue;
according to the data check code, checking each mail data contained in the mail file to obtain a virus state corresponding to each mail data;
and determining the frequency of virus checking and killing on the mail data according to the virus state of the mail data, thereby checking and killing the virus on the corresponding mail file.
Further, in the step S2, the sequentially obtaining, from the mail file queue, the data check code assigned to each mail file at the cluster mailbox end in the sending process specifically includes:
sequentially acquiring data check codes given by a cluster mailbox end in the sending process of each mail file from the mail file queue by using the following formula (1),
M(i)={[S(i)] 10 ,sum[S(i)],len[S(i)]} (1)
in the formula (1), M (i) represents a data check code given by the cluster mailbox end during the sending process of the ith mail data of each mail file; s (i) represents a binary form corresponding to the ith mail data of each mail file in the sending process; sum [ 2 ]]Means for summing each binary character of the binary data in the parenthesis; [] 10 Indicating that the data in the parentheses is converted into decimal data; len [ 2 ]]The binary character digit of binary data in brackets is obtained;
the data check code is in array form, and M (i) [1 ]]=[S(i)] 10 ,M(i)[2]=sum[S(i)],M(i)[3]=len[S(i)];
In the step S2, each mail data included in the mail file is verified according to the data verification code to determine corresponding unqualified mail data; then, the step of determining the virus state corresponding to the unqualified mail data specifically comprises the following steps:
using the following formula (2), according to the data check code, checking each mail data contained in the mail file, and according to the virus state corresponding to each mail data,
L t (i)={F{[S t (i)] 10 -M(i)[2]}<<2}+F{sum[S t (i)]-M(i)[1]}<<1}+F{len[S t (i)]-M(i)[3] (2)
in the above formula (2), L t (i) A virus state judgment value corresponding to the ith mail data contained in the mail file at the current time is represented; t represents the current time; s. the t (i) The current moment is represented, according to the data check code, each mail data contained in the mail file is checked, and a binary form corresponding to each mail data is adopted;<<representing a left shift operation; f { } represents a normalization function, and when the value in the parentheses is not equal to 0, the function value of the normalization function is 1, and when the value in the parentheses is equal to 0, the function value of the normalization function is 0;
if L is t (i) =000, the i-th mail number contained in the mail fileAccording to the absence of virus;
if L is t (i) If the mail file contains i-th mail data, a first type of virus exists, wherein x represents that the variable value is 0 or 1;
if L is t (i) If the mail file contains i-th mail data, the second type of virus exists, and if the mail file contains i-th mail data, the second type of virus exists;
if L is t (i) =110, the third type virus exists in the ith mail data contained in the mail file;
moreover, the damage degree of the first type of virus, the second type of virus and the third type of virus to the mail data is increased in sequence;
in step S2, determining a frequency of virus searching and killing on the mail data according to the virus state of the mail data, so that the virus searching and killing on the corresponding mail file specifically includes:
determining the frequency of virus killing of the mail data according to the virus state of the mail data by using the following formula (3),
in the above formula (3), f (t) represents the frequency of virus searching and killing of mail data at the current time t; f (T-T) represents the frequency of virus killing of the mail data at the time T-T; t represents the shortest time required for virus killing of the mail data; n represents the total number of mail data contained in the mail file.
Further, in step S3, according to the attachment status information of the mail file that completes virus searching and killing, classifying and packaging the mail file, and sending the mail file to different receiving folders of the cluster mailbox specifically includes:
determining whether the mail file which finishes virus killing contains an attachment file; dividing the mail files containing the attachment files into a first class of mail files, and dividing the mail files not containing the attachment files into a second class of mail files;
and respectively packaging all the first class mail files and all the second class mail files to form a first mail file compression package and a second mail file compression package, and respectively sending the first mail file compression package and the second mail file compression package to different receiving folders of a cluster mailbox terminal.
Further, in the step S3, generating a corresponding group mailbox file reception reminding message according to the file reception status of each receiving folder specifically includes:
and when the receiving folder receives the first mail file compression packet or the second mail file compression packet, generating a corresponding cluster mailbox file receiving reminding message in a task bar of the computer.
