JP2010128929A - Information processor, information processing method, and computer program - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide a mechanism for facilitating operation of a transmission control system for a web mail service and automatically detecting a new service and configuring setting. <P>SOLUTION: A plurality of setting information to be set to transmit setting information web mail are transmitted to a client terminal device 100. The client terminal device 100 accesses a web mail server 150 through a relay server 110, and subsequently transmits an HTTP request as source information of web mail to the web mail server 150 after configuring the plurality of setting information. The relay server 110 analyzes the HTTP request after receiving the HTTP request, and acquires attribute name information stored as an attribute name in the HTTP request for each of the plurality of setting information. Then, the relay server 110 registers the acquired each attribute name information in a memory. <P>COPYRIGHT: (C)2010,JPO&INPIT

Description

  The present invention relates to a transmission control technique for permitting / rejecting transmission of an electronic mail (web mail) transmitted by an HTTP protocol.

  With the development of network technology in recent years, the cost of information exchange has dropped dramatically. Individuals and companies can efficiently communicate information by using various services using the Internet such as e-mail and web services. I can do it now.

  However, organizations such as corporations are required to take a clear approach to information management by enforcing the Personal Information Protection Law. For example, as a measure against information leakage in a company, transmission control that checks the content of an email sent externally from inside the company to the outside and permits the email to be sent outside only when the organization meets a predetermined standard. It has become common to introduce systems.

  Further, not only a conventional transmission control system for e-mail using the SMTP protocol but also a web service using the HTTP protocol as a path for information leakage. For example, it is a transmission control system for posting to an electronic bulletin board system on the Internet or for a web mail service.

  For example, Patent Document 1 discloses that a service on the Internet is specified by a URL (Uniform Resource Locator) and information transmission is controlled for the service.

  Further, Patent Document 2 discloses an information leakage countermeasure for a protocol different from SMTP without impairing the convenience of a network by installing a function equivalent to that of a conventional e-mail transmission control system in a relay server. Is disclosed.

  However, when a web mail service using HTTP is a transmission control target, there are the following problems. For example, when a new service site is started or an existing service site is renewed, a transmission control system that designates a service with a URL as disclosed in Patent Document 1 is not a person with expertise. It is difficult to specify the URL. Even if an organization administrator wants to immediately perform transmission control on a new service site, the current transmission control system generally incorporates settings specialized for existing web services in advance. is there. For this reason, for example, it is necessary to wait for the update of the setting database by the manufacturer who developed the transmission control system, and there are many cases where the operation of the transmission control system cannot be performed easily and quickly.

  Furthermore, unlike conventional electronic mail using the SMTP protocol, there is no uniform design rule for the web mail service using the HTTP protocol, so various designs and operations are made for each web mail service. Yes.

  For example, even in the case of sending an attached file, there is a mail service that transfers the mail body at the same time, and a mail service that transfers only the attached file separately from the mail body in advance.

Similarly to the conventional e-mail transmission control system using the SMTP protocol, when trying to perform transmission control based on semantic information such as a source address, a destination address, Cc, and a subject, Requires different settings.
JP 2004-348202 A JP 2007-181031 A

  As described above, when the conventional e-mail transmission control system using the SMTP protocol is applied to a web mail service using the HTTP protocol, it is uniformly applied to a plurality of web mail services which are not uniform. It is not easy to make it correspond. There are also problems such as complicated and sophisticated operations.

  Moreover, even if the administrator of the organization wants to immediately perform transmission control for an unsupported web service, it is not in a state where setting can be easily changed unless there is expertise.

  The present invention has been made in view of the above problems, and it is an object of the present invention to facilitate the operation of a transmission control system related to a web mail service, and to provide a mechanism for automatically detecting a new service and responding to settings. To do.

  In order to achieve the object of the present invention, for example, an information processing apparatus of the present invention comprises the following arrangement.

That is, an information processing device that relays data communication between a terminal device and a webmail server that presents a homepage for providing a webmail service so that it can be browsed.
Transmitting means for transmitting a plurality of setting information to be set for transmitting webmail to the terminal device;
After the terminal device accesses the web mail server via the information processing device to browse the home page, the terminal device sets the plurality of setting information and transmits to the web mail server. Receiving means for receiving source information of the received webmail from the terminal device;
Analyzing means for analyzing the source information, and for each of the plurality of setting information, obtaining attribute name information described in the source information as an attribute name;
Registration means for registering the attribute name information in a memory.

  In order to achieve the object of the present invention, for example, an information processing method of the present invention comprises the following arrangement.

That is, an information processing method performed by an information processing device that relays data communication between a terminal device and a web mail server that presents a web page for providing web mail service in a viewable manner,
A transmission step of transmitting a plurality of setting information to be set in order to transmit webmail to the terminal device;
After the terminal device accesses the web mail server via the information processing device to browse the home page, the terminal device sets the plurality of setting information and transmits to the web mail server. Receiving the received webmail source information from the terminal device;
Analyzing the source information, and for each of the plurality of setting information, obtaining an attribute name information described in the source information as an attribute name;
A registration step of registering the attribute name information in a memory.

  ADVANTAGE OF THE INVENTION According to this invention, it becomes easy to perform the setting equivalent to the transmission control system of the electronic mail using the conventional SMTP protocol with respect to the web mail service using an HTTP protocol. In addition, it is possible to automatically detect a new service from the log and implement efficient transmission control.

  Preferred embodiments of the present invention will be described below with reference to the accompanying drawings. The embodiment described below shows an example when the present invention is specifically implemented, and is one of the specific examples of the configurations described in the claims.

  FIG. 1 is a block diagram illustrating a configuration example of a system to which the information processing apparatus according to the present embodiment can be applied. As shown in FIG. 1, the system according to the present embodiment includes a client terminal device 100, a relay server 110, an administrator terminal device 120, a DB (database) 111, a wide area network 140, and a web mail server 150. Yes. The client terminal device 100, the administrator terminal device 120, the relay server 110, and the DB 111 are all connected to the intranet 130. All of these devices (except for the DB 111) connected on the intranet 130 transmit / receive data to / from the wide area network 140 via the relay server 110.

  1 shows an example of the configuration necessary for the following description, the number of client terminal devices 100 and administrator terminal devices 120, the configuration of the wide area network 140, the number of web mail servers 150, etc. Is not limited to that shown in FIG.

  The client terminal device 100 can access the webmail server 150 via the intranet 130, the relay server 110, and the wide area network 140, and can enjoy the webmail service provided by the webmail server 150.

  The relay server 110 is for relaying data communication between a device on the intranet 130 (excluding the DB 111) and the web mail server 150. For example, the client terminal device 100 accesses a home page provided by the web mail server 150 through the relay server 110 so that the web mail server 150 can view it. On this home page, operation instructions for browsing and registering information, creating, receiving, and sending web mail Is entered. In this case, the relay server 110 receives such an operation instruction from the client terminal device 100 and executes a process of relaying and transmitting the received operation instruction to the web mail server 150 as an HTTP request (source information).

  Also, the relay server 110 has registered therein web mail service information for identifying the web mail server 150 and web mail regulation rules which are rules used for transmission control such as permit / deny web mail data communication. DB 111 is provided.

  The relay server 110 also has a so-called web server function that provides a home page for allowing an external device to edit information registered in the DB 111. In FIG. 1, the DB 111 is connected to the relay server 110, but the location of the DB 111 is not particularly limited, and the DB 111 may be configured to be accessible.

  The administrator terminal device 120 can control the relay server 110 by accessing the relay server 110 and using the web server function. Further, the administrator terminal device 120 sets and browses the HTTP request transmitted from the client terminal device 100 via the relay server 110 in order to transmit a web mail so that the administrator can browse the HTTP request. It is used to do.

  The web mail server 150 performs the same operation as a web server provided in a general provider. That is, the web mail server 150 provides a web page according to the request to the client terminal device 100 accessed via the relay server 110 and the wide area network 140. Particularly in the present embodiment, the web mail server 150 provides a web mail service that performs transmission and reception of electronic mail using the HTTP protocol.

  The wide area network 140 is a network represented by the Internet. The intranet 130 is configured by a network such as a LAN.

  FIG. 2 is a block diagram illustrating a hardware configuration example of the relay server 110.

  The CPU 201 controls the entire relay server 110 using computer programs and data stored in the RAM 202 and the ROM 203, and executes each process described later as what the relay server 110 performs.

  The RAM 202 is an area for temporarily storing computer programs and data loaded from the HDD (hard disk drive) 204 and the storage medium drive 206, data received from the outside via the I / F (interfaces) 205 and 210, and the like. Have Furthermore, the RAM 202 also has a work area used when the CPU 201 executes various processes. That is, the RAM 202 can provide various areas as appropriate.

