JP2008199261A - E-mail repeater, e-mail repeating method, and program - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide an e-mail repeater which is capable of effectively excluding spam mail without changing or invalidating a main address. <P>SOLUTION: A main address 111 and a sub-address 112 are registered in a profile box 110. The sub-address 112 is constituted by combining a key 113 and the main address 111. When e-mail is transmitted to a relay server 100, its envelope part is received by an MTA (Mail Transfer Agent) 106. The MTA 106 determines which of the main address and the sub-address the e-mail is addressed to, on the basis of a transmission destination address of the envelope part. When it is addressed to the main address, relay permission determination processing (S5) is performed, and the data part of the permitted e-mail is received and is transferred to a mail server (S7). <P>COPYRIGHT: (C)2008,JPO&INPIT

Description

  The present invention relates to an e-mail relay apparatus and an e-mail relay method for receiving an e-mail transmitted to the e-mail address and transferring it to a predetermined device when a plurality of e-mail addresses are registered per user. In particular, the present invention relates to a program applied to an electronic mail relay device, and particularly to a process for restricting reception of spam mail (spam mail).

  With the development of communication networks represented by the Internet, the number of users of e-mail is increasing. In recent years, with the spread of electronic mail, a huge amount of spam mail has been distributed, which has become a major social problem. Spam mail is an e-mail in which advertisements, solicitations, links to paid contents, and the like are described, and an unspecified number of e-mail addresses (hereinafter referred to as “mail addresses” or simply “addresses”). ) Is unilaterally delivered to the destination.

  Even spam mail is distributed using an e-mail system in the same way as normal e-mail. Therefore, it is necessary for the spam mail distributor to acquire the mail address of the transmission destination in advance. In general, a spam mail distributor regularly visits a website on the Internet using software called an address collection robot, and automatically acquires a mail address disclosed on the website. Therefore, in order to prevent the recipient from being damaged by the spam mail, it is considered that the best method is not to disclose the mail address to a website or the like.

  However, in recent years when various commercial transactions are frequently performed via the Internet, when using online services such as online shopping, e-mail magazines and sweepstakes sites, e-mail addresses are set up with business partners via Web sites. Including personal information exchange. Under such circumstances, there is a possibility that the email address of the user who uses the net service is collected by the address collecting robot. Of course, personal information such as e-mail addresses will not be easily leaked if the website has sufficient security measures, but personal information will be leaked illegally by the administrator of personal information, and spam mail will be distributed. It may be passed to a person. In addition, the user himself / herself may easily disclose the e-mail address on an electronic bulletin board, homepage, blog site, or the like. Once an e-mail address is registered in the spam e-mail distribution address list, there is no other way to change the e-mail address in order to escape from the damage of spam e-mail. Various filter tools are provided by Internet connection providers (providers) as countermeasures against spam emails, but even if the filter tools can reduce spam emails, it is not possible to completely eliminate spam emails. Can not.

  Incidentally, as described in Patent Document 1, Non-Patent Document 1, and Non-Patent Document 2, in addition to a mail address (hereinafter referred to as “main address”) composed of a user ID and a domain name, spam mail ( As a countermeasure against spam mail, there is known a service for giving a user an e-mail address (hereinafter referred to as “sub-address”) composed of a character string with an arbitrary keyword added to a user ID and a domain name. The main address and the sub address are registered in association with each other, so that mail can be received by the same account regardless of which address is delivered. In this service, the user can arbitrarily add and delete subaddresses. Therefore, for example, if the main address is concealed and the sub address is used for disclosure, even if spam mail is sent to the sub address, it is possible to eliminate the spam mail if the sub address is deleted. It becomes.

JP 2006-323697 A Selectable address, [online], NEC Bigrobe Co., Ltd., February 1, 2007, Internet <URL: http://email.biglobe.ne.jp/tukaiwake/> Spam mail countermeasures, safety address, [online], Yahoo Japan Corporation, February 1, 2007, Internet <URL: http://antispam.yahoo.co.jp/tools.html>

  However, the measures described in the above-mentioned documents are not effective in a situation where spam mail has already been sent to the main address. In this case, changing or disabling the main address can eliminate spam mail, but there is a problem that it will not be possible to receive e-mail from the other party that has been handing out e-mails so far. .

  Therefore, the present invention has been made in view of the above circumstances, and an object of the present invention is an e-mail relay capable of effectively eliminating spam mail without changing or invalidating the main address. An apparatus, an e-mail relay method, and a program are provided.

  (1) The present invention is an electronic mail relay device that relays an electronic mail based on address information included in the electronic mail. The e-mail relay apparatus includes a main address set for each user, a sub-address in which predetermined additional information is added to the main address, a first storage unit in which the additional information is registered in advance, and the main address. Receiving means for receiving the first e-mail and the second e-mail addressed to the sub-address, and when receiving the e-mail by the receiving means, the e-mail is sent to the first e-mail based on the destination address of the e-mail. A first determination unit that determines whether the email is a single email or the second email; and transmission of the first email when the first determination unit determines that the email is the first email A second determination unit that determines whether or not to permit reception based on an original address; and the first determination by the reception unit when permitted by the second determination unit. Continue to receive email, comprising the interrupting reception-limiting means for the reception of the first e-mail by the receiving means when it is rejected by the second judging means.

  Thus, only the first e-mail addressed to the main address that is permitted by the second determining means is received, and malicious e-mail such as spam mail that is rejected by the second determining means is not received. This makes it possible to protect the electronic mail relay device from a large amount of spam mail. The second e-mail addressed to the sub address is received as before. The electronic mail received by the electronic mail relay device is then transferred to a predetermined device such as a mail server or a client terminal.

  (2) The reception means receives a first reception mode in which both the first electronic mail and the second electronic mail are received without restriction by the reception restriction means, and reception of the first electronic mail by the reception restriction means. And a second reception mode for restricting and receiving the second electronic mail without restriction.

  Since a plurality of reception modes are provided in this way, the user can select an arbitrary reception mode in accordance with the reception status of the e-mail. Thereby, a user's usability improves.

  (3) The first determination means determines whether or not the additional information is included in the transmission destination address of the electronic mail.

  Thereby, the 1st determination means can perform determination easily and correctly. In addition, the reliability of the determination result is increased.