Compared with the prior art, the virus checking and killing method for the cluster mailbox file of the computer has the advantages that an independent data storage space composition file receiving space is defined in a cluster mailbox terminal and is used for temporarily storing the mail file subjected to file attribute calibration; generating a corresponding mail file queue according to the file attributes, sequentially acquiring data verification information of each mail file, and performing virus checking and killing on each mail file; and finally, according to the attachment state information of the mail file which completes virus check and killing, classifying and packaging the mail file and sending the mail file to different receiving folders of a cluster mailbox end, and generating a cluster mailbox file receiving reminding message, so that the mail file received by the cluster mailbox end can be checked and killed by the virus in an independent storage space, the condition that the user directly opens the mail file at the cluster mailbox end to cause virus diffusion and propagation is avoided, and the mail data of the mail file is comprehensively scanned by the virus, and the occupancy rate of computer memory resources is small in the scanning process, so that the virus is effectively prevented from being diffused and propagated through the cluster mailbox end, and the virus check and killing efficiency and accuracy are improved.
Additional features and advantages of the invention will be set forth in the description which follows, and in part will be obvious from the description, or may be learned by the practice of the invention. The objectives and other advantages of the invention will be realized and attained by the structure particularly pointed out in the written description and claims hereof as well as the appended drawings.
The technical solution of the present invention is further described in detail by the accompanying drawings and embodiments.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
Fig. 1 is a schematic flow chart of a computer-based cluster mailbox file virus searching and killing method provided by the invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be obtained by a person skilled in the art without inventive step based on the embodiments of the present invention, are within the scope of protection of the present invention.
Fig. 1 is a schematic flowchart of a method for searching and killing viruses in a cluster mailbox file according to an embodiment of the present invention. The virus searching and killing method for the cluster mailbox file of the computer comprises the following steps of:
step S1, according to the current file data storage state of a cluster mailbox end of a computer, an independent data storage space is defined from the cluster mailbox end to serve as a file receiving space; when the cluster mailbox terminal enters a file receiving state, marking the file attribute of a received mail file and temporarily storing the mail file in the file receiving space;
s2, converting all mail files into mail file queues according to the file attributes obtained by calibration; sequentially acquiring data verification information of each mail file from the mail file queue, and performing virus checking and killing on each mail file according to the data verification information;
s3, classifying and packaging the mail files according to the attachment state information of the mail files which are subjected to virus searching and killing, and sending the mail files to different receiving folders of a cluster mailbox end; and generating a corresponding cluster mailbox file receiving reminding message according to the file receiving state of each receiving folder.
The beneficial effects of the above technical scheme are: the computer-based cluster mailbox file virus checking and killing method is used for defining an independent data storage space as a composition file receiving space in a cluster mailbox terminal and temporarily storing mail files subjected to file attribute calibration; generating a corresponding mail file queue according to the file attributes, sequentially acquiring data verification information of each mail file, and performing virus checking and killing on each mail file; and finally, according to the attachment state information of the mail file which completes virus check and killing, classifying and packaging the mail file and sending the mail file to different receiving folders of a cluster mailbox end, and generating a cluster mailbox file receiving reminding message, so that the mail file received by the cluster mailbox end can be checked and killed by the virus in an independent storage space, the condition that the user directly opens the mail file at the cluster mailbox end to cause virus diffusion and propagation is avoided, and the mail data of the mail file is comprehensively scanned by the virus, and the occupancy rate of computer memory resources is small in the scanning process, so that the virus is effectively prevented from being diffused and propagated through the cluster mailbox end, and the virus check and killing efficiency and accuracy are improved.