  The ROM 203 stores setting data of the relay server 110, a boot program, and the like.

  The HDD 204 stores an OS (operating system), a computer program for causing the CPU 201 to execute processes described later as performed by the relay server 110, various data described later as stored by the relay server 110, and the like. Yes. The DB 111 may be provided in the HDD 204. Computer programs and data stored in the HDD 204 are appropriately loaded into the RAM 202 under the control of the CPU 201 and are processed by the CPU 201.

  The I / F 205 is an interface for connecting the relay server 110 to the intranet 130 and the wide area network 140. Therefore, the relay server 110 can perform data communication with each device connected to the intranet 130 and the wide area network 140 via the I / F 205.

  The storage medium drive 206 reads a computer program and data recorded on a storage medium such as a CD-ROM, CD-R / RW, DVD-ROM, DVD-R / RW, DVD-RAM, and the read result is stored in the RAM 202. And output to the HDD 204. A part of the information stored in the RAM 202 or the HDD 204 may be recorded on this storage medium.

  A keyboard 207 and a pointing device 208 are for inputting various instructions to the CPU 201 by an operator of the relay server 110. The pointing device 208 is configured by a mouse, a joystick, or the like.

  The display unit 209 is configured by a CRT, a liquid crystal screen, or the like, and can display a processing result by the CPU 201 using an image, text, or the like.

  The I / F 210 is an interface for connecting peripheral devices to the relay server 110. The relay server 110 performs data transmission / reception with the peripheral device via the I / F 210. The I / F 210 is configured by USB, IEEE1394, or the like, and usually has a plurality of I / Fs. The connection form with the peripheral device may be wired or wireless.

  The bus 211 connects the above-described units.

  In the present embodiment, the relay server 110 is described as having the configuration illustrated in FIG. 2, but the configuration illustrated in FIG. 2 is used as long as the operation of the relay server 110 described below is realized. It is not limited.

  In the present embodiment, the client terminal device 100, the manager terminal device 120, and the web mail server 150 are also described as having the configuration shown in FIG. That is, the client terminal device 100, the manager terminal device 120, the relay server 110, and the web mail server 150 are all assumed to have the configuration shown in FIG. However, the configuration of each device is not limited to the configuration shown in FIG. 2, and any configuration may be used as long as the operation described below is realized as the operation of each device.

  Next, a data group stored in the DB 111 will be described.

  The DB 111 stores table information 300 shown in FIG. 3, table information 400 shown in FIG. 4, and table information 500 shown in FIG.

  First, the table information 300 shown in FIG. 3 will be described. FIG. 3 is a diagram illustrating a configuration example of the table information 300. As shown in FIG. 3, the table information 300 is information in a table format in which a service ID 301 and a service name 302 are registered as a set.

  The service ID 301 is an identification number that uniquely indicates the web mail service. The service ID 301 may be automatically given or set based on a user input instruction, but it is not allowed to overlap. That is, different service IDs 301 are registered in the table information 300.

  The service name 302 indicates the service name of the web mail service. The service name 302 is used for display or the like when the administrator terminal device 120 accesses the DB 111.

  Next, the table information 400 shown in FIG. 4 will be described. FIG. 4 is a diagram illustrating a configuration example of the table information 400. As shown in FIG. 4, the table information 400 is information in a table format in which a service ID 401, a detailed setting ID 402, a type 403, a URL 404, and transmission data information 412 are registered as a set.

  The service ID 401 is an identification number that uniquely indicates the web mail service, and is the same as the service ID 301 registered in the table information 300. That is, a set having the same service ID is associated with each of the set registered in the table information 300 and the set registered in the table information 400.

  The detailed setting ID 402 is an identification number that uniquely indicates the detailed setting of the web mail service. The detailed setting ID 402 may be automatically assigned or set based on a user input instruction. However, duplication within the same webmail service is not allowed.

  The type 403 is an item indicating any one of “text”, “attachment”, and “text & attachment”, and communication performed for a URL registered in the URL 404 (to be described later) is an email text. This is a communication that transmits only the attached file, a communication that transmits only the attached file, or a communication that transmits the text and the attached file together. In some web mails, unlike SMTP electronic mail transmission, the client terminal device 100 does not transmit the text and the attached file in the same transaction (the same request), so it is necessary to provide such items.

  The URL 404 indicates the location of a home page that provides a web mail service (a server that provides this home page).

  The transmission data information 412 includes information (attribute name information) indicating attribute names of setting information to be set for transmitting a web mail, and includes FROM 405, TO 406, CC 407, BCC 408, subject 409, text 410, and attachment 411. It is configured.

  The FROM 405 is attribute name information described in the HTTP request as the attribute name of the setting information “Sender (From)” described in the HTTP request.

  TO406 is attribute name information described in the HTTP request as the attribute name of the setting information “destination address (To)” described in the HTTP request.

  CC 407 is attribute name information described in the HTTP request as the attribute name of the setting information “broadcast destination address (Cc)” described in the HTTP request.

  BCC (Blind Carbon Copy) 408 is attribute name information described in the HTTP request as the attribute name of the setting information “broadcaster (Bcc)” described in the HTTP request.

  The subject 409 is attribute name information written in the HTTP request as an attribute name of the setting information “mail subject” written in the HTTP request.

  The text 410 is attribute name information described in the HTTP request as the attribute name of the setting information “text” described in the HTTP request.

  Attachment 411 is attribute name information described in the HTTP request as the attribute name of the setting information “attached file” described in the HTTP request.

  Since these attribute name information is different for each web mail service, it is necessary to obtain for each web mail service. Some web mail services do not require some of the setting information. Therefore, it is not necessary to set the attribute name information for setting information that is not required.

  Next, the table information 500 shown in FIG. 5 will be described. FIG. 5 is a diagram illustrating a configuration example of the table information 500. As shown in FIG. 5, the table information 500 is information in a table format in which a service ID 501 and a session identifier 502 are registered as a set.

  The service ID 501 is an identification number that uniquely indicates the web mail service, and is the same as the service ID 301 registered in the table information 300. That is, a set having the same service ID is associated with each of a set registered in the table information 300 and a set registered in the table information 500.

  The session identifier 502 indicates an attribute value for data constituting the same mail message in the web mail service. That is, when there are a plurality of mail messages (HTTP requests), the session identifier indicates whether each HTTP request forms one mail or separate mail.

  Here, as described above, when performing transmission control for various webmail services, the table information shown in FIGS. 3 to 5 must be set in the DB 111 in advance. For example, when it is desired to limit the transmission destination, the transmission control may be performed before the information transmission to the transmission destination indicated by the URL 404 with reference to the TO 406, the CC 407, and the BCC 408. In this embodiment, the table information shown in FIGS. 3 to 5 is created semi-automatically (semi-automatic extraction registration), and the table information shown in FIGS. 3 to 5 is automatically created for an unknown web mail service. To do (automatic presentation registration).

  Next, semi-automatic extraction registration and automatic presentation registration of the table information shown in FIGS. 3 to 5 will be described with reference to FIGS. 6, 7A, and 7B.

  FIG. 6 is a flowchart regarding a registration process showing a semi-automatic extraction registration process and an automatic presentation registration process. FIG. 7A is a diagram illustrating a system configuration when the normal mode is set in the relay server 110. FIG. 7B is a diagram showing a system configuration when a mode (detection mode) for creating table information is set in the relay server 110.

  First, the semi-automatic extraction registration process will be described with reference to FIGS. 6, 7 </ b> A, 7 </ b> B, and 8 to 24.

  As described above, the operation mode of the relay server 110 includes a normal mode and a detection mode. The operation mode change of the relay server 110 is automatically performed by semi-automatic extraction registration described later, but can be arbitrarily performed from the administrator terminal device 120. For example, when the administrator terminal device 120 accesses the relay server 110, the relay server 110 transmits screen information for setting the operation mode of the relay server 110 to the administrator terminal device 120. On the administrator terminal device 120 side, a setting screen based on the screen information is displayed, and when the operator of the administrator terminal device 120 performs an operation for switching the operation mode on the setting screen, information indicating the operation content is displayed. Is transmitted to the relay server 110. When the relay server 110 receives the information indicating the operation content, the relay server 110 performs a process of switching its own operation mode to the operation mode indicated by the received information. Thereby, the operation mode of the relay server 110 can be set by the manager terminal device 120. Of course, the configuration for setting the operation mode of the relay server 110 is not limited to this.