  (4) The electronic mail relay apparatus further includes a second storage unit that stores a predetermined address list. In this case, the second determination means permits the reception of the first electronic mail when the transmission source address of the first electronic mail is included in the address list.

  In the address list, for example, the mail address of the other party who has been friendly to the e-mail so far is registered. When the first e-mail addressed to the main address is sent, it is determined by the second determination means whether the source address of the first e-mail is included in the address list. If the source address is included in the address list, it is determined that the e-mail is from the other party that has been handing over the e-mail until now, and reception of the first e-mail is permitted. Therefore, even if the subaddress is not notified to the transmission source, if the transmission source address is registered in the address list, the first electronic mail can be received as before.

  (5) The electronic mail relay device further includes address registration means for registering a source address of the second electronic mail received by the reception means in the first reception mode in the address list.

  This eliminates the need to manually register the sender's e-mail address to be permitted to be received in the address list.

  (6) The first storage means classifies and registers a plurality of additional information into at least a first type and a second type. In addition, the address registering means is provided only when the second electronic mail addressed to the subaddress including the additional information belonging to either the first class or the second class is received by the receiving means. The sender address of the mail is registered in the address list.

  Thus, if the sender who desires registration in the address list is notified of the sub-address having additional information belonging to any of the classes, the address of the sender is automatically registered in the address list.

  (7) The electronic mail relay device further includes additional information changing means for changing the additional information registered in the first storage means based on a predetermined rule.

  (8) The additional information changing means changes the additional information registered in the first storage means when a predetermined period has elapsed.

  According to this, since the additional information is automatically changed, the sub address is also automatically updated. Further, even if spam mail is delivered to the subaddress before the update, the subaddress is periodically updated, so that the trouble of updating the subaddress can be saved.

  (9) The additional information changing means changes the additional information registered in the first storage means when predetermined information is input from an information terminal connected to the apparatus.

  According to this, the user can set an arbitrary subaddress including arbitrary additional information.

  (10) When the second determination unit determines that the reception of the first electronic mail is rejected by the second determination unit, the electronic mail relay device is registered in the first storage unit to the transmission source address of the first electronic mail. In addition, the information processing apparatus further includes reply means for returning a message regarding reception rejection together with the additional information.

  Since such a message is automatically returned to the transmission source, it is possible to save the troublesome trouble of notifying the transmission source of a valid mail address.

  (11) The sub-address is preferably one in which the additional information is added to the end of the user ID of the main address.

  (12) The address information is information described in an envelope part of an e-mail.

  The e-mail data is composed of an envelope part and a data part. When sending and receiving e-mail, the information of the envelope part is first transferred and then the data part is sent and received. Therefore, if it is determined whether or not to receive an e-mail based on the address information included in the envelope section, the e-mail communication can be disconnected before the data section is received even if the reception is rejected. This reduces the burden on the electronic mail relay device.

  (13) The present invention can be understood as an e-mail relay method applied to an e-mail relay apparatus that relays the e-mail based on address information included in the e-mail. That is, a receiving step for receiving a first e-mail addressed to a main address registered in advance for each user and a second e-mail addressed to a sub-address in which predetermined additional information is added to the main address, and the above receiving step A first determination step of determining whether the email is the first email or the second email based on a destination address of the email when receiving the email; and the first A second determination step for determining whether or not reception is permitted based on a transmission source address of the first e-mail when the determination step determines that the e-mail is the first e-mail; and the second determination step The first e-mail is continuously received by the receiving step when it is permitted by the above-mentioned step, and when it is rejected by the second judging means The present invention may be regarded as an e-mail relay method comprising the interrupting reception-limiting step for the reception of the first e-mail by Shin step.

  (14) Further, the present invention can be understood as a program applied to an e-mail relay device that manages e-mail based on address information included in the e-mail. That is, a receiving step for receiving a first e-mail addressed to a main address registered in advance for each user and a second e-mail addressed to a sub-address in which predetermined additional information is added to the main address, and the above receiving step A first determination step of determining whether the email is the first email or the second email based on a destination address of the email when receiving the email; and the first A second determination step for determining whether or not reception is permitted based on a transmission source address of the first e-mail when the determination step determines that the e-mail is the first e-mail; and the second determination step The first e-mail is continuously received by the receiving step when it is permitted by the above-mentioned step, and when it is rejected by the second judging means The interrupting reception-limiting step for the reception of the first e-mail by Shin step may be regarded the present invention as a program to be executed by the electronic mail relay apparatus.

  According to the present invention, it is possible to effectively eliminate spam mail without changing or invalidating the main address.

  Hereinafter, a relay server 100 (an example of an electronic mail relay apparatus of the present invention) according to an embodiment of the present invention will be described with reference to the drawings as appropriate. FIG. 1 is a block diagram showing a configuration of a client server system (CSS: Client Server System) 10 including the relay server 100. FIG. 2 is a block diagram illustrating a configuration of the relay server 100.

  As shown in FIG. 1, the relay server 100 according to the present embodiment belongs to the CSS 10. As shown in the figure, the CSS 10 includes a client terminal 20 (an example of an information terminal of the present invention), a relay server 100, and a mail server 150 that form a computer network, and is connected via a network such as a LAN. Each said component is connected so that communication is possible. The CSS 10 is a mail server system constructed mainly to realize transmission / reception of electronic mail performed between the client terminal 20 and the external mail server 200. In the present embodiment, the main function of the relay server 100 is to determine whether or not the email transmitted from the external mail server 200 is a spam email based on the address information of the envelope portion of the email. If it is determined that there is an email, the SMTP session is closed before receiving the data portion of the email, and if it is determined that the email is normal, all email data is received and transferred to the mail server 150. It is in. Below, each structure of the client terminal 20, the mail server 150, and the relay server 100 which comprise CSS10 is demonstrated sequentially.

  The client terminal 20 is a computer (electronic computer) such as a personal computer, a PDA, or a mobile phone. The client terminal 20 is installed with e-mail software that enables transmission / reception of e-mail. The e-mail software communicates with the mail server 150 according to a protocol such as SMTP (Simple Mail Transfer Protocol), POP3 (Post Office Protocol 3), or IMAP (Internet Message Access Protocol) defined by RFC (Request For Comment). Software that sends and receives e-mail. In general, the e-mail software or a system that operates the e-mail software is called a MUA (Mail User Agent).