Preferably, in step S1, according to the current file data storage state of the cluster mailbox of the computer, defining an independent data storage space from the cluster mailbox as a file receiving space specifically includes:
acquiring a current file data storage bit value of a cluster mailbox end of a computer;
if the file data storage bit value is larger than or equal to the preset data bit value, deleting all read mail files in the cluster mailbox terminal, and then dividing an independent data storage space with a preset size from the cluster mailbox terminal to serve as a file receiving space;
and if the file data storage bit value is smaller than the preset data bit value, deleting the read mail file in the preset historical time period in the cluster mailbox terminal, and then dividing an independent data storage space with a preset size from the cluster mailbox terminal to serve as a file receiving space.
The beneficial effects of the above technical scheme are: and the cluster mailbox end is connected with different mailbox accounts and is used for uniformly managing the different mailbox accounts. And the cluster mailbox terminal is used for storing and managing the mail files received by all the mailbox accounts. The method comprises the steps of obtaining a current file data storage bit value of a cluster mailbox end of a computer, comparing the current file data storage bit value with a preset data bit value, and adaptively deleting a read mail file in the cluster mailbox end according to a comparison result to reserve and define an independent data storage space with a preset size as a file receiving space, so that the cluster mailbox end can independently store and process the received mail file to avoid spreading potential viruses of the mail file to other data storage spaces.
Preferably, in step S1, when the cluster mailbox enters the file receiving state, the marking the file attribute of the received mail file and temporarily storing the file attribute in the file receiving space specifically includes:
when the cluster mailbox terminal is opened on a front-end interface of the computer, indicating the cluster mailbox terminal to enter a file receiving state;
acquiring mail sending source address information of the mail files received by the cluster mailbox terminal, calibrating the file emergency level of each mail file according to the mail sending source address information, and temporarily storing the calibrated mail files in the file receiving space.
The beneficial effects of the above technical scheme are: when the cluster mailbox end is opened on the front end interface of the computer, the cluster mailbox end is connected with different mailbox platforms through the internet, and at the moment, the cluster mailbox end enters a file receiving state and receives mail files from different mailbox platforms. Acquiring mail sending source address information of a mail file received by a cluster mailbox terminal, and matching the mail sending source address information with a preset mail sending source address-mail file emergency mapping relation table to mark the file emergency level of each mail file, thereby determining that each mail file carries out file attribute marking.
Preferably, in step S2, converting all the mail files into a mail file queue according to the file attributes obtained by calibration specifically includes:
and arranging and converting all the mail files into a mail file queue according to the sequence of the file urgency level of each mail file from high to low.
The beneficial effects of the above technical scheme are: and arranging all the mail files according to the sequence of the file emergency level of each mail file from high to low to generate a corresponding mail file queue, thereby facilitating virus searching and killing of different mail files in time in the follow-up process.
Preferably, in step S2, the sequentially obtaining the data verification information of each mail file from the mail file queue, and then performing virus checking and killing on each mail file according to the data verification information specifically includes:
sequentially acquiring data check codes given by a cluster mailbox end in the sending process of each mail file from the mail file queue;
according to the data check code, checking each mail data contained in the mail file to obtain a virus state corresponding to each mail data;
and determining the virus searching and killing frequency of the mail data according to the virus state of the mail data, so as to search and kill the virus of the corresponding mail file.
The beneficial effects of the above technical scheme are: corresponding data check codes are given to the corresponding cluster mailbox ends in the sending process of the mail files, and the data check codes are used for carrying out initialization calibration on the mail data in the mail files, so that each piece of mail data contained in the mail files can be conveniently checked subsequently to determine whether the mail data belong to suspected unqualified data or not; and then virus searching and killing with specific frequency is carried out on the suspected unqualified data, so that the virus searching and killing accuracy and efficiency of the mail file are improved.