  When the normal mode is set in the relay server 110, the system has a configuration illustrated in FIG. 7A. On the administrator terminal device 120 side, a management browser for displaying the operation mode of the relay server 110 and displaying information transmitted from the client terminal device 100 to the wide area network 140 via the relay server 110 701 is displayed. The display is performed by the display unit 209 included in the manager terminal device 120.

  On the other hand, on the client terminal device 100 side, in order to access and display the “homepage for providing webmail service” provided by the webmail server 150 and perform various operations related to webmail, a browsing browser 702 is displayed. The display is performed by the display unit 209 included in the client terminal device 100.

  Other configurations are as shown in FIG.

  Next, when the detection mode is set in the relay server 110, the system has the configuration illustrated in FIG. 7B. The operation of the system having the configuration shown in FIG. 7B will be described in detail later. With such a configuration, the administrator terminal device 120 uses the information transmitted from the administrator terminal device 120 to the wide area network 140 based on the DB 111. The relay server 110 can be instructed to detect various types of information for registration with the relay server 110. In addition, access from the client terminal device 100 to the wide area network 140 via the relay server 110 is not blocked.

  First, on the manager terminal device 120 side, the management browser 701 is activated (step S601), and the connection with the relay server 110 is started (step S602). The series of processes of starting up the management browser 701 and connecting to the relay server 110 is performed by receiving an operation instruction using the keyboard 207 or pointing device 208 of the operator of the administrator terminal device 120. You may instruct the start.

  Next, the operator of the administrator terminal device 120 uses the keyboard 207 and the pointing device 208 to instruct items for adding services from the management menu of the management browser 701. Upon receiving this instruction, the manager terminal device 120 requests the relay server 110 for the table information 300 shown in FIG. 3, so the relay server 110 obtains the table information 300 from the DB 111, and the manager terminal device 120. Using the table information 300 received from the relay server 110, the manager terminal device 120 displays a screen 900 (service addition screen) illustrated in FIG. 9 on the display unit 209 (step S603).

  FIG. 9 is a diagram illustrating a display example of the screen 900.

  The contents of the table information 300 shown in FIG. 3 are displayed in a list on the service addition screen 900, the service ID 301 is displayed in the display column 901, and the service name 302 is displayed in the display column 902. .

  Here, it is assumed that the operator of the manager terminal device 120 checks the check box 904 using the keyboard 207 and the pointing device 208 and instructs the delete button 905. In this case, the manager terminal device 120 deletes the web mail service corresponding to the checked check box (the web mail service with the service name “freemail” in FIG. 9) from the DB 111. Specifically, the information group associated with the service ID of the web mail service corresponding to the checked check box is deleted from the table information 300, the table information 400, and the table information 500.

  Further, when the operator of the manager terminal device 120 instructs the line 906 and the line 907 using the keyboard 207 and the pointing device 208, the screen 2000 illustrated in FIG. 20 is displayed on the display unit 209. The screen illustrated in FIG. 20 will be described later.

  Further, when the operator of the administrator terminal device 120 instructs the service addition button 903 using the keyboard 207 or the pointing device 208, the administrator terminal device 120 is displayed on the display unit 209 according to the instruction as shown in FIG. An exemplary screen 1000 is displayed.

  FIG. 10 is a diagram showing a display example of a screen used for newly adding information about the web mail service to the table information 300, 400, 500.

  When the service addition button 903 is instructed, the manager terminal device 120 issues an identification number that does not overlap with the service ID registered in the DB 111. Then, the manager terminal device 120 displays the issued identification number in the display area 1001 as the service ID of the web mail service to be registered. Note that the operator of the manager terminal device 120 can change the service ID displayed in the display area 1001 to another service ID using the keyboard 207 or the pointing device 208. However, as described above, since it is not allowed to overlap with other service IDs already registered in the DB 111, in this case, registration of the duplicate service ID is refused, such as displaying an error.

  The service ID entered in the display area 1001 will be registered later as a service ID 301 in the table information 300, a service ID 401 in the table information 400, and a service ID 501 in the table information 500.

  The display area 1002 is a blank area when the screen 1000 is displayed, and an operator of the manager terminal device 120 can input a desired service name using the keyboard 207 or the pointing device 208. The service name entered in the display area 1002 will be registered later as the service name 302 in the table information 300.

  In a display area 1006, a predetermined (web mail) transmission destination (To, Cc, Bcc) stored in advance on the manager terminal device 120 side is displayed. Note that, when the specified transmission destination is used in the subsequent processing, the operator of the manager terminal device 120 needs to check the check box 1003 using the keyboard 207 and the pointing device 208. If the check box 1003 is not checked, the operator of the manager terminal device 120 uses the keyboard 207 and the pointing device 208 to use another destination (To, Cc, Bcc) instead of the prescribed destination. Need to be entered.

  Here, when the operator of the administrator terminal device 120 instructs the cancel button 1004 using the keyboard 207 or the pointing device 208, the administrator terminal device 120 displays the display of the display unit 209 on the screen illustrated in FIG. Switch to 900.

  On the other hand, when the operator of the manager terminal device 120 instructs the “Next” button 1005 using the keyboard 207 or the pointing device 208, the manager terminal device 120 illustrates the display on the display unit 209 in FIG. The screen is switched to the screen 1100 (step S604).

  FIG. 11 is a diagram showing a display example of a screen used for newly adding information about the web mail service to the table information 300, 400, 500.

  In the display area 1101 on the screen 1100, the IP address of the manager terminal device 120 is displayed.

  In the display area 1102, a specified sender address previously stored on the manager terminal device 120 side is displayed. Note that the operator of the manager terminal device 120 can arbitrarily edit the sender address displayed in the display area 1102 using the keyboard 207 or the pointing device 208.

  In the display areas 1103, 1104, and 1105, the destinations displayed in the display area 1006 on the screen 1000 illustrated in FIG. 10 (or the destinations separately input by the operator of the manager terminal device 120) are displayed. .

  In the display area 1106, a random character string generated by the relay server 110 is displayed. When an operator of the administrator terminal device 120 instructs the button 1005 on the screen 1000 using the keyboard 207 or the pointing device 208, the administrator terminal device 120 displays the image in the display area 1106 on the relay server 110. Request a string for When the relay server 110 receives this request, the relay server 110 transmits a random character string created in advance (may be created at this time) to the manager terminal device 120. When receiving the character string from the relay server 110, the manager terminal device 120 displays the received character string in the display area 1106.

  Here, it is assumed that the operator of the manager terminal device 120 instructs the copy link 1107 displayed in the display area 1106 using the keyboard 207 or the pointing device 208. In this case, the manager terminal device 120 copies the random character string displayed in the display area 1106 to the clipboard of the operating operating system. The purpose of copying will be described later.

  In the display area 1108, a random character string generated by the relay server 110 is displayed. When the operator of the administrator terminal device 120 instructs the button 1005 on the screen 1000 using the keyboard 207 or the pointing device 208, the administrator terminal device 120 displays the information in the display area 1108 on the relay server 110. Request a string for When the relay server 110 receives this request, the relay server 110 transmits a random character string created in advance (may be created at this time) to the manager terminal device 120. When receiving the character string from the relay server 110, the manager terminal device 120 displays the received character string in the display area 1108.

  Here, it is assumed that the operator of the manager terminal device 120 instructs the copy link 1109 using the keyboard 207 and the pointing device 208. In this case, the manager terminal device 120 copies the random character string displayed in the display area 1108 to the clipboard of the operating operating system. The purpose of copying will be described later.

  The download button 1110 is a button for instructing the relay server 110 to request a sample file to be used as an attached file. When the operator of the manager terminal device 120 instructs the download button 1110 using the keyboard 207 or the pointing device 208, the manager terminal device 120 requests the relay server 110 for a sample file to be used as an attached file. . When receiving this request, the relay server 110 transmits a sample file created in advance (may be created at this time) to the manager terminal device 120. When receiving the transmitted sample file, the manager terminal device 120 temporarily stores it in the RAM 202, the HDD 204, or the like.

  Check buttons 1111a and 1111b are provided in the display area 1111 and are used to select whether a web mail to be transmitted is transmitted immediately after editing or is stored once after editing. When the check button 1111a is instructed, the former transmission form is adopted, and when the check button 1111b is designated, the latter transmission form is adopted.

  There are mainly two types of actions in webmail service actions when sending webmail. Some emails are sent immediately after editing, while others are sent as drafts and saved in another session. In order to deal with this action, check buttons 1111a and 1111b are provided.

  In the display area 1112, an instruction from the relay server 110 is displayed.

  Here, when the operator of the administrator terminal device 120 instructs the cancel button 1113 using the keyboard 207 or the pointing device 208, the administrator terminal device 120 displays the display of the display unit 209 on the screen illustrated in FIG. Switch to 1000. The operation of the manager terminal device 120 when the completion button 1114 is instructed will be described later.