  A user who uses the CSS 10 is given in advance by an administrator of the CSS 10 an e-mail address necessary for sending and receiving e-mail with e-mail software. In the present embodiment, the administrator of the CSS 10 assigns a main address 111 and a sub address 112 (see FIG. 2) described later for each user. The user operates the client terminal 20 to access the mail server 150 with a mail account set and registered in advance, and through the mail server 150 or both the mail server 150 and the relay server 100, E-mail can be transmitted and received between terminals belonging to the inside or outside. In the present embodiment, the system design is such that all e-mails sent to the CSS 10 from outside the CSS 10 pass through the relay server 100. When e-mail passes through the relay server 100, spam mail is detected in the relay server 100, and invasion of spam mail into the CSS 10 is prevented. A processing procedure for eliminating spam mail will be described later.

  In addition, the user is authorized to access the relay server 100. The user can operate the client terminal 20 to access a setting screen (a key setting screen 33, a reception mode setting screen 36, etc.) described later provided by the relay server 100 through a password authentication procedure. Access from the client terminal 20 to the relay server 100 is performed according to HTTP (HyperText Transfer Protocol) through the Web browser of the client terminal 20, for example. In this case, the relay server 100 plays the role of a Web server. On the setting screen, the user can change a part of the user profile relating to the e-mail communication and the setting contents of the reception mode. In the present embodiment, a sub-address 112, a white list 115, which will be described later, a key 113, and the like are registered as profiles, and the contents can be arbitrarily changed by the user. The profile and the setting screen will be described later.

  The relay server 100 and the mail server 150 are information resources such as e-mails transmitted and received during e-mail communication and databases used during e-mail communication, and hardware resources such as modems and HDDs used for e-mail communication. It is a computer that manages intensively. The relay server 100 and the mail server 150 are connected by a LAN, and the relay server 100 is connected to the Internet 12. In this embodiment, for convenience of explanation, it is assumed that the domain name of the relay server 100 is set to “abc.co.jp” and the domain name of the mail server 200 is set to “xyz.com”.

  The mail server 150 is a server device that relays electronic mail between the relay server 100 and the client terminal 20 and accumulates electronic mail transmitted and received. The mail server 150 includes an MTA (Mail Transfer Agent) 154, a mail box, and the like. 155 and an MRA (Mail Retrieval Agent) 156. Hereinafter, each part of the mail server 150 will be briefly described.

  The mail box 155 is an area for temporarily storing and storing e-mails to be transmitted and received. The mail box 155 is assigned to each storage device such as an HDD for each user. A mail box 155 is provided for each user ID.

  The MRA 156 causes the email software stored in the mail box 155 to recognize the email software of the client terminal 20. That is, when there is a reception request from the mail software of the client terminal 20, the MRA 156 collates the user ID registered in association with the mail box 155 with the user account information, and as a result, the user ID is If they match, the e-mail in the mail box 155 is delivered to the client terminal 20. Representative examples of the MRA 156 include, for example, POP server software, IMAP server software, or a hardware system that operates these software.

  The MTA 154 transmits an electronic mail to a predetermined device according to the SMTP procedure, and is a part that plays the role of an SMTP server. Specifically, the MTA 154 transmits an e-mail to the external mail server 200 through the Internet 12 according to SMTP. Further, the MTA 154 receives an electronic mail sent from the MTA 106 described later according to SMTP. Note that an e-mail sent from the external mail server 200 to the CSS 10 is received by the MTA 106 described later.

  The MTA 154 has an MDA (Mail Delivery Agent) 153. The MDA 153 is responsible for sorting electronic mails sent from the MTA 106 and the client terminal 20 for each user ID and storing them in the corresponding mail box 155. As a typical example of the MDA 153, for example, software such as “mail.local”, “procmail”, “maildrop”, or a hardware system that operates these software corresponds.

  The relay server 100 receives an electronic mail transmitted to the relay server 100 and transfers it to the mail server 150 in the CSS 10. That is, the relay server 100 relays the transmitted electronic mail to the mail server 150.

Hereinafter, the configuration of the relay server 100 will be described in detail with reference to FIG.
The relay server 100 includes a main control unit 101, a profile box 110 which is an example of a first storage unit and a second storage unit of the present invention, and a reject box 120. The main control unit 101 includes an MTA 106, an address registration unit 102, a key change unit 103, and a setting screen display unit 103.

  The profile box 110 is a storage area in which a profile for each user (user information regarding electronic mail) is registered, and is assigned to each storage device such as an HDD. The reject box 120 is a storage area for storing e-mail data rejected by the MTA 106, and is assigned to a storage device such as an HDD.

  In the present embodiment, in addition to the main address 111, the sub address 112, the key (KEY) 113, the response message 114, the white list 115, and the black list 116, the setting contents of the reception mode that defines the e-mail reception rule are stored in the profile box 110. Is stored as a profile. Hereinafter, these terms will be briefly described.

  The main address 111 is an e-mail address (for example, “abc.co.jp”) including a user ID (for example, “hanako”) for identifying a user who uses the CSS 10 (see FIG. 1) and the domain name “abc.co.jp” of the relay server 100. hanako@abc.co.jp "). The user ID is made up of a unique character string set in advance for each user. The user ID is issued from the administrator of the CSS 10. The user ID is not issued with the intention of being arbitrarily changed by the user, and cannot be changed in principle. Therefore, the user cannot arbitrarily change the main address 111.

  The sub address 112 is a mail address configured by adding a key 113 to the main address 111. For example, if a key 113 consisting of a character string “main” is registered in the profile box 110 as additional information, the sub-address 112 is the user ID of the main address 111 (for example, “hanako@abc.co.jp”). This is an e-mail address (for example, “hanako-main@abc.co.jp”) with a key 113 “main” added to the end. When the key 113 is changed, the subaddress 112 is also changed. The subaddress 112 is registered in association with each other by a user ID common to the main address 111. Therefore, even if an e-mail addressed to any address is sent, when the e-mail is received, it is transferred to the mail server 150 and stored in the same mail box 155 (see FIG. 1) by the MDA 153 of the MTA 154. The

  In the present embodiment, a hyphen “-” is added between the user ID and the key 113 so that the user ID and the key 113 are separated and can be identified separately. Instead of the hyphen “-”, a dot “.” Or an underscore “_” may be used.