Preferably, in step S2, the sequentially obtaining, from the mail file queue, the data check code assigned to the cluster mailbox end in the sending process of each mail file specifically includes:
using the following formula (1), sequentially obtaining the data check code given by the cluster mailbox end in the sending process of each mail file from the mail file queue,
M(i)={[S(i)] 10 ,sum[S(i)],len[S(i)]} (1)
in the formula (1), M (i) represents a data check code given by the cluster mailbox end during the sending process of the ith mail data of each mail file; s (i) represents a binary form corresponding to the ith mail data of each mail file in the sending process; sum [ 2 ]]Means for summing each binary character of the binary data in the parenthesis; [] 10 Indicating that the data in the brackets is converted into decimal data; len [ 2 ]]The binary character digit of binary data in brackets is obtained;
the data check code is in array form, and M (i) [1 ]]=[S(i)] 10 ,M(i)[2]=sum[S(i)],M(i)[3]=len[S(i)];
In the step S2, each piece of mail data included in the mail file is verified according to the data verification code to determine corresponding unqualified mail data; then, the determining of the virus state corresponding to the unqualified mail data specifically comprises the following steps:
using the following formula (2), according to the data check code, checking each mail data contained in the mail file, and according to the virus state corresponding to each mail data,
L t (i)={F{[S t (i)] 10 -M(i)[2]}<<2}+F{sum[S t (i)]-M(i)[1]}<<1}+F{len[S t (i)]-M(i)[3] (2)
in the above formula (2), L t (i) A virus state judgment value corresponding to the ith mail data contained in the mail file at the current time is represented; t represents the current time; s t (i) Indicating that the current moment verifies each mail data contained in the mail file according to the data verification code in a binary form corresponding to each mail data;<<representing a left shift operation; f { } represents a normalization function, when the value in the parentheses is not equal to 0, the function value of the normalization function is 1, and when the value in the parentheses is equal to 0, the function value of the normalization function is 0;
if L is t (i) If not less than 000, the mail file packageThe ith mail data does not contain viruses;
if L is t (i) If the mail file contains i-th mail data, a first type of virus exists, wherein x represents that the variable value is 0 or 1;
if L is t (i) =100, the second type of virus exists in the ith mail data contained in the mail file;
if L is t (i) =110, then the third virus exists in the ith mail data contained in the mail file;
moreover, the damage degree of the first type of virus, the second type of virus and the third type of virus to the mail data is increased in sequence;
in step S2, determining a frequency of virus searching and killing on the mail data according to the virus state of the mail data, so that the virus searching and killing on the corresponding mail file specifically includes:
determining the frequency of virus killing of the mail data according to the virus state of the mail data by using the following formula (3),
in the above formula (3), f (t) represents the frequency of virus killing of the mail data at the current time t; f (T-T) represents the frequency of virus killing of the mail data at the time T-T; t represents the shortest time required for virus killing of the mail data; n represents the total number of mail data contained in the mail file.
The beneficial effects of the above technical scheme are: sequentially acquiring a data check code given by a cluster mailbox end in the sending process of each mail file from the mail file queue by using the formula (1), and further acquiring the data check code when the mail data is not invaded by viruses, thereby ensuring the accuracy of later virus searching and killing and the accuracy of data searching and killing; then, the suspected unqualified data is found by using the formula (2), the virus type of the suspected unqualified data is confirmed, and the virus positioning virus type is confirmed, so that the virus is searched and killed in a targeted manner, and meanwhile, the independent virus searching and killing are carried out on the adjacent data for searching and killing the virus, so that the virus is prevented from further spreading; and finally, controlling the virus checking and killing frequency according to the number of the checked and killed mail data and the virus state by using the formula (3), so that the checking and killing frequency is controlled according to the virus state and the number of infected viruses, and further, when the viruses are more and the viruses are more complicated, the checking and killing frequency is increased, and the virus data destruction is ensured.
Preferably, in step S3, according to the attachment status information of the mail file that completes virus killing, classifying and packaging the mail file, and sending the mail file to different receiving folders of the cluster mailbox specifically includes:
determining whether the mail file which finishes virus killing contains an attachment file; dividing the mail files containing the attachment files into first class mail files, and dividing the mail files not containing the attachment files into second class mail files;
and respectively packaging all the first class mail files and all the second class mail files to form a first mail file compression package and a second mail file compression package, and respectively sending the first mail file compression package and the second mail file compression package to different receiving folders of a cluster mailbox terminal.