  Returning to FIG. 6, after the processing in step S <b> 604, the operator of the manager terminal device 120 instructs the activation of the browsing browser 711 using the keyboard 207 and the pointing device 208. As a result, the manager terminal device 120 activates the browsing browser 711 (step S606). This browsing browser 711 is for accessing a detection proxy 712 (described later) of the relay server 110.

  Then, the manager terminal device 120 accesses the web mail server 150 via the detection proxy 712 (relay server 110) by the browsing browser 711, and accesses a home page for providing web mail service (step S607). . From this point of time, the detection proxy 712 starts recording the access from the browsing browser 711. Of course, it is assumed that the detection proxy 712 has been started up at this point. The activation timing of the detection proxy 712 will be described later. That is, at this time, the administrator terminal device 120 is in an environment where the web mail service can be used at any time by inputting a transmission destination, a subject, and the like on the home page via the browsing browser 711. is there.

  Therefore, since the administrator terminal device 120 accesses the home page for providing the web mail service via the browsing browser 711, the transmission source, the transmission destination, the subject, etc. are input on this home page, A web mail is created (step S608).

  When creating a webmail, for the sender (sender), the address displayed in the display area 1102 on the screen 1100 illustrated in FIG. 11 may be copied and used.

  Further, for the transmission destinations (To, Cc, Bcc), the transmission destination addresses displayed in the display areas 1103, 1104, and 1105 on the screen 1100 illustrated in FIG.

  For the subject, a character string displayed in the display area 1106 copied by instructing the copy link 1107 may be used.

  For the text, a character string displayed in the display area 1108 copied by instructing the copy link 1109 may be used.

  In addition, when attaching an attached file to an e-mail, if an instruction is given on the homepage to attach the downloaded file to the RAM 202 or the HDD 204 by instructing the download button 1110 on the screen 1100 illustrated in FIG. Good.

  In this way, on the manager terminal device 120 side, a web mail to be transmitted is created on the browsing browser 711 using each setting item displayed on the screen 1100 illustrated in FIG.

  When the creation of the web mail is completed, the operator of the manager terminal device 120 inputs a transmission instruction using the keyboard 207 and the pointing device 208. Upon receiving this transmission instruction, the manager terminal device 120 creates an HTTP request for sending this webmail, and sends the created HTTP request to the webmail server 150 (step S609). The detection proxy 712 (relay server 110) acquires the HTTP request transmitted from the administrator terminal device 120.

  Note that the browser 711 for browsing may be closed after sending the web mail, or may be left as it is.

  In FIG. 6, it is assumed that the operator of the manager terminal device 120 has input an operation instruction to close the browsing browser 711 using the keyboard 207 or the pointing device 208. Accordingly, in step S610, the manager terminal device 120 performs a process of closing the browsing browser 711.

  FIG. 12 is a detailed flowchart of the semi-automatic extraction registration performed by the relay server 110 and the detection proxy 712 in parallel with the processing from the start (step S606) to the end (step S610) of the browsing browser 711. That is, the process according to the flowchart shown in FIG. 12 is started with the start of the process in step S604.

  First, together with a screen information request for the screen 1100 from the manager terminal device 120 (step S604), an instruction to shift to the detection mode is transmitted from the manager terminal device 120 to the relay server 110. In response to the transfer instruction, the relay server 110 performs processing for shifting its own operation mode to the detection mode (step S1202). When the transition process to the detection mode of the relay server 110 is completed, the screen 1100 is displayed on the display unit 209 of the manager terminal device 120.

  FIG. 13 is a flowchart showing details of the processing in step S1202.

  First, the relay server 110 activates the detection proxy 712 in response to a migration instruction from the manager terminal device 120 (step S1301).

  Next, the relay server 110 determines whether or not the detection proxy 712 has been successfully activated (step S1302). If it is determined as a result of the determination that the process has succeeded, the process advances to step S1303. On the other hand, if it is determined that it has failed, it is determined that the transition to the detection mode has failed, and the process according to the flowchart shown in FIG.

  The relay server 110 starts measuring time using a timer provided in the CPU 201 (timer activation) (step S1303). This timer is for automatically terminating the detection proxy 712 when there is no request from the browsing browser 711 within a certain time after the detection proxy 712 is activated.

  Next, the relay server 110 determines whether or not the timer has been successfully started (step S1304). As a result of such determination, if it is determined that the detection has succeeded, it is determined that the transition to the detection mode has been successful, and the present process is terminated. On the other hand, if it is determined that the process has failed, it is determined that the transition to the detection mode has failed, and the process ends.

  The determination result of whether the transition to the detection mode has succeeded or failed is notified from the relay server 110 to the manager terminal device 120.

  Returning to FIG. 12, when it is determined that the transition to the detection mode has succeeded as a result of the processing according to the flowchart of FIG. 13, the processing proceeds to step S1204 via step S1203. On the other hand, if it is determined that the transition to the detection mode has failed, the process proceeds to step S1221 via step S1203.

  In step S1221, the manager terminal device 120 displays a message indicating that the transition to the detection mode has failed in the display area 1112 on the screen 1100 illustrated in FIG. 11, and then ends the semi-automatic extraction registration.

  On the other hand, in step S1204, the manager terminal device 120 determines whether or not the completion button 1114 on the screen 1100 illustrated in FIG. 11 is instructed. This completion button 1114 is instructed after transmission of the web mail. That is, step S1204 is equivalent to step S605 in FIG. As a result of such determination, if not instructed, the process proceeds to step S1205. When the completion button 1114 is instructed, the manager terminal device 120 notifies the relay server 110 to that effect.

  In step S1205, the relay server 110 uses the detection proxy 712 to detect and record the HTTP request transmitted from the browsing browser 711 on the administrator terminal device 120 in step S609, and then forwards the request to the webmail server 150. Perform the process.

  FIG. 14 is a flowchart showing details of the processing in step S1205 in the detection proxy 712.

  First, the detection proxy 712 determines whether or not the time measured by the timer activated in step S1303 is within a preset valid time (step S1401). If it is determined that it is outside the valid time, the process in step S1205 is terminated.

  On the other hand, if it is within the valid time, the process proceeds to step S1402.

  Next, the detection proxy 712 determines whether or not the received HTTP request is a request from an IP address (specific IP address) permitted in advance (step S1402). In the present embodiment, the IP address of the manager terminal device 120 is used as the specific address. Therefore, when an HTTP request is received from the administrator terminal device 120, the detection proxy 712 determines that the HTTP request is a request from an IP address that is permitted in advance.

  If it is determined in step S1402 that the request is from a specific address, the process proceeds to step S1403. If it is determined that the request is not from a specific address, the process proceeds to step S1405.

  In step S1405, the detection proxy 712 discards the received HTTP request (rejects connection from the IP address of the transmission source of this HTTP request).

  On the other hand, in step S1403, the detection proxy 712 records the HTTP request transmitted from the administrator terminal device 120 via the browsing browser 711 in step S609 in the RAM 202 or the HDD 204 as detection data. At this time, the administrator actually accesses the web mail server 150 from the browsing browser 711. The HTTP request is data having a configuration shown in FIGS. 23 and 24, for example. Details of the HTTP request will be described later.

  Next, in step S1404, the detection proxy 712 performs processing for transmitting the HTTP request transmitted from the manager terminal device 120 in step S609 to the web mail server 150 via the wide area network 140.

  Returning to FIG. 12, if the completion button 1114 is instructed, the process proceeds from step S1204 to step S1206 (step S605 in FIG. 6 exits the loop).

  If the detection data has been acquired in step S1205, the process proceeds to step S1207 via step S1206. If not, the process proceeds to step S1215 via step S1206.

  In step S1215, the relay server 110 notifies the manager terminal device 120 that the HTTP request has not been received, so the manager terminal device 120 displays a message to that effect in the display area 1112 on the screen 1100. Display a message. For example, a display as shown in M1216 is displayed in the display area 1112.

  Next, the administrator terminal device 120 determines whether the operator of the administrator terminal device 120 has input an operation instruction to retransmit the HTTP request using the keyboard 207 or the pointing device 208. Judgment is made (step S1217). For example, when the “Yes” button in the display M1216 is instructed, it is determined that a retransmission instruction has been input. On the other hand, when the “No” button is instructed, it is determined that the retransmission instruction has not been input.

  As a result of such determination processing, if it is determined that a retransmission instruction has been input, the process returns to step S1204, and the detection proxy 712 waits for retransmission of an HTTP request from the browsing browser 711. On the other hand, if it is determined that the retransmission instruction has not been input, the process proceeds to step S1218.