  The key 113 corresponds to the additional information of the present invention, and is one of identifiers for configuring the subaddress 112. This key 113 is set to be changed. For example, it can be arbitrarily changed by the user, or is automatically changed when a predetermined condition is satisfied. In the present embodiment, the keys 113 are classified into a monthly key 113A, a temporary key 113B, a white key 113C, and a public key 113D, and are registered in the profile box 110.

  The monthly key 113A is a key that is changed every time the month changes. This monthly key 113A is automatically changed based on a predetermined rule. Specifically, the monthly key 113A is changed in conjunction with the calendar function of the relay server 100. For example, as shown in Table 1, when keys (1 to 12) corresponding to all December from January to December are set and registered, the key corresponding to the month indicated by the calendar function is displayed in the current month. Set as an available key. For example, when the calendar function indicates “February”, the monthly key 113A available for the current month (ie, February) is “2”. In this case, the user can use the subaddress 112 “hanako-2@abc.co.jp” only during the current month. The user can arbitrarily change the monthly key 113A itself by accessing a key setting screen 33 (see FIG. 3) provided by the setting screen display unit 104 described later.

  The temporary key 113B is a key that is set and registered as a temporary use. For example, when using an online service such as online shopping, an e-mail magazine, or a prize site, when it becomes necessary to register an e-mail address on a website, a sub-address 112 composed of the temporary key 113B and the main address 111 is used. Is used. The temporary key 113 can be arbitrarily set / changed / deleted by the user by accessing a key setting screen 33 (see FIG. 3) provided by the setting screen display unit 104 described later. In this embodiment, as shown in Table 2, it is possible to register 12 keys (No. 1 to No. 12) as temporary keys 113B. In Table 2, no. “Temp” is set as the temporary key of No. 1, “Book” is set as the temporary key of No. 2, “Ticket” is set as the temporary key 3. By setting these temporary keys 113B, the user can use “hanako-temp@abc.co.jp”, “hanako-book@abc.co.jp”, “hanako-ticket @ abc. co.jp "can be used.

  The white key 113C is a key for creating a sub-address 112 that is used in place of the main address 111. The white key 113C is common in that the usage is different from the temporary key 113B and the number of keys that can be registered and arbitrarily set / changed / deleted as shown in Table 2. The difference between the white key 113C and the temporary key 113B is that the presence / absence of the white key 113C is used as a determination element in the determination process when the address registration unit 103 described later performs a process of registering a transmission source address in the white list 115. It is.

  The public key 113D is a key used for the purpose of public disclosure. For example, the information is disclosed on a website managed by the CSS 10 or notified by a request from the transmission source. In the present embodiment, as shown in Table 2, only one public key 113D can be registered. Of course, a plurality of public keys 113D may be registered. As the public key 113D, for example, the same key as the temporary key 113B or the white key 113C can be set. An example of using the public key 113D will be described later.

  In the relay server 100, the following three reception modes can be set as an e-mail reception method. Specifically, a conventional reception mode capable of receiving only an e-mail addressed to the main address 111 (corresponding to the first e-mail of the present invention), an e-mail addressed to the main address 111 and a sub-address by enabling the key 113 setting. 112 a reception mode (hereinafter referred to as “first reception mode”) capable of receiving both an e-mail addressed to 112 (corresponding to the second e-mail of the present invention), and a reception mode capable of receiving only an e-mail addressed to the sub-address 112 (Hereinafter referred to as “second reception mode”). Each of these reception modes can be arbitrarily switched on a setting screen (key setting screen 33 or reception mode setting screen 36) provided by a setting screen display unit 104 described later. In the present embodiment, the present invention can be applied when the reception mode is set to either the first reception mode or the second reception mode.

  In the present embodiment, when an e-mail addressed to the main address 111 is transmitted in the second reception mode, the relay server 100 may reject the reception. In this case, the MTA 106 automatically returns an error notification (error message) to the e-mail sender. At this time, if the response message 114 is registered in the profile box 110, the response message 114 itself is returned to the transmission source as an error notification. The response message 114 describes the public key 113D and a method for creating the subaddress 112 using the public key 113D. Therefore, the sender who has received this response message 114 can surely deliver the e-mail to the desired destination by sending the e-mail to the created subaddress 112. Thus, since the subaddress 112 is not directly attached to the response message 114, the subaddress 112 is not collected by the address collecting robot. The contents of the response message 114 and the automatic message reply setting can be changed on the reception mode setting screen 36 (see FIG. 6) provided by the setting screen display unit 104 described later. Note that the URL where the public key 113D is disclosed may be described in the response message 114 without describing the public key 113D.

  The white list 115 and the black list 116 are lists in which predetermined addresses are described, respectively. These lists are referred to when an e-mail transmitted to the relay server 100 is received. Specifically, in the white list 115, the mail addresses of senders who may be permitted to receive are registered in advance. On the other hand, a mail address of a sender who refuses reception is registered in the black list 116 in advance. The white list 115 and the black list 116 are arbitrarily changed / deleted by the user by accessing a white list screen 35 (see FIG. 5) and a black list screen 34 (see FIG. 4) provided by the setting screen display unit 104 described later. Is possible. Note that examples of using the white list 115 and the black list 116 will be described later.

  The main control unit 101 controls the components of the relay server 100 in an integrated manner. For example, an electronic device such as a CPU (Central Processing Unit), ROM (Read Only Memory), or RAM (Random Access Memory) It is constituted by. A predetermined OS is operated on the relay server 100 by the main control unit 101. Then, the program in the ROM is executed by the main control unit 101 under the environment in which the OS is operated, so that the MTA 106 performs the first determination unit, the second determination unit, the reception restriction unit, the address update unit, The address registration unit 102 is embodied as the address registration unit of the present invention, the key changing unit 103 is embodied as the additional information changing unit, and the setting screen display unit 104 is embodied.

  The MTA 106 transmits and receives electronic mail according to the SMTP procedure, and is a part that plays the role of an SMTP server. Specifically, the MTA 106 receives electronic mail transmitted from the external mail server 200 through the Internet 12 and electronic mail transmitted from the client terminal through the LAN according to SMTP. Further, the received electronic mail is transmitted (transferred) to the mail server 150 through the LAN according to SMTP. In the present embodiment, when an email is received by the MTA 106, the address information (destination address and source address) described in the envelope part of the email is referenced, and the email is sent based on this address information. It is determined whether or not to receive. The process for receiving an e-mail will be described in detail later with reference to a flowchart.