The beneficial effects of the above technical scheme are: after the mail file finishes virus checking and killing, whether the mail file contains the attachment file or not is determined, and the mail file containing the attachment file and the mail file not containing the attachment file are compressed and packaged, so that the mail file is conveniently classified and sent to different receiving folders, and a user can effectively and quickly check the mail file.
Preferably, in step S3, generating a corresponding cluster mailbox file reception reminding message according to the file reception status of each receiving folder specifically includes:
and when the receiving folder receives the first mail file compressed package or the second mail file compressed package, generating a corresponding cluster mailbox file receiving reminding message in a task bar of the computer.
The beneficial effects of the above technical scheme are: when the receiving folder receives the first mail file compressed packet or the second mail file compressed packet, a corresponding cluster mailbox file receiving reminding message is generated in a task bar of the computer, so that a user can timely obtain a receiving live scene of a cluster mailbox end and improve the mail file processing efficiency of the cluster mailbox end.
As can be seen from the content of the above embodiment, the computer-based cluster mailbox file virus searching and killing method defines an independent data storage space as a text file receiving space in a cluster mailbox for temporarily storing mail files subjected to file attribute calibration; generating a corresponding mail file queue according to the file attributes, sequentially acquiring data verification information of each mail file, and performing virus checking and killing on each mail file; and finally, according to the attachment state information of the mail file which completes virus check and killing, classifying and packaging the mail file and sending the mail file to different receiving folders of a cluster mailbox end, and generating a cluster mailbox file receiving reminding message, so that the mail file received by the cluster mailbox end can be checked and killed by the virus in an independent storage space, the condition that the user directly opens the mail file at the cluster mailbox end to cause virus diffusion and propagation is avoided, and the mail data of the mail file is comprehensively scanned by the virus, and the occupancy rate of computer memory resources is small in the scanning process, so that the virus is effectively prevented from being diffused and propagated through the cluster mailbox end, and the virus check and killing efficiency and accuracy are improved.
It will be apparent to those skilled in the art that various changes and modifications may be made in the present invention without departing from the spirit and scope of the invention. Thus, if such modifications and variations of the present invention fall within the scope of the claims of the present invention and their equivalents, the present invention is also intended to include such modifications and variations.
Claims (8)
1. A cluster mailbox file virus checking and killing method based on a computer is characterized by comprising the following steps:
step S1, according to the current file data storage state of a cluster mailbox terminal of a computer, an independent data storage space is defined from the cluster mailbox terminal to serve as a file receiving space; when the cluster mailbox terminal enters a file receiving state, marking the file attribute of a received mail file and temporarily storing the file attribute in the file receiving space;
s2, converting all mail files into mail file queues according to the file attributes obtained by calibration; sequentially acquiring data verification information of each mail file from the mail file queue, and performing virus checking and killing on each mail file according to the data verification information;
s3, classifying and packaging the mail files according to the attachment state information of the mail files subjected to virus searching and killing, and sending the mail files to different receiving folders of a cluster mailbox end; and generating a corresponding cluster mailbox file receiving reminding message according to the file receiving state of each receiving folder.
2. The computer-based cluster mailbox file virus searching and killing method as recited in claim 1, wherein:
in step S1, according to the current file data storage state of the cluster mailbox of the computer, defining an independent data storage space from the cluster mailbox as a file receiving space specifically includes: acquiring a current file data storage bit value of a cluster mailbox end of a computer;
if the file data storage bit value is larger than or equal to the preset data bit value, deleting all read mail files in the cluster mailbox terminal, and then dividing an independent data storage space with a preset size from the cluster mailbox terminal to serve as a file receiving space;
and if the file data storage bit value is smaller than the preset data bit value, deleting the read mail file in the cluster mailbox end within the preset historical time period, and then delimiting an independent data storage space with a preset size from the cluster mailbox end as a file receiving space.