  In step S1218, the administrator terminal device 120 notifies the relay server 110 that the retransmission instruction has not been input, so the relay server 110 ends the detection proxy 712 and shifts its own operation mode to the normal mode. To do.

  Next, in step S <b> 1219, the manager terminal device 120 performs a display indicated by 1220 </ b> M in the display area 1112 on the screen 1100.

  On the other hand, in step S1207, the relay server 110 shifts its operation mode to the normal mode.

  Next, in step S1208, the relay server 110 analyzes the HTTP request stored in the RAM 202 or the HDD 204 as the detection data in step S1403. Then, the attribute name of each setting information described in the HTTP request is detected (extracted and acquired).

  FIG. 15 is a flowchart showing details of the processing in step S1208.

  In the flowchart shown in FIG. 15, the processing of steps S1502 to S1504 is performed for each setting information.

  First, in step S1502, the relay server 110 disassembles and analyzes all information such as the transmission destination URL, cookie, multi-part text and attached files from the HTTP header information and body information in the HTTP request (HTTP). Request analysis).

  Such processing will be described with reference to FIGS.

  FIG. 23 is a diagram illustrating a configuration example of an HTTP request. As shown in FIG. 23, the HTTP request includes an HTTP header part 2301 and an HTTP body part 2302.

  The HTTP header portion 2301 is configured in a format of attribute name: attribute value for each line except for the first line. Only the first line is defined in the HTTP method, HTTP path, HTTP protocol version, and HTTP protocol.

  The HTTP body part 2302 is composed of a text character string, and the HTTP rules stipulate that “&” can be configured as a delimiter when having a plurality of components. Therefore, it can be seen that the second component of the HTTP body portion 2302 is “Subj = WDWLDAwIFfff2qAdiIF% 2BQWWRFHERr2qrqi3oA”. Furthermore, each component is configured in the format of attribute name = attribute value with “=” as a delimiter. For example, the second component includes an attribute name 2304 (Subj) and an attribute value 2305 (WDWLDAwIFfff2qAdiIF% 2BQWWRFHERr2qrqi3oA).

  In the HTTP header section 2301, it is defined as “Content-type: application / x-www-form-urlencoded”. For this reason, “% 2B” in the attribute value 2305 is assumed to be the same value as “+” according to the rule of HTTP.

  In this way, the HTTP header part 2301 and the HTTP body part 2302 are disassembled in units of components, each component is regarded as a pair of attribute name and attribute value, and among the attribute values, the settings presented on the screen 1100 Identify attribute values that match information values. Then, the attribute name paired with the specified attribute value is acquired as attribute name information.

  The request destination URL is generated from the first two lines of the HTTP header section 2301. In this case, the attribute value of the attribute name “Host” on the second line is “www.xmail.jp”, and the HTTP path on the first line is “/ webmail / send”. Therefore, the request destination URL is “http://www.xmail.jp/webmail/send”.

  Next, HTTP request analysis when an attached file is attached to a web mail will be described with reference to FIG. FIG. 24 is a diagram illustrating a configuration example of an HTTP request when an attached file is attached to a web mail.

  Similarly to the HTTP request shown in FIG. 23, the HTTP request shown in FIG. 24 includes an HTTP header part 2401 and an HTTP body part 2402, and the analysis method of the HTTP header part 2401 is described above. Is the same.

  On the other hand, when the HTTP body part 2402 is scanned, it can be seen that there is an actual state of the attached file in the area 2405 in a format defined by the HTTP protocol. Here, since the attribute value 2407 is in the “multipart / form-data” format, it can be seen that the area is included in an area called multipart. The multipart area has a multipart header part 2408 and a multipart body part 2409 for each area delimited by a boundary character string (boundary), and the attached file is in the multipart body part 2409. Therefore, the multipart header part 2408 that forms the pair is inspected.

  In the multipart header part 2408, an attribute name 2403 and a file name 2404 are described in a format defined by the HTTP protocol. In the HTTP request analysis, the attribute name 2403 is acquired as the attribute name of the attached file.

  As described above, in the HTTP request analysis according to the present embodiment, the attribute name described in the HTTP request paired with the setting information value (attribute value) presented on the screen 1100 illustrated in FIG. Get as attribute name information. Of course, as described above, since there are a plurality of setting information such as a transmission destination and a subject name, attribute name information is acquired for each setting information.

  Accordingly, in step S1502, the HTTP request is decomposed for each attribute name / attribute value pair as described above, and stored in the RAM 202 or HDD 204.

  Next, in step S1503, among the plurality of attribute values acquired in step S1502, what is displayed on the screen 1100 (that is, the transmission destination condition, subject, text, etc. that should be set in the web mail to be detected) It is determined whether there is information set as attribute value information. As a result of the determination, if a displayed item is detected, the process proceeds to step S1504. On the other hand, if it cannot be detected, the process returns to step S1502 to analyze the next HTTP request, and the subsequent processes are performed.

  In step S1504, the attribute name information acquired in step S1502 recorded in a pair with the detected attribute value information is stored in the RAM 202 or the HDD 204. For example, taking the HTTP request shown in FIG. 23 as an example, the attribute value 2305 matches the value (attribute value) of the setting information displayed as the subject in the display area 1106 on the screen 1100 (step S1503). Therefore, since it can be understood that the attribute name 2304 (Subj) described in the HTTP request in a pair with the attribute value 2305 means a subject, the attribute name 2304 corresponds to the setting information. Acquired as attribute name information (step S1504). That is, although details will be described later, in the transmission data information 412, the value to be recorded in the subject 409 is the attribute name 2304 (Subj).

  The above is the details of the HTTP request analysis process performed in step S1208 of FIG.

  Returning to FIG. 12, in step S1209, the relay server 110 determines whether or not the attribute name information has been extracted from the detected data in step S1208. As a result of the determination, if it can be extracted, the process proceeds to step S1210, and if it cannot be extracted, the process proceeds to step S1219.

  In step S1219, the relay server 110 transmits the display data indicated by 1220M to the administrator terminal device 120. Therefore, the administrator terminal device 120 displays the display indicated by M1220 on the screen 1100 illustrated in FIG. Displayed in area 1112.

  On the other hand, in step S1210, the relay server 110 specifies session information. In the web mail service using HTTP, a session management function is indispensable in order to manage the login state of the user on the service side, and session information is incorporated in each HTTP request. FIG. 16 is a flowchart showing details of the processing in step S1210.

  First, in step S1601, it is determined whether there is a cookie in the HTTP request analyzed by the HTTP request analysis process. As a result of the determination, if it is determined that there is a cookie, the process proceeds to step S1602. On the other hand, if it is determined that there is no cookie, the process advances to step S1604.

  In step S1602, it is determined whether all analyzed HTTP requests have the same attribute value for Cookie. As a result of such determination, if it is determined that it has, the process advances to step S1603. On the other hand, if it is determined that it does not have, it is determined that the session specification has failed, and the processing according to the flowchart of FIG. 16 ends.

  On the other hand, in step S1603, it is determined that Cookie is a session identifier. Then, it is determined that the session has been successfully identified, and the process according to the flowchart of FIG. 16 is terminated. Such processing will be described by taking an HTTP request having the configuration shown in FIG. 23 and an HTTP request having the configuration shown in FIG. 24 as examples. The cookie attribute value 2303 described in the HTTP request shown in FIG. 23 is the same as the cookie attribute value 2406 described in the HTTP request shown in FIG. That is, since each HTTP request has the same value as the attribute value of Cookie, it can be understood that each HTTP request is the same session with Cookie as a session identifier.

  On the other hand, in step S1604, it is determined that Cookie is not defined, and a common attribute value is searched for from HTTP requests other than Cookie. Of the “pair of attribute name and attribute value” from which attribute name information can be acquired from each analyzed HTTP request, a pair other than a candidate for transmission data information 412 is set as a processing target.

  In step S1605, it is determined whether the pair that is the processing target in step S1604 has a common “attribute name = attribute value pair”. As a result of such determination, if it is determined that it is possessed, the process proceeds to step S1606. On the other hand, if it is determined that it does not have, it is determined that the session identification has failed, and the processing according to the flowchart of FIG. 16 is terminated.

  In step S 1606, the attribute name constituting the “attribute name = attribute value” pair that is common to all HTTP requests acquired in step S 1605 is determined as a session identifier.

  Note that the session identifier acquired by the processing according to the flowchart of FIG. 16 is registered in the table information 500 as the session identifier 502 shown in FIG.