  The address registration unit 102 has a function of registering a predetermined address in the white list 115 of the profile box 110. The address registration unit 102 is configured as, for example, software that performs processing for registering the address, or a hardware system that operates the software. In the present embodiment, only when an e-mail addressed to the subaddress 112 having the white key 113C is received by the MTA 106, the address of the e-mail transmission source is automatically registered in the white list 115 by the address registration unit 102. . Such registration processing will be described later.

  The key changing unit 103 has a function of changing the key 113 of the profile box 110. The key changing unit 103 is configured, for example, as software for changing the key 113 or a hardware system for operating the software. When the temporary key 113B, the white key 113C, and the public key 113D are edited on the key setting screen 33 (FIG. 3) to be described later, the key changing unit 103 updates the key 113 in the profile box 110 with the edited contents. The key changing unit 103 automatically sets a key corresponding to the month indicated by the calendar function as a key usable in the current month in conjunction with the calendar function of the relay server 100.

  The setting screen display unit 104 has a function of displaying the key setting screen 33, the black list screen 34, the white list screen 35, and the reception mode setting screen 36 shown in FIGS. 3 to 6 on the display of the client terminal 20. is there. The setting screen display unit 104 is realized by a WWW system of the relay server 100 that operates as a Web server. When the user operates the client terminal 20 to access the setting screen display unit 104 of the relay server 100 and inputs the requested authentication ID and password, a screen reflecting the user-specific profile and setting contents is displayed on the client. It is displayed on the terminal 20. These screens are created by a GUI (Graphical User Interface), and the user can input predetermined information and settings on each screen by operating the keyboard and mouse of the client terminal 20.

  Each screen 33, 34, 35, 36 is divided into a menu pane 40 arranged on the left side and an editing pane 41 arranged on the right side. In the menu pane 40, link buttons 42, 43, 44, and 45 labeled “Key setting”, “Black list”, “White list”, and “Reception mode setting” are arranged. These buttons are configured to be selectable with a mouse or the like.

  When the button 43 is selected, a key setting screen 33 shown in FIG. 3 is displayed. FIG. 3 is a screen diagram showing the configuration of the key setting screen 33. The key setting screen 33 is a screen for setting whether to enable the key 113 and enable the subaddress 112. It is also a screen for editing the key 113. As shown in FIG. 3, a button 50 for enabling or disabling the setting of the key 113 is arranged at the top of the editing pane 41. FIG. 3 shows a state in which the key 113 is set to be valid. When the button 50 is selected with a mouse or the like, the setting of the key 113 is invalidated and the subaddress 112 is not used. As a result, the e-mail reception mode is set to a normal reception mode, that is, a mode in which only e-mail addressed to the main address 111 can be received. When the button 50 is selected again, the setting of the key 113 becomes valid and the sub address 112 is changed to a usable state. As a result, the e-mail reception mode is set to the first reception mode, that is, a mode in which both e-mail addressed to the main address 111 and e-mail addressed to the subaddress 112 can be received.

  In the editing pane 41 of the key setting screen 33, a monthly key 113A, a temporary key 113B, a white key 113C, and a public key 113D are displayed. Each of these keys is read from the profile box 110 and displayed on the editing pane 41 when the button 43 is selected. The edit pane 41 is provided with windows 52 corresponding to the monthly key 113A, the temporary key 113B, the white key 113C, and the public key 113D. The window 52 is configured to accept data input. Each key read from the profile box 110 is displayed in these windows 52. In the present embodiment, as shown in FIG. 3, the keys described in Table 1 and Table 2 are displayed in each window 52.

  When a key composed of an arbitrary character string is input to the window 52 corresponding to each key 113 and then the button 54 is selected, the data in the editing pane 41 after the input is transferred to the key changing unit 103. Then, the key change unit 103 registers the input content in the profile box 110. Thereby, the registered content of the profile box 110 is updated.

  When the button 44 is selected, the black list screen 34 shown in FIG. 4 is displayed. FIG. 4 is a screen diagram showing the configuration of the black list screen 34. As shown in FIG. As shown in FIG. 4, the black list 116 is displayed in the editing pane 41 of the black list screen 34. When the button 44 is selected, the black list 116 registered in the profile box 110 is read and displayed on the editing pane 41. A window 56 for receiving data input is provided at the top of the editing pane 41. When an address to be registered as a black list is input to the window 56 and the add button 58 arranged on the right side of the window 56 is selected, the input address is added to the black list 116. Thereby, the black list 116 stored in the profile box 110 is updated. When an address to be searched is input to the window 56 and the search button 59 is selected, it is possible to search for an address registered in the black list 116. A check box 61 is provided for each address in the black list 116. When the check box 61 is checked and the delete button 62 is selected, the checked address is deleted.

  When the button 45 is selected, a white list screen 35 shown in FIG. 5 is displayed. FIG. 5 is a screen diagram showing the configuration of the white list screen 35. As shown in FIG. As shown in FIG. 5, the white list 115 is displayed in the editing pane 41 of the white list screen 35. When the button 45 is selected, the white list 115 registered in the profile box 110 is read and displayed on the editing pane 41. A window 66 for receiving data input is provided at the top of the editing pane 41. When an address to be registered as a white list is input to the window 66 and the add button 68 arranged on the right side of the window 66 is selected, the address input to the window 66 is added to the white list 115. Thereby, the white list 115 stored in the profile box 110 is updated. When an address to be searched is input to the window 66 and the search button 69 is selected, it is possible to search for an address registered in the white list 115. A check box 71 is provided for each address in the white list 115. When the check box 71 is checked and the delete button 72 is selected, the checked address is deleted. The white list screen 35 has a known import function. By reading a file in which a predetermined address is registered in advance, the address of the file can be imported into the white list 115.

  When the button 46 is selected, a reception mode setting screen 36 shown in FIG. 6 is displayed. FIG. 6 is a screen diagram showing the configuration of the reception mode setting screen 36. As shown in FIG. The reception mode setting screen 36 is a screen for setting an e-mail reception mode from the first reception mode to the second reception mode (a mode for receiving only an e-mail addressed to the subaddress 112 including the key 113). It is also a screen for setting whether to enable automatic reply of response messages. As shown in FIG. 6, a button 75 is arranged at the top of the editing pane 41. When this button 75 is selected, the e-mail reception mode is set from the first reception mode to the second reception mode. At this time, “lock: valid” is displayed on the left side of the button 75, which means that the second reception mode is set.