3. The computer-based cluster mailbox file virus checking and killing method as claimed in claim 2, characterized in that:
in the step S1, when the cluster mailbox enters the file receiving state, calibrating the file attribute of the received mail file and temporarily storing the file attribute in the file receiving space specifically includes:
when the cluster mailbox terminal is opened on a front-end interface of the computer, indicating the cluster mailbox terminal to enter a file receiving state;
acquiring mail sending source address information of mail files received by a cluster mailbox terminal, calibrating the file emergency level of each mail file according to the mail sending source address information, and temporarily storing the calibrated mail files in the file receiving space.
4. The computer-based cluster mailbox file virus checking and killing method of claim 3, wherein:
in step S2, converting all the mail files into a mail file queue according to the file attributes obtained by calibration specifically includes:
and arranging and converting all the mail files into a mail file queue according to the file urgency level of each mail file from high to low.
5. The computer-based cluster mailbox file virus searching and killing method of claim 4, wherein:
in step S2, sequentially obtaining data verification information of each mail file from the mail file queue, and performing virus killing on each mail file according to the data verification information specifically includes:
sequentially acquiring data verification codes given by a cluster mailbox end in the sending process of each mail file from the mail file queue;
according to the data check code, checking each mail data contained in the mail file to obtain a virus state corresponding to each mail data;
and determining the virus searching and killing frequency of the mail data according to the virus state of the mail data, so as to search and kill the virus of the corresponding mail file.
6. The computer-based cluster mailbox file virus checking and killing method of claim 5, wherein:
in step S2, sequentially obtaining the data check code assigned to the cluster mailbox end in the sending process of each email file from the email file queue specifically includes:
sequentially acquiring a data check code given by a cluster mailbox end in the sending process of each mail file from the mail file queue by using the following formula (1),
M(i)={[S(i)] 10 ,sum[S(i)],len[S(i)]} (1)
in the formula (1), M (i) represents a data check code given by the cluster mailbox end during sending the ith mail data of each mail file; s (i) represents a binary form corresponding to the ith mail data of each mail file in the sending process; sum [ 2 ]]Means for summing each binary character of the binary data in the parenthesis; [] 10 Indicating that the data in the brackets is converted into decimal data; len [ 2 ]]The binary character digit of binary data in brackets is obtained; the data check code is in array form, and M (i) [1]=[S(i)] 10 ,M(i)[2]=sum[S(i)],M(i)[3]=len[S(i)];
In the step S2, each mail data included in the mail file is checked according to the data check code to determine corresponding unqualified mail data; then, the step of determining the virus state corresponding to the unqualified mail data specifically comprises the following steps:
using the following formula (2), according to the data check code, checking each mail data contained in the mail file, and according to the virus state corresponding to each mail data,
L t (i)={F{[S t (i)] 10 -M(i)[2]}<<2}+F{sum[S t (i)]-M(i)[1]}<<1}+F{len[S t (i)]-M(i)[3] (2)
in the above formula (2), L t (i) A virus state judgment value corresponding to the ith mail data contained in the mail file at the current time is represented; t represents the current time; s. the t (i) The current moment is represented, according to the data check code, each mail data contained in the mail file is checked, and a binary form corresponding to each mail data is adopted;<<indicating a shift left operation; f { } denotes the normalization function, when the bracketIf the value in the parentheses is not equal to 0, the function value of the normalization function is 1, and if the value in the parentheses is equal to 0, the function value of the normalization function is 0;
if L is t (i) =000, the i-th mail data contained in the mail file has no virus;
if L is t (i) If the mail file contains i-th mail data, a first type of virus exists, wherein x represents that the variable value is 0 or 1;
if L is t (i) If the mail file contains i-th mail data, the second type of virus exists, and if the mail file contains i-th mail data, the second type of virus exists;
if L is t (i) =110, the third type virus exists in the ith mail data contained in the mail file;
moreover, the damage degree of the first type of virus, the second type of virus and the third type of virus to the mail data is increased in sequence;
in step S2, determining a frequency of virus searching and killing on the mail data according to the virus state of the mail data, so that the virus searching and killing on the corresponding mail file specifically includes:
determining the frequency of virus checking and killing of the mail data according to the virus state of the mail data by using the following formula (3),
in the above formula (3), f (t) represents the frequency of virus killing of the mail data at the current time t; f (T-T) represents the frequency of virus killing of the mail data at the time T-T; t represents the shortest time required for virus killing of the mail data; n represents the total number of mail data contained in the mail file.