  Returning to FIG. 12, in step S <b> 1211, the relay server 110 analyzes in step S <b> 1208, and determines whether the acquired set of attribute name information is already registered in the DB 111. As a result of such determination, if it is determined that it is registered, the process proceeds to step S1213. On the other hand, if it is determined that it is not registered, the process proceeds to step S1212. The determination result in step S1211 is notified from the relay server 110 to the manager terminal device 120.

  In step S1213, the manager terminal device 120 displays a display as shown in M1214 in the display area 1112 in the screen 1100 illustrated in FIG.

  On the other hand, in step S1212, the manager terminal device 120 switches the display on the display unit 209 to a screen 1700 illustrated in FIG. FIG. 17 is a diagram showing a display example of a screen 1700 for displaying a list of HTTP request analysis results.

  In the screen 1700, the IP address of the manager terminal device 120 is displayed in the display area 1701.

  In the display area 1702, the access time to the URL displayed in the display area 1703 is displayed.

  In the display area 1703, the URL of the transmission destination of the HTTP request is displayed. In the case of the present embodiment, this URL is the address of a home page for the web mail service provided by the web mail server 150.

  In the display area 1704, any one of “text”, “attachment”, and “text & attachment” is displayed. The above HTTP request analysis process detects "Body" when the body is detected but no attachment is detected, and "Attachment" is detected when the attachment is detected but the body is not detected. If you do, “Text & Attachment” is displayed.

  The display area 1705 displays which of the check buttons 1111 a and 1111 b is instructed in the display area 1111. “Mail transmission” is displayed when the check button 1111a is instructed, and “save draft” is displayed when the check button 1111b is instructed.

  A display area 1706 displays a symbol indicating whether or not an attribute name for the transmission source has been detected. In the case of FIG. 17, “◯” is displayed, which indicates that the attribute name is detected for the transmission source. If the attribute name is not detected for the transmission source, “x” is displayed.

  This also applies to the following, but the display form of the symbol indicating whether or not the attribute name is detected is not particularly limited.

  In the display area 1707, attribute values acquired by the above HTTP request analysis processing are displayed. If the attribute name is correctly detected, it matches the sender address displayed in the display area 1102 on the screen 1100.

  In the display areas 1708, 1709, and 1710, attribute values acquired by the above HTTP request analysis processing are displayed. If the attribute name is detected correctly, it matches the mail address displayed in the display areas 1103, 1104, and 1105 on the screen 1100.

  The display area 1711 displays attribute values acquired by the above HTTP request analysis processing. If the attribute name is detected correctly, it matches the character string displayed in the display area 1106 on the screen 1100.

  The display area 1712 displays attribute values acquired by the HTTP request analysis process described above. If the attribute name is correctly detected, it matches the character string displayed in the display area 1108 on the screen 1100.

  In the display area 1713, if the contents of the file downloaded by designating the download button 1110 on the screen 1100 match the contents of the attached file obtained by the HTTP request analysis process, “◯” is displayed. On the other hand, “x” is displayed when they do not match or when the attached file has not been transmitted in the first place.

  In the display area 1714, the session identifier acquired in step S1210 is displayed. For example, when the session identifier is Cookie, “Cookie” is displayed. If the session identifier is determined to be an attribute name, the attribute name is displayed.

  Note that a screen such as the screen 1700 is obtained when mail is transmitted by one access. When mail is transmitted by a plurality of accesses, the HTTP request for each access is displayed. A screen will be displayed. For example, when an HTTP request for only an attached file is detected, a screen 1800 shown in FIG. 18 is displayed instead of the screen shown in FIG.

  FIG. 18 is a diagram showing a display example of a screen 1800 displaying a list of HTTP request analysis results when only the attached file is transmitted. At this time, “◯” is displayed in the display area 1801 for the attached file and the display area 1802 for the session identifier, and “×” is displayed for the other items since they are not detected from this HTTP request. Has been.

  Returning to FIG. 17, when registering the attribute name information displayed on the screen 1700 in the DB 111, the operator of the manager terminal device 120 instructs the button 1716 using the keyboard 207 and the pointing device 208. . On the other hand, when not registering, the button 1715 is instructed.

  When the operator of the administrator terminal device 120 instructs the button 1716 using the keyboard 207 or the pointing device 208, the administrator terminal device 120 displays the display on the display unit 209 in accordance with the instruction shown in FIG. Switch to the screen 1900.

  FIG. 19 is a diagram showing a display example of a screen 1900 for confirming registration information.

  In the display area 1901 in the screen 1900, the service name displayed in the display area 1002 in the screen 1000 is displayed.

  In the display area 1902, the type displayed in the display area 1704 on the screen 1700 is displayed.

  In the display area 1903, detailed setting IDs issued by the manager terminal device 120 are displayed so as not to overlap with other setting IDs.

  In the display area 1904, the URL displayed in the display area 1703 on the screen 1700 is displayed.

  The display area 1905 displays attribute name information that is paired with the attribute value of “sender” displayed in the display area 1707 on the screen 1700.

  The display area 1906 displays attribute name information that is paired with the attribute value “To” displayed in the display area 1708 of the screen 1700.

  The display area 1907 displays attribute name information that is paired with the attribute value “Cc” displayed in the display area 1709 on the screen 1700.

  In the display area 1908, attribute name information that is paired with the attribute value “Bcc” displayed in the display area 1710 in the screen 1700 is displayed.

  In the display area 1909, attribute name information that is paired with the attribute value of “subject” displayed in the display area 1711 on the screen 1700 is displayed.

  In the display area 1910, attribute name information that is paired with the attribute value of “text” displayed in the display area 1712 on the screen 1700 is displayed.

  In the display area 1911, attribute name information acquired by the HTTP request analysis process for the setting information “attached file” is displayed. Note that nothing is displayed in the display area 1911 if no attachment is attached to the webmail. That is, the attribute name information of the attached file is displayed in the display area 1911 only when “text & attachment” or “attached file” is displayed in the display area 1902.

  Since this screen 1900 corresponds to the screen 1700, the display area 1911 is blank in FIG. Therefore, in the case of the screen 1800, “filename” is displayed in the display area 1911, and the display areas 1905 to 1910 are blank. A detailed setting ID (for example, 32) that does not overlap is displayed in the display area 1903, and the URL “http://www.xmail.jp/webmail/attach” displayed on the screen 1800 is displayed in the display area 1904. And “attached file” is displayed in the display area 1902.

  When the operator of the administrator terminal device 120 instructs the cancel button 1912 using the keyboard 207 or the pointing device 208 while the screen 1900 is displayed, the administrator terminal device 120 closes the screen 1900 and the screen 1700. Alternatively, the screen returns to the screen 1800.

  On the other hand, when the operator of the manager terminal device 120 instructs the button 1913 using the keyboard 207 or the pointing device 208, a registration instruction is transmitted to the relay server 110. When the relay server 110 receives this registration instruction from the administrator terminal device 120, the relay server 110 registers the attribute name information acquired by the HTTP request analysis process in the corresponding place in the table information 300, 400, 500.

  FIG. 8 is a diagram showing an operation of semi-automatic extraction registration between apparatuses constituting the system according to the present embodiment. In FIG. 8, the same processes as those described in FIGS. 6, 12, and 13 are denoted by the same reference numerals, and the description thereof is omitted.

  Here, as described above, when the operator of the administrator terminal device 120 in FIG. 9 uses the keyboard 207 and the pointing device 208 to instruct the line 906 and the line 907 in the screen 900, the screen illustrated in FIG. 2000 is displayed on the display unit 209.

  FIG. 20 is a diagram showing a display example of a screen 2000 displaying a list of information for each webmail service. In the following, as an example, a case where line 906 is designated will be described.

  The screen 2000 displays an overview of transmission data information registered in the DB 111 for the webmail service name “freemail”. FIG. 20 shows that transmission data information for detecting the text and transmission data information for detecting the attached file are registered.

  The detailed setting ID 2001 is the same as the detailed setting ID 402 in FIG. That is, duplicate detailed setting IDs are not allowed.

  A URL 2002 indicates a URL on which the setting (transmission control using attribute name information as a result of HTTP request analysis for this URL) operates, and is the same as the URL 404 in FIG. 4, for example.

  The type 2003 indicates the type of data that can be acquired by the setting, and is the same as the type 403 in FIG. 4, for example.

  In addition, the corresponding setting can be deleted from the DB 111 by checking the check box 2004 and instructing a “delete” button 2005.

  Here, when the operator of the manager terminal device 120 indicates the row 2007 or the row 2008 in which the service name is displayed using the keyboard 207 or the pointing device 208, the manager terminal device 120 displays the display unit 209. Is switched to the screen 1900. When the operator of the administrator terminal device 120 instructs the cancel button 1912 using the keyboard 207 or the pointing device 208 when the screen 1900 is displayed by this screen transition, the administrator terminal device 120 closes the screen 1900. Return to screen 2000.

  When the operator of the manager terminal device 120 instructs the button 2006 using the keyboard 207 or the pointing device 208, the manager terminal device 120 displays the display of the display unit 209 on the screen 1900 (however, each display area is Switch to blank). The operator of the manager terminal device 120 can set new attribute name information using this screen 1900. When the operator of the administrator terminal device 120 instructs the cancel button 1912 using the keyboard 207 or the pointing device 208 when the screen 1900 is displayed by this screen transition, the administrator terminal device 120 closes the screen 1900. Return to screen 2000.

  FIG. 21 is a diagram showing transition diagrams of the various screens described above. In FIG. 21, the “return” button when transitioning from the screen 2000 to the screen 900 is provided in the management browser 701.

  Next, automatic presentation registration processing, that is, processing in steps S612 and S613 in FIG. 6 will be described. The automatic presentation registration process is executed periodically or irregularly during a time period when the semi-automatic extraction registration process is not performed.

  Since the client terminal device 100 and the administrator terminal device 120 can transmit web mail while the semi-automatic extraction registration process is not performed, it is natural that each terminal device transmits to the relay server 110 the HTTP related to this transmission. A request has been sent. However, the client terminal device 100 and the manager terminal device 120 may transmit an HTTP request to the relay server 110 for purposes other than the transmission of web mail, such as writing on a bulletin board.

  Therefore, the relay server 110 records the HTTP request transmitted from the manager terminal device 120 or the client terminal device 100 as a log in the HDD 204 regardless of the operation indicated by the HTTP request. Accordingly, in step S612, the relay server 110 performs a process of analyzing an HTTP request log recorded in the HDD 204. Of course, the recording destination of the HTTP request log recorded by the relay server 110 is not limited to the HDD 204.

  FIG. 22 is a flowchart showing details of the process in step S612.

  First, in step S2201, the same process as the HTTP request analysis process in step S1502 is performed for the HTTP request recorded as a log in the HDD 204 or the like.

  Next, in step S2202, the transmission destination URL is extracted with reference to the result of the HTTP request analysis process performed in step S2201, and it is determined whether or not this transmission destination URL has already been registered in the DB 111. As a result of the determination, if it is registered, it is determined that “no detection”, and the process according to the flowchart shown in FIG. 22 is terminated.

  On the other hand, if it is determined that it is not registered, the process advances to step S2203.

  In step S2203, the session identifier is specified with reference to the result of the HTTP request analysis process performed in step S2201. The session identifier specifying process in this step is a process according to the flowchart shown in FIG. In the semi-automatic extraction registration process described above, by using the detection proxy 712, the requests from the browsing browser 711 are limited and relayed, and therefore a single session identifier can be clearly identified (the source) The browser 711 for browsing and the web mail server 150 as a transmission destination are also limited). However, in the automatic presentation registration process, a log in which connections from a plurality of client terminal devices 100 to various web servers are to be analyzed, so that there may be a plurality of detected session identifiers instead of a single one. There is. Therefore, a session list is used for managing session identifiers. The session list can manage a plurality of pieces of session information using a session identifier as a key. Here, the session information has a structure including a session identifier, an evaluation value, and a plurality of request analysis results performed in step S2201 and additional information. The evaluation value will be described later. Note that the session list is stored in the RAM 202, the HDD 204, or the like. Even when the automatic presentation registration process is completed, the contents are not abandoned and are stored in the HDD 204 or the like. Therefore, at the beginning of the automatic presentation registration process, a process such as reading from the HDD 204 or the like into the RAM 202 is necessary.

  If the acquired session identifier is already registered in the session list as a result of the process in step S2203, the process proceeds to step S2204. On the other hand, if the acquired session identifier is not yet registered in the session list, the process advances to step S2205.

  In step S2205, the session identifier acquired in step S2201 is additionally registered in the session list as a new key. At this time, the structure to be additionally registered is session information, in which the session identifier as a key and the request analysis result acquired in step S2201 are set. As will be described later, the evaluation value is 0 at this time.

  On the other hand, in step S2204, since the session identifier acquired in step S2201 is registered in the session list, the request analysis result acquired in step S2201 is added to the already registered session information and registered. As a result of this processing, a plurality of request analysis results are registered in this session information.

  When adding a request analysis result to the session information, it is first determined whether or not a request analysis result having the same configuration (a set of attribute names matches the same URL) has already been registered. This assumes a case where a plurality of web mails are transmitted within the same HTTP session. Therefore, in such a case, not only such an additional registration process is performed, but information indicating that one or more web mails are transmitted is added to the session information.

  Next, in step S2206, the relay server 110 refers to the result of the HTTP request analysis process performed in step S2201, and determines whether or not a component used for web mail is included in the HTTP request. . That is, it is determined whether or not an HTTP request related to transmission of web mail is included in the log. For example, a mail address, presence / absence of an attached file, Japanese character string, and the like correspond to components used in web mail. For example, if an attribute value is “foo@example.com”, it can be understood that this attribute name is an item having a mail address (a character string .com that seems to be a domain exists behind the character @). To do). If such a component is included in the HTTP request, it is determined that the HTTP request relates to transmission of web mail.

  As a result of such determination, if there is an HTTP request including a component used for web mail, the process proceeds to step S2207. On the other hand, if there is no HTTP request including a component used for web mail, the process advances to step S2208.

  In step S2207, an evaluation value is calculated for the request analysis result including the components used for web mail. For example, the request analysis result includes 3 points when an email address is included as an attribute value, 1 point when a Japanese character string is included as an attribute value, and the Japanese character string is a long sentence (greater than a predetermined length). Will add 3 points to the current score, or 5 if an attached file is included. In this way, each time such a condition is detected from the request analysis result, the accumulated score for the request analysis result can be obtained as an evaluation value by adding it to the current score (initially 0 point). In other words, this evaluation value indicates “the probability of an HTTP request related to transmission of web mail”, and the higher the value, the higher the probability of an HTTP request related to transmission of web mail.

  The evaluation value obtained in this way is recorded in the session information. That is, when there are a plurality of request analysis results having the same session identifier, the evaluation value of each request analysis result is added to the current score of the evaluation value recorded in this session information. This is because the attribute name evaluated in the same HTTP session is divided into a plurality of HTTP requests (for example, a text and an attached file), or is transmitted in a single HTTP request (for example, the text). & Attachments), so that the evaluation values are the same.

  Next, in step S2208, it is determined whether or not a session identifier that exceeds a predetermined period range exists in the session list. Here, the “predetermined period range” will be described.

  The period t and the number of requests n are set in advance on the relay server 110 side, and the session information is stored in the session list only for the period t after being registered in the session list (not left). This is because the session information should not be retained for a long time, and therefore it is not necessary to retain a large amount. That is, when this period t is exceeded, the relay server 110 deletes this session information from the session list. Note that the time t does not represent a period in real time, but represents a period in the recording time of the log to be analyzed. For example, if the period t is 1 hour, the actual processing time is not saved for 1 hour, but the request analysis result up to the time information after 1 hour is based on the time information of the request analysis result of the newly registered session information. Means to save.

  In the session list, only the number n of request analysis results per session information is registered (not left). This is due to the fact that a large number of requests to the webmail service do not have to be generated in a short time, and therefore it is not necessary to keep a large amount. Accordingly, when the period t and the number of requests n are out of either range, it is determined that the period range of the session list has been exceeded.

  Unless the period range of the session list is exceeded, the unknown web mail service is not presented in the automatic presentation registration process.

  Therefore, if the condition that the session information exceeds the period t exists or the number of request analysis results held by the session information at this time is greater than n, the process proceeds to step S2209. . On the other hand, if this condition is not satisfied, it is determined that “no detection”, and the process according to the flowchart shown in FIG. 22 is terminated. The session list is not abandoned and is stored in the RAM 202, HDD 204, or the like.

  In step S2209, session information that satisfies the above-described conditions is deleted from the session list. In this process, although the session information is deleted from the session list, the session information itself is not deleted from the memory such as the RAM 202.

  Next, in step S2210, it is determined whether or not the evaluation value of the session information deleted from the session list exceeds a predetermined threshold value. If the threshold value is exceeded as a result of such determination, it is determined that “detection is present”, and the processing according to the flowchart shown in FIG. 22 is terminated. The session list is not abandoned and is stored in the RAM 202, HDD 204, or the like.

  On the other hand, if the threshold value is not exceeded, it is determined that “no detection”, and the process according to the flowchart shown in FIG. 22 is terminated. The session list is not abandoned and is stored in the RAM 202, HDD 204, or the like.

  Returning to FIG. 6, when it is determined in step S612 that “no detection”, the process returns to step S612 via step S613. On the other hand, if it is determined that “detected” in step S612, the process proceeds to step S611 via step S613. The relay server 110 notifies the manager terminal device 120 of the determination result in step S612.

  In step S611, the administrator terminal device 120 displays, for example, the screen 1700 illustrated in FIG. 17 via the management browser 701, as in the semi-automatic extraction registration. In this screen 1700, a request analysis result included in the session information deleted from the session list is displayed.

  This is the end of the explanation of automatic presentation registration. However, if the result of automatic presentation registration is unclear, the operator of the manager terminal device 120 further extracts semi-automatically based on the information displayed in step S611. The registration process can be instructed. Thereby, the information (attribute name information) related to the web mail service can be registered in the DB 111 more accurately.

  As described above, according to the present embodiment, it becomes easy to make settings equivalent to those of the conventional e-mail transmission control system using the SMTP protocol for the web mail service using the HTTP protocol. In addition, a new web mail service can be automatically detected from the log, and efficient transmission control can be performed.

  The configuration of data and table information, the configuration of the apparatus and the system used in the above description is an example, and those skilled in the art can appropriately perform the processing if the processing equivalent to the above processing can be realized. It may be deformed.

  Here, the web mail transmission control process performed by the relay server 110 using the table information 300, the table information 400, and the table information 500 created by the above process will be briefly described.

  As described above, the web mail regulation rules are registered in the DB 111. The webmail restriction rules include, for example, a condition that a specific address is set to TO, a specific address is set to CC, a specific keyword exists in the mail subject or text, and the condition The processing that is performed when it is matched, such as permitting (relaying) / rejecting (interrupting) webmail transmission, following the judgment of the administrator of the webmail sender (suspending), etc. is registered. Yes. When a webmail with an attached file is sent to a specific address, or when an email that is going to be sent to an address with multiple domains is sent, the destination above the threshold is TO Of course, it is also possible to set a web mail regulation rule on condition that it is set to CC.

  Then, when the relay server 110 acquires the HTTP request transmitted from the client terminal device 100 to the wide area network 140, is the transmission destination URL set in the URL 404 of the table information 400 in FIG. Judging. If the request is an HTTP request for the URL set in the URL 404 of the table information 400, the HTTP request is defined as various attribute name information (defined in the transmission data information 412 of the record of the URL in the table information 400). The HTTP request is analyzed using FROM 405, TO406, etc., and various information (attribute value information) set as the FROM, TO, etc. of the web mail is acquired.

  Then, by applying various acquired information (attribute value information) to the web mail regulation rule, transmission control of web mail is performed. When the URL that is the transmission destination of the acquired HTTP request is not set in the URL 404 of the table information 400, the web mail restriction rule is not applied. However, when there is another transmission control rule, a transmission control process to which the transmission control rule is applied is performed.

<Other embodiments>
Although the embodiment has been described above, the same can be applied to a system, an apparatus, a method, a program, a recording medium, or the like. Specifically, the relay server and the client terminal device may be applied to a system composed of a plurality of devices or a system composed of a single device.

  Further, it goes without saying that the same thing as that of the present embodiment can be applied to the case where it is achieved by supplying a program to a system or apparatus. In this case, by reading a recording medium storing a program represented by software for achieving the same object as that of the present embodiment, the system or apparatus receives the same effect. Is possible.

  Furthermore, by downloading and reading software for achieving the same object as that of the present embodiment from a server, database, etc. on a network using a communication program, the system or apparatus can enjoy the same effect. Become.

  In addition, the structure which combined embodiment mentioned above and its modification is also contained in the invention described in the claim.

It is a block diagram which shows the structural example of the system which can apply the information processing apparatus which concerns on embodiment of this invention. 3 is a block diagram illustrating a hardware configuration example of a relay server 110. FIG. It is a figure which shows the structural example of the table information. It is a figure which shows the structural example of the table information. It is a figure which shows the structural example of the table information. It is a flowchart regarding the registration process which shows the process of semi-automatic extraction registration, and the process of automatic presentation registration. It is a figure which shows the structure of a system when a normal mode is set to the relay server 110. FIG. It is a figure which shows the structure of a system in case the mode (detection mode) for creating table information is set to the relay server 110. FIG. It is a figure which shows the operation | movement of the semiautomatic extraction registration between the apparatuses which comprise the system which concerns on embodiment of this invention. 6 is a diagram illustrating a display example of a service addition screen 900. FIG. It is a figure which shows the example of a display of the screen used in order to newly add the information about a webmail service to the table information 300,400,500. It is a figure which shows the example of a display of the screen used in order to newly add the information about a webmail service to the table information 300,400,500. It is a detailed flowchart of the semi-automatic extraction registration implemented by the relay server 110 and the detection proxy 712 in parallel with the process from starting (step S606) of the said browsing browser 711 to completion | finish (step S610). It is a flowchart which shows the detail of the process in step S1202. 12 is a flowchart showing details of processing in step S1205 in the detection proxy 712. It is a flowchart which shows the detail of the process in step S1208. It is a flowchart which shows the detail of the process in step S1210. It is a figure which shows the example of a display of the screen 1700 which displays a list of the HTTP request analysis results. It is a figure which shows the example of a display of the screen 1800 which displayed the list of the HTTP request analysis result at the time of transmitting only an attached file. It is a figure which shows the example of a display of the screen 1900 for confirming registration information. It is a figure which shows the example of a display of the screen 2000 which displayed the information for every webmail service as a list. It is a figure which shows the transition diagram of various screens. It is a flowchart which shows the detail of the process in step S612. It is a figure which shows the structural example of an HTTP request. It is a figure which shows the structural example of the HTTP request at the time of attaching an attachment file to a webmail.

Claims (12)

An information processing device that relays data communication between a terminal device and a webmail server that presents a homepage for providing a webmail service in a viewable manner,
Transmitting means for transmitting a plurality of setting information to be set for transmitting webmail to the terminal device;
After the terminal device accesses the web mail server via the information processing device to browse the home page, the terminal device sets the plurality of setting information and transmits to the web mail server. Receiving means for receiving source information of the received webmail from the terminal device;
Analyzing means for analyzing the source information, and for each of the plurality of setting information, obtaining attribute name information described in the source information as an attribute name;
An information processing apparatus comprising: registration means for registering the attribute name information in a memory.   The information processing apparatus according to claim 1, wherein the setting information includes a subject, a transmission source, a transmission destination, a text, and an attached file of a web mail.   The information according to claim 2, wherein the analysis unit performs a process of acquiring, as attribute name information, a character string described in the source information in a pair with the setting information, for each setting information. Processing equipment. Furthermore,
4. The information processing apparatus according to claim 2, further comprising means for displaying for each setting information whether or not the analysis means has acquired the attribute name information. Furthermore,
5. The information processing apparatus according to claim 2, further comprising means for displaying corresponding attribute name information for each setting information. When the receiving means receives a plurality of source information,
The analysis means performs an analysis process for each source information, and acquires a session identifier indicating whether each source information constitutes one mail or separate mail,
The information processing apparatus according to claim 1, wherein the registration unit further registers the session identifier in the memory. Furthermore,
The transmission means, the reception means, the analysis means, and the registration means operate when a mode for analyzing web mail from the outside is set. The information processing apparatus according to item. Furthermore,
Means for registering the source information as a log each time the source information is transmitted from the terminal device when a mode for analyzing webmail from outside is not set;
Among the source information registered as the log, for source information including components related to webmail, means for obtaining an evaluation value indicating the probability of the source information related to transmission of webmail;
Means for identifying source information that cannot be left as a log, and when the evaluation value of the identified source information exceeds a threshold value, means for displaying a result of analysis by the analyzing means for the identified source information. The information processing apparatus according to claim 1, wherein the information processing apparatus is an information processing apparatus.   The information processing apparatus according to claim 1, wherein the source information is HTTP request data. An information processing method performed by an information processing device that relays data communication between a terminal device and a webmail server that presents a webpage for providing webmail service in a viewable manner,
A transmission step of transmitting a plurality of setting information to be set in order to transmit webmail to the terminal device;
After the terminal device accesses the web mail server via the information processing device to browse the home page, the terminal device sets the plurality of setting information and transmits to the web mail server. Receiving the received webmail source information from the terminal device;
Analyzing the source information, and for each of the plurality of setting information, obtaining an attribute name information described in the source information as an attribute name;
And a registration step of registering the attribute name information in a memory.   The computer program for functioning a computer as each means which the information processing apparatus of any one of Claims 1 thru | or 9 has.   A computer-readable storage medium storing the computer program according to claim 11.

Images