  On the right side of the button 75, a button 76 for setting whether or not to automatically reply to a response message is arranged. When the button 76 is selected, the automatic reply setting is invalidated. When the button 76 is selected again, the automatic reply setting becomes valid.

  The editing pane 41 of the reception mode setting screen 36 is provided with input windows 78 and 79 that are divided into upper and lower two stages. The upper input window 78 is for inputting a Japanese response message, and the lower input window 79 is for inputting an English response message. When a predetermined message is input to these input windows 78 and 79 and then the save button 81 is selected, the input message is registered as a response message 114 in the profile box 110. That is, the response message 114 in the profile box 110 is updated. When a predetermined message is input to the input windows 78 and 79, the message is read out when the reception of the e-mail is rejected and returned to the transmission source. When no message is input in the input windows 78 and 79, that is, when the response message 114 is not registered, a normal error message (for example, “User Unknown...”) Is returned.

  Next, an example of the procedure of the relay process, the white list registration process, and the response message reply process of the email transmitted to the CSS 10 will be described with reference to the flowcharts of FIGS. In the figure, S1, S2,... Indicate processing procedure (step) numbers. Unless otherwise specified, the following processing is assumed to be performed by the MTA 106 of the relay server 100.

  First, in step S1 of FIG. 7, an access check process (see FIG. 8) for determining whether or not access from the e-mail transmission source to the relay server 100 is valid. The access check process is performed to prevent unauthorized relaying that distributes spam mails to other mail servers using the relay server 100 as a stepping stone.

  In the access check process, as shown in FIG. 8, first, in step S21, it is determined whether or not the sender of the e-mail belongs to the CSS 10, that is, an outsider. This determination is made based on the source address described in “Mail From” of the envelope portion of the email. Specifically, all user IDs registered in the profile 110 are compared with the transmission source address, and it is determined whether or not the transmission source address includes the user ID. When the user ID is included in the transmission source address, it is determined that the transmission source is local, that is, an insider belonging to the CSS 10. On the other hand, when the user ID is not included in the transmission source address, the transmission source is determined to be an outsider. If it is determined in step S21 that the transmission source is an outsider, the process proceeds to step S22, and if it is determined that the transmission source is an insider, the process proceeds to step S24.

  In step S22, it is determined whether the destination of the e-mail is an outsider. This determination is made based on the destination address described in “Rcpt To” of the envelope portion of the email. Specifically, all the user IDs registered in the profile 110 are collated with the transmission destination address, and it is determined whether or not the user ID is included in the transmission destination address. When the user ID is included in the transmission destination address, it is determined that the transmission destination of the electronic mail is local, that is, an insider belonging to the CSS 10. If the user ID is not included in the transmission destination address, it is determined that the transmission destination is an outsider.

  If it is determined in step S21 and step S22 that both the transmission source and the transmission destination are outsiders, it can be determined that the e-mail transmitted from the transmission source is a spam mail using the relay server 100 as a stepping stone. . Therefore, it can be determined that the access made to the relay server 100 to transmit the electronic mail is illegal. In this case, a return code (unauthorized access return code) indicating that unauthorized access has occurred is set in the CPU register of the main control unit 101 (S25). As a result, a series of access check processing ends.

  On the other hand, if it is determined in step S22 that the transmission destination is local (Yes in S22), it is next determined whether or not the transmission source address is registered in the black list 116. If it is determined that the access has not been registered, a return code (normal access return code) indicating that the access is normal is set in step S24, and the series of access check processing ends.

  When the access check process in step S1 in FIG. 7 is completed, in step S2, access from the transmission source to the relay server 100 is valid or illegal based on the return code set in step S24 or S25 (see FIG. 8). It is determined whether it is. That is, it is determined whether or not the electronic mail transmitted from the transmission source to the relay server 100 is a spam mail.

  If the unauthorized access return code is set (No in S2), the network communication between the transmission source and the relay server 100 is forcibly disconnected to protect the relay server 100 from unauthorized access (S9). ). That is, the SMTP session performed between the transmission source and the relay server 100 is interrupted. This completes the email relay process. At this time, only the envelope portion of the e-mail is received, and the data portion (portion including the message and attached file) is not received. The received envelope part is temporarily stored in the reject box 120. Of course, you may delete completely, without storing in the reject box 120. FIG.

  On the other hand, if the legitimate access return code is set, it is determined that the legitimate access is made (Yes in S2). In this case, the process of step S3 is executed.

  In step S3, it is determined whether the key setting is valid. Specifically, the determination is made based on whether or not the key is set to be valid on the key setting screen 33 (see FIG. 3). When the key setting is enabled or disabled on the key setting screen 33, a setting flag is set in the flag register of the CPU. In step S3, it is determined whether the key setting is valid based on the setting flag.

  If it is determined in step S3 that the key setting is invalid (No in S3), the transmitted e-mail is normally received by the MTA 106 (see FIG. 2) without performing the relay permission determination process described later. Relayed in mode (S4). In this case, since the key is set to be invalid, the sub address 112 is not recognized as an e-mail address. Therefore, in step S4, only the e-mail addressed to the main address 111 is received by the MTA 106 and transferred to the MTA 154 (see FIG. 1) of the mail server 150.

  If it is determined in step S3 that the key setting is valid (Yes in S3), then in S5, a relay permission determination process for determining whether to permit relaying of e-mail (see FIG. 9). ) Is executed.

  As shown in FIG. 9, in the relay permission determination process, first, in step S31, it is determined whether or not the key 113 registered in the e-mail transmission destination address is included. This determination is performed by extracting a character string after “−” included in the transmission destination address, and collating the extracted character string with the key 113 registered in the profile box 110. As a result of the collation, if they match, it is determined that the key 113 is included, and if they do not match, it is determined that the key 113 is not included.

  If it is determined in step S31 that the key 113 is not included in the destination address (No in S31), it is subsequently determined whether or not the e-mail reception mode is the second mode (S32). . When the user sets the e-mail reception mode from the first reception mode to the second reception mode on the reception mode setting screen 36 (see FIG. 6), a setting flag is set in the flag register of the CPU. In step S32, the setting state of the e-mail reception mode is determined based on the setting flag.

  If it is determined in step S32 that the second reception mode is set (Yes in S32), in the next step S33, it is determined whether or not the e-mail source address is registered in the white list 115. The Such a determination is made by comparing the source address with the white list 115. If it is determined that the source address is not registered in the white list 115 (No in S33), in the next step S34, a return code (relay rejection return code) for instructing rejection of e-mail relay is issued. Set in the CPU register. Thereby, a series of relay permission determination processing ends. If it is determined in step S32 that the second reception mode is not set (Yes in S32), and if it is determined in step S33 that the transmission source address is registered in the white list 115 ( In S33 (Yes), the process proceeds to Step S37 described later.

  On the other hand, if it is determined in step S31 that the key 113 is included in the transmission destination address (Yes in S31), it is then determined whether or not the key 113 is the white key 113C (S35). Such a determination can be made by collating the key 113 with the white key 113C registered in the profile box 110. If it is determined that the key 113 included in the transmission destination address is the white key 113C (Yes in S35), the address registration unit 102 executes processing for registering the transmission source address in the white list (address registration processing). (S36). Thereafter, in the next step S37, a return code (relay permission return code) for instructing permission to relay e-mail is set in the CPU register. If it is determined in step S35 that the key 113 is not the white key 113C (No in S35), a relay permission return code is set without performing address registration processing (S37). Thereby, a series of relay permission determination processing ends. The address registration process will be described later.

  When the relay permission determination process in step S5 in FIG. 7 is completed, in the next step S6, based on the return code set in step 37 or S34 (see FIG. 9), the relay of the e-mail sent from the transmission source is performed. It is determined whether or not to allow. If the relay permission return code is set, the process proceeds to step S7, and a process of relaying an electronic mail (permitted mail) permitted to be relayed (permitted mail relay process) is executed. If the relay rejection return code is set, the process proceeds to step S8, and a process of transmitting an error notification to the transmission source without receiving the data part of the email (error notification process, see FIG. 11) is executed. Is done. In addition, a series of relay processes are complete | finished after the process of step S7 and step S8.

  In the permission mail relay process, as shown in FIG. 10, first, the data part is received following the envelope part of the e-mail (S51). When the data part is received, that is, when all the data of the e-mail is received, the hyphen “-” and the key 113 are subsequently removed from the transmission destination address described in “Rcpt To” of the envelope part. (S52). In other words, the description content of “Rcpt To” in the envelope portion is rewritten to a new address from which the hyphen “−” and the key 113 are removed from the original transmission destination address. The data portion includes header information used for display display, for example. This header information also includes the address of the transmission destination and the transmission source. In step S52, the header information of the header information is included. The address cannot be rewritten.

  Then, the e-mail with the rewritten destination address is transferred to the mail server 150 (see FIG. 1) (S53). The e-mail transferred to the mail server 150 is stored in the mail box 156 corresponding to the user ID by the MTA 154 based on the information in the envelope part.

  In the error notification process, as shown in FIG. 11, first, reception of an electronic mail is interrupted (S41). That is, if it is determined in step S6 that email relay is to be rejected, reception of the email is immediately interrupted. As described above, the relay permission determination process is performed based on the envelope part received before the data part. Therefore, it is possible to interrupt the reception of the e-mail before receiving the e-mail data part. As a result, even when a spam mail is transmitted, not all the e-mail data is received, so the burden on the relay server 100 is reduced.

  Next, it is determined whether or not the response message 114 is registered in the profile 110 (see FIG. 2) (S42). When it is determined in step S42 that the response message 114 is registered (Yes in S42), the response message 114 is read from the profile 110. Then, an electronic mail in which the response message 114 is written is automatically generated, and the electronic mail is automatically returned to the transmission source (S43). In this embodiment, when sending an e-mail, it is determined whether or not “jp” is included in the domain name of the source address, and if it is determined that “jp” is included, If the Japanese message written in the input window 78 is written in the electronic mail and it is determined that “jp” is not included, the English message written in the input window 79 is written in the electronic mail.

  On the other hand, if it is determined in step S42 that the response message 114 is not registered (No in S42), it is subsequently determined whether or not the public key 113D is registered (S44). When the public key 113D is registered, the subaddress 112 in which the public key 113D is added to the response code prepared in advance by the MTA 106 or the error code defined by SMTP is embedded (S45). Then, the response code or the error code in which the subaddress 112 is embedded is returned to the transmission source (S46). In place of the public key 113D, for example, the presence / absence of registration of the monthly key 113A is determined. If registered, the response code or the error code including the subaddress 112 to which the monthly key 113A is added is transmitted. You can also reply to. If the public key 113D is not registered (No in S44), the response code or the error code is returned to the transmission source without embedding the subaddress 112 (S46).

  A sender who receives such a response message 114 or a response code including the subaddress 112 or the error code can know a valid mail address of a desired destination. In this case, it can be expected that a process of resending the electronic mail to the subaddress 112 is performed at the transmission source. On the other hand, when the transmission source of the electronic mail is a distribution robot that automatically distributes spam mail or the like, it is considered that the distribution robot does not change the destination to the subaddress 112. That is, the e-mail is not retransmitted from the delivery robot to the subaddress 112.

  As described above, since the relay process described above is performed in the present embodiment, even if the main address 111 is not changed or invalidated, it is possible to reliably receive an address from a transmission source that desires reception and Can block malicious spam emails.

  Here, the address registration process will be described with reference to FIG. This address registration process is executed by the address registration unit 102 in response to a command from the MTA 106. As shown in the figure, first, it is determined whether or not the e-mail transmission source address is registered in the white list 115 in the profile 110 (S51). Such determination processing is performed by comparing the transmission destination address with all addresses registered in the white list 115. If the transmission source address is registered in the white list 115 (Yes in S51), the address registration process ends. On the other hand, when the transmission source address is not registered in the white list 115 (No in S51), the transmission source address is extracted from the envelope portion of the e-mail in step S52, and the extracted transmission source address is suitable for the white list 115. (S53), and then a process of writing into the white list 115 is performed (S54).

  As described above, since the address is automatically registered in the white list 115, the user of the CSS 10 does not need to perform troublesome address registration work by manual work.

  In the embodiment described above, in the CSS 10, the relay server 100 and the mail server 150 are configured as independent devices. However, for example, a configuration in which the relay server 100 is included in the mail server 150, that is, the mail server 150. The relay server 100 may be configured by the same server device. Of course, the said embodiment is only an example of this invention, and it cannot be overemphasized that the embodiment can be suitably changed in the range which does not change the summary of this invention.

FIG. 1 is a block diagram illustrating a configuration of the CSS 10 including the relay server 100. FIG. 2 is a block diagram illustrating a configuration of the relay server 100. FIG. 3 is a screen diagram showing the configuration of the key setting screen 33. FIG. 4 is a screen diagram showing the configuration of the black list screen 34. FIG. 5 is a screen diagram showing the configuration of the white list screen 35. FIG. 6 is a screen diagram showing the configuration of the reception mode setting screen 36. FIG. 7 is a flowchart for explaining an example of the procedure of relay processing executed by the MTA 106. FIG. 8 is a flowchart for explaining an example of an access check process executed by the MTA 106. FIG. 9 is a flowchart for explaining an example of the procedure of the relay permission determination process executed by the MTA 106. FIG. 10 is a flowchart for explaining an example of the procedure of the permitted mail relay process executed by the MTA 106. FIG. 11 is a flowchart for explaining an example of a procedure of error notification processing executed by the MTA 106. FIG. 12 is a flowchart for explaining an example of the procedure of address registration processing executed by the address registration unit 102.

Explanation of symbols

10 ... CSS
12 ... Internet 20 ... Client terminal 33 ... Key setting screen 34 ... Black list screen 35 ... White list screen 36 ... Reception mode setting screen 40 ... Menu pane 41 ... Edit panes 43, 44, 45, 46 ... link button 100 ... relay server 101 ... main control unit 102 ... address registration unit 103 ... key change unit 104 ... setting screen management unit 106 ... MTA
110 ... Profile box 111 ... Main address 112 ... Sub address 113 ... Key 114 ... Response message 115 ... White list 116 ... Black list 120 ... Reject box 150 ... Mail server 200 ... Mail server

Claims (14)

An e-mail relay device that relays the e-mail based on address information included in the e-mail,
A main address set for each user, a sub-address in which predetermined additional information is added to the main address, and first storage means in which the additional information is registered in advance;
Receiving means for receiving a first e-mail addressed to the main address and a second e-mail addressed to the sub-address;
First determination means for determining whether the e-mail is the first e-mail or the second e-mail based on a destination address of the e-mail when the e-mail is received by the receiving means; ,
Second determination means for determining whether to permit reception based on a transmission source address of the first email when the first determination means determines that the email is the first email;
The reception of the first e-mail by the receiving means is continued when permitted by the second determining means, and the reception of the first e-mail by the receiving means is interrupted when rejected by the second determining means. And an e-mail relay device comprising a receiving restriction unit.   The receiving means limits the reception of the first e-mail by the first receiving mode for receiving both the first e-mail and the second e-mail without restriction by the reception restricting means, and the reception restricting means and The electronic mail relay device according to claim 1, further comprising: a second reception mode for receiving the second electronic mail without restriction.   The electronic mail relay device according to claim 1 or 2, wherein the first determination means determines whether or not the additional information is included in a transmission destination address of the electronic mail. A second storage means for storing a predetermined address list;
The e-mail according to any one of claims 1 to 3, wherein the second determination means permits the reception of the first e-mail when the transmission source address of the first e-mail is included in the address list. Relay device.   5. The electronic mail relay apparatus according to claim 4, further comprising address registration means for registering a source address of the second electronic mail received by the reception means in the first reception mode in the address list. The first storage means classifies and registers a plurality of additional information into at least a first class and a second class,
The address registering means is provided only when a second e-mail addressed to a sub-address including additional information belonging to either the first class or the second class is received by the receiving means. 6. The electronic mail relay apparatus according to claim 5, wherein a transmission source address is registered in the address list.   7. The electronic mail relay apparatus according to claim 1, further comprising additional information changing means for changing the additional information registered in the first storage means based on a predetermined rule.   8. The electronic mail relay apparatus according to claim 7, wherein the additional information changing means changes the additional information registered in the first storage means when a predetermined period has elapsed.   8. The electronic information according to claim 7, wherein the additional information changing means changes the additional information registered in the first storage means when predetermined information is input from an information terminal connected to the apparatus. Mail relay device.   When it is determined by the second determination means that reception of the first electronic mail is rejected, a message regarding reception rejection is sent to the transmission source address of the first electronic mail together with the additional information registered in the first storage means. 10. The electronic mail relay device according to claim 1, further comprising reply means for replying.   11. The electronic mail relay device according to claim 1, wherein the sub address is formed by adding the additional information to the end of the user ID of the main address.   12. The e-mail relay device according to claim 1, wherein the address information is information written in an envelope section of e-mail. An email relay method applied to an email relay device that relays the email based on address information included in the email,
A receiving step of receiving a first e-mail addressed to a main address registered in advance for each user and a second e-mail addressed to a sub-address in which predetermined additional information is added to the main address;
A first determination step of determining whether the e-mail is the first e-mail or the second e-mail based on a transmission destination address of the e-mail when receiving the e-mail in the reception step; ,
A second determination step for determining whether to permit reception based on a transmission source address of the first e-mail when the first determination step determines that the e-mail is the first e-mail;
If the second determination step permits, the reception of the first electronic mail by the reception step is continued, and if the second determination means rejects, the reception of the first electronic mail by the reception step is interrupted. An e-mail relay method comprising: a reception restriction step. A program applied to an email relay device that manages email based on address information included in the email,
A receiving step of receiving a first e-mail addressed to a main address registered in advance for each user and a second e-mail addressed to a sub-address in which predetermined additional information is added to the main address;
A first determination step of determining whether the e-mail is the first e-mail or the second e-mail based on a transmission destination address of the e-mail when receiving the e-mail in the reception step; ,
A second determination step for determining whether to permit reception based on a transmission source address of the first e-mail when the first determination step determines that the e-mail is the first e-mail;
If the second determination step permits, the reception of the first electronic mail by the reception step is continued, and if the second determination means rejects, the reception of the first electronic mail by the reception step is interrupted. A program for causing the electronic mail relay device to execute a reception restriction step.

Images