7. The computer-based cluster mailbox file virus checking and killing method of claim 1, wherein:
in step S3, according to the attachment status information of the mail file that completes virus searching and killing, classifying and packaging the mail file, and sending the mail file to different receiving folders of the cluster mailbox specifically include: determining whether the mail files subjected to virus killing contain attachment files; dividing the mail files containing the attachment files into first class mail files, and dividing the mail files not containing the attachment files into second class mail files;
and respectively packaging all the first class mail files and all the second class mail files to form a first mail file compression package and a second mail file compression package, and respectively sending the first mail file compression package and the second mail file compression package to different receiving folders of a cluster mailbox terminal.
8. The computer-based cluster mailbox file virus checking and killing method of claim 7, wherein:
in the step S3, generating a corresponding group mailbox file reception reminding message according to the file reception status of each receiving folder specifically includes:
and when the receiving folder receives the first mail file compressed package or the second mail file compressed package, generating a corresponding cluster mailbox file receiving reminding message in a task bar of the computer.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211107684.6A CN115460001A (en) | 2022-09-13 | 2022-09-13 | Computer-based cluster mailbox file virus checking and killing method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211107684.6A CN115460001A (en) | 2022-09-13 | 2022-09-13 | Computer-based cluster mailbox file virus checking and killing method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN115460001A true CN115460001A (en) | 2022-12-09 |
Family
ID=84303980
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211107684.6A Pending CN115460001A (en) | 2022-09-13 | 2022-09-13 | Computer-based cluster mailbox file virus checking and killing method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115460001A (en) |
-
2022
- 2022-09-13 CN CN202211107684.6A patent/CN115460001A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US8131685B1 (en) | Duplicate account identification and scoring | |
| US8549642B2 (en) | Method and system for using spam e-mail honeypots to identify potential malware containing e-mails | |
| US7930547B2 (en) | High accuracy bloom filter using partitioned hashing | |
| US7930516B1 (en) | Linked list traversal with reduced memory accesses | |
| RU2474970C1 (en) | Method and apparatus for blocking spam | |
| CN110191428B (en) | Data distribution method based on intelligent cloud platform | |
| US20050071432A1 (en) | Probabilistic email intrusion identification methods and systems | |
| EP3931777A1 (en) | Method and system for analyzing electronic communications and customer information to recognize and mitigate message-based attacks | |
| US20050120019A1 (en) | Method and apparatus for the automatic identification of unsolicited e-mail messages (SPAM) | |
| US20130246378A1 (en) | Partial hash system, method, and computer program product | |
| US11539726B2 (en) | System and method for generating heuristic rules for identifying spam emails based on fields in headers of emails | |
| KR20010016276A (en) | Method and system for processing e-mail with an anonymous receiver | |
| CA2512821A1 (en) | Adaptive junk message filtering system | |
| CN109542857B (en) | Audit log storage method, audit log query method, audit log storage device, audit log query device and related equipment | |
| CN101141416A (en) | Real-time rubbish mail filtering method and system used for transmission influx stage | |
| CN110135590B (en) | Information processing method, information processing apparatus, information processing medium, and electronic device | |
| CN104333483A (en) | Identification method, system and identification device for internet application flow | |
| CN104333461A (en) | Identification method, system and identification device for internet application flow | |
| WO2023273218A1 (en) | Json packet checking method and json packet checking apparatus | |
| WO2010037292A1 (en) | Method and system for determining suspicious spam range | |
| US20060075099A1 (en) | Automatic elimination of viruses and spam | |
| CN115460001A (en) | Computer-based cluster mailbox file virus checking and killing method | |
| CN110784553B (en) | Message encapsulation method, device and domain name resolution system | |
| WO2014191769A1 (en) | List hygiene tool | |
| CN114760119B (en) | Phishing mail attack detection method, device and system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |