JP2011217268A - Mail server, mail communication system, and mail transmitting/receiving method - Google Patents

Abstract

PROBLEM TO BE SOLVED: To implement encryption communication of mail between two bases without performing any particular preparation or the like in a sender terminal and a recipient terminal.SOLUTION: A mail server, which receives mail from a user terminal and transmits the mail to a receiving-side mail server, includes: a means for determining whether to encrypt the mail received from the user terminal by confirming whether destination information of that mail is stored in an encryption target destination information storage unit; a means for acquiring, from an encryption key storage unit, encryption key corresponding to the destination information and using the encryption key to encrypt text of the mail when it is determined to encrypt the mail; and a means for adding a secure mail header containing decryption processing server identification information indicative of a mail server which performs decryption processing to a header portion of the mail.

Description

  The present invention relates to a technique for securely sending and receiving mail between two sites via the Internet.

  As a conventional technique for securely transmitting and receiving mail, there is an encryption method based on S / MIME (Secure Multipurpose Internet Mail Extensions (IETF RFC 2633)) (Non-Patent Document 1). A procedure for mail transmission / reception by this method will be described with reference to FIG.

  First, as a preliminary preparation, the receiver terminal at the base B obtains and holds a certificate (public key, private key) from the certificate issuing server (preliminary 1). Also, the certificate public key is acquired from the certificate issuing server or the receiver at the sender terminal at the site A (preliminary 2).

  In the actual mail transmission / reception stage, the sender terminal encrypts the mail using the public key (step 1), and transmits the encrypted mail. The encrypted mail is delivered to the recipient terminal in the same manner as normal mail transfer (step 2). Thereafter, the recipient terminal decrypts the mail using the stored secret key (step 3).

IETF RFC2633 (S / MIME (Secure Multipurpose Internet Mail Extensions))

  By the way, in many companies, it is common for security to be maintained in a base (corporate building, etc.) that is a unit in which a mail server is installed, and between bases in a company having multiple bases. In many cases, it is sufficient to send and receive emails securely between two sites (between the email servers at the sites) instead of end-end.

  When the purpose is to exchange emails securely between the two bases, the conventional method has an overspec aspect, and mainly has the following three problems.

  (1) As described with reference to FIG. 1, preparations other than mail transmission / reception are required, and a certificate is not acquired on the mail recipient side, or the recipient's public key is transmitted If the user did not hold it, the encrypted email could not be sent or received. That is, it is impossible to encrypt mail exchanged between arbitrary users between the two sites.

  (2) In addition, it is necessary to prepare a mail client corresponding to both the sender and the receiver, and there is a possibility that the mail client may not be supported depending on the mail client environment.

  (3) Furthermore, when mail is distributed to a plurality of destinations, it is necessary for the sender to make the above-mentioned preparation for each address of each destination. Further, in order to perform encrypted delivery to a large number of destinations using a mailing list, for example, as shown in FIG. 2, special processing on the mail server side is required.

  In other words, in the case of a method such as a mailing list where the destination address of the email sent by the sender does not match the actual recipient, the sender cannot know the final recipient, so the destination address (group1 @ in the example of FIG. 2) A public key (g)) corresponding to example.com) is prepared, and a mail to be transmitted is encrypted using the public key (g) (step 11 in FIG. 2).

  On the other hand, in the ML server corresponding to the destination address of the mailing list, as advance preparation, a certificate for the mailing list (private key (g), public key (g)) is acquired, and the public key (1- 3) is obtained, and each recipient (1-3) needs to obtain a certificate as advance preparation. Then, in the ML server that receives the mail transmitted from the sender terminal, the mail is once decrypted, and the mail re-encrypted using the public key is transmitted for each recipient (step 12 in FIG. 2).

  The present invention has been made in view of the above points, solves the above-described problems, and does not require special advance preparation or the like in the sender terminal and the receiver terminal. It aims at providing the technique for implement | achieving encrypted communication of mail.

  In order to solve the above problems, the present invention is a mail server that receives mail from a user terminal and transmits the mail to a receiving mail server, which stores destination information of mail to be encrypted. Encryption target destination information storage means, encryption key storage means for storing an encryption key for each destination information, and whether the destination information of the mail received from the user terminal is stored in the encryption target destination information storage means Confirming whether or not the mail is to be encrypted, and an encryption processing determination means, and when the encryption processing determination means determines that the mail is to be encrypted, the destination An encryption key corresponding to information is obtained from the encryption key storage means, and the mail processing body encrypts the mail body using the encryption key, and the encryption process determination means includes the mail. Header processing means for adding a secure mail header including decryption processing server identification information indicating a mail server that performs decryption processing to the header portion of the mail when it is determined to encrypt the mail. It is configured as a mail server characterized by

  Further, the present invention is a mail server that receives a mail from a sending mail server and delivers the mail to a user terminal, and when the text of the mail received from the sending mail server is encrypted, A secure mail header including decryption processing server identification information indicating a mail server that performs decryption processing is added to the header portion of the mail, and the secure mail header is included in the header portion of the mail, Header confirmation means for determining whether or not to perform decryption processing on the mail by confirming whether or not the decryption processing server identification information in the mail header is information indicating the mail server; and the header Decryption corresponding to the encryption key used for encrypting the mail when the confirmation means determines that decryption is to be performed. Was used to decrypt the body of the mail, it is also possible to configure a mail subjected to decoding as a mail server, characterized in that it comprises a decoding means for storing the mail storage means.

  Further, the present invention receives a mail from a transmission-side user terminal, transmits the mail to a reception-side mail server, receives a mail from the transmission-side mail server, and receives the mail from the reception-side user terminal. A mail communication system comprising: a receiving mail server that distributes to the transmitting mail server, wherein the transmitting mail server includes a destination information storage means for storing destination information of mail to be encrypted, and a destination information for each destination information. By confirming whether the encryption key storage means storing the encryption key and the destination information of the mail received from the transmission-side user terminal are stored in the encryption target destination information storage means, An encryption process determination unit that determines whether or not to encrypt, and the destination information when the encryption process determination unit determines that the mail is to be encrypted. Is obtained from the encryption key storage means, and the mail is encrypted by the encryption processing means for encrypting the body of the mail using the encryption key and the encryption processing determination means. Header processing means for adding a secure mail header including decryption processing server identification information indicating a mail server that performs decryption processing to the header portion of the mail, Whether the header of the mail received from the sender mail server includes the secure mail header, and whether the decryption server identification information in the secure mail header is information indicating the mail server. By confirming the header confirmation means for determining whether or not to perform the decryption processing on the mail, and the header confirmation means, When it is determined that encoding is performed, the body of the mail is decrypted using a decryption key corresponding to the encryption key used for encrypting the mail, and the decrypted mail is stored in the mail storage means. And a decrypting means for storing the mail communication system.

  According to the present invention, the above three problems are solved, and the encrypted communication of the mail between the two sites is realized without requiring any special advance preparation in the sender terminal and the receiver terminal. It becomes possible to do.

It is a figure for demonstrating the mail transmission / reception procedure in a prior art. It is a figure for demonstrating the subject in the case of using a mailing list in a prior art. 1 is an overall configuration diagram of a mail communication system according to an embodiment of the present invention. 3 is a functional configuration diagram of a mail server 10 at a base A. FIG. 4 is a diagram illustrating an example of information stored in a public key storage unit 16. FIG. 3 is a functional configuration diagram of a mail server 20 at a base B. FIG. 4 is a flowchart for explaining the operation of the mail server 10. It is a figure which shows the example of the mail structure transmitted from a user terminal. It is a figure which shows the example of the mail structure between mail servers. 4 is a flowchart for explaining the operation of the mail server 20.

  Embodiments of the present invention will be described below with reference to the drawings.

(System configuration)
FIG. 3 shows an overall configuration diagram of the mail communication system according to the embodiment of the present invention. As shown in FIG. 3, the mail communication system of the present embodiment includes a mail server 10 on the transmission side and a mail server 20 on the reception side, which are communicably connected via a communication network (such as the Internet). ing.

  In the example of FIG. 3, a mail server 10 is installed at a site A, and a user terminal 1 which is a PC having mail client software is connected to the mail server 10 via a communication network (LAN or the like). The mail server 20 is installed at the site B, and a user terminal 2 which is a PC having mail client software is connected to the mail server 20 via a communication network (LAN or the like).

  The mail server 10 and the mail server 20 have the same configuration, and both the mail servers have a mail transmission / reception function. However, for convenience of explanation in the present embodiment, the mail server 10 is assumed to be a transmission side, The functions and operations relating to (transmission to a mail server) will be described, and the functions and operations relating to reception (reception from other mail servers) will be described assuming that the mail server 20 is the receiving side. However, it is of course possible to provide a mail server having only a transmission side function or a mail server having only a reception side function.

<Configuration of Sending Mail Server 10>
FIG. 4 shows a functional configuration diagram of the mail server 10. FIG. 4 shows functions related to mail transmission (transmission to another mail server) in the mail server 10.

  As shown in FIG. 4, the mail server 10 includes a mail communication unit 11, an encryption processing determination unit 12, an encryption processing unit 13, a header processing unit 14, an encryption target destination information storage unit 15, and a public key storage unit 16. Have The details of the processing of each functional unit will be described in the explanation of the operation described later, and an outline of each functional unit will be described below.

  The mail communication unit 11 has a function of receiving mail via a communication network and passing it to a functional unit within the server, and a function of sending mail within the server via the communication network. The encryption process determination unit 2 has a function of determining whether or not the encryption process of the mail is necessary by confirming the destination of the mail received from the user terminal 1.

  The encryption processing unit 13 has a function of performing encryption processing on the mail that is determined to be encrypted by the encryption processing determination unit 12. The header processing unit 14 has a function of performing processing such as adding a mail header.

  The encryption target destination information storage unit 15 is referred to by the encryption processing determination unit 12 and stores destination information to be encrypted. In this embodiment, a destination domain (a character string after the @ of the mail address) is stored as destination information. The mail addressed to the destination having the destination domain stored in the encryption target destination information storage unit 15 is determined to be the encryption target. This destination information is registered in advance in the encryption target destination information storage unit 15 by a system administrator or the like.

  The public key storage unit 16 stores a public key for each destination information. FIG. 5 shows an example of information stored in the public key storage unit 16. As shown in FIG. 5, in this embodiment, the public key storage unit 16 stores a public key for each destination domain. The information stored in the public key storage unit 16 is also prepared in advance by the system administrator or the like, but since the public key to be prepared is not for each user but for each destination domain, The number is very small compared to the number of users.

<Configuration of Receiving Mail Server 20>
FIG. 6 shows a functional configuration diagram of the mail server 20. FIG. 6 shows functions related to mail reception (reception from other mail servers) in the mail server 20.

  As shown in FIG. 6, the mail server 20 includes a mail communication unit 21, a header confirmation unit 22, a decryption unit 23, a mail acquisition unit 24, a mail reception processing unit 25, a secret key storage unit 26, and a mail storage unit 27. Have. The details of the processing of each functional unit will be described in the explanation of the operation described later, and an outline of each functional unit will be described below.

  The mail communication unit 21 has a function of receiving mail via a communication network and passing it to a function unit within the server, and a function of sending mail within the server via the communication network. The header confirmation unit 22 has a function of confirming a header part in a mail received from another mail server and determining the presence / absence of a predetermined header, necessity of decryption processing, and the like.

  In addition, the decryption unit 23 performs decryption processing on the mail that is determined to require decryption processing by the header confirmation unit 22 by using its own private key stored in the private key storage unit 26. It has a function. The mail reception processing unit 25 has a function of performing normal mail reception processing on mail that does not need to be decrypted, and storing the mail in the mail storage unit 27.

  The mail acquisition unit 24 has a function of acquiring mail stored in the mail storage unit 27 according to a general protocol for acquiring mail from the user terminal 2 and distributing it to the user terminal 2. The private key storage unit 26 stores the private key of the mail server 20, and the mail storage unit 27 stores mail to be provided to the user terminal 2. Note that the secret key stored in the secret key storage unit 26 is prepared in advance by a system administrator or the like.

  Each of the mail server 10 and the mail server 20 can be realized by mounting a program for performing processing corresponding to each functional unit on a general computer including a storage unit such as a memory and a hard disk and a CPU. The program may be installed in the computer from a recording medium such as a portable memory or a disk, or may be downloaded from a server on a network to the computer and installed.

(System operation)
Next, the operation of the mail communication system in the present embodiment will be described.

<Operation of Mail Server 10 on Sending Side>
First, the operation of the mail server 10 on the transmission side will be described with reference to the flowchart of FIG.

  A plain text mail is transmitted from the user terminal 1 at the site A in the same manner as a normal mail transmission, and the mail server 10 receives the mail (step 101). FIG. 8 shows an example of the mail configuration here, that is, the mail configuration in the section α in FIG. As shown in FIG. 8, this mail includes a header including a source address and a destination address, and a plain text.

  In step 102 of FIG. 7, the encryption processing determination unit 12 in the mail server 10 extracts a destination domain in the destination address included in the acquired mail header, and the destination domain is the encryption target destination information storage unit 15. It is determined whether or not the destination domain is an encryption target domain.

  When the destination domain is not stored in the encryption target destination information storage unit 15 (No in step 102), the encryption processing determination unit 12 does not perform the following procedure, and performs the same as in normal mail transmission. Is transmitted (step 103).

  When the destination domain is stored in the encryption target destination information storage unit 15 (Yes in step 102), the mail processing is passed to the encryption processing unit 13, and the encryption processing unit 13 performs the encryption processing. (Step 104). Here, the encryption processing unit 13 acquires the public key corresponding to the destination domain of the mail from the public key storage unit 16, and encrypts the body of the mail (including attached files) using the public key. .

  Further, the header processing unit 14 performs header processing such as header addition necessary according to a normal S / MIME procedure, and indicates that encryption / decryption processing is performed between mail servers. A header (in this example, a header starting with X-SecureMail) is added to the mail (step 105). This header can be referred to as a secure mail header.

  Then, a mail including the text encrypted as described above and the added secure mail header is transmitted to the mail server 20 via the mail communication unit 11 (step 106).

  FIG. 9 shows an example of the mail structure of mail sent to the mail server 20, that is, the mail structure of mail in the section β in FIG. As shown in FIG. 9, the mail includes a header and an encrypted text. The header includes a secure mail header in addition to the header given by normal S / MIME processing.

  In this example, the secure mail header includes X-SecureMail-Source header information indicating the source (source) server that performed encryption, and X-SecureMail-Target indicating the destination (target) server that performs decryption. Header information. In the example shown in FIG. 9, an X-Secure-Mail-Key header is included. Using the information in the X-Secure-Mail-Key header, the destination mail server can authenticate the sender mail server.

<Operation of Mail Server 20 on Receiving Side>
Next, the operation of the mail server 20 on the receiving side will be described with reference to the flowchart of FIG.

  The mail server 20 at the site B receives the mail having the configuration shown in FIG. 9 from the mail server 10 at the site A (step 201). In the mail server 20 that has received the mail, the header confirmation unit 22 refers to the header part of the mail and determines whether or not a secure mail header is added to the mail (specifically, whether or not there is X-SecureMail). ) Is determined (step 202). When the secure mail header is not added, the mail is transferred to the mail reception processing unit 25, and the mail is stored in the mail storage unit 27 by performing normal mail reception processing (steps 203 and 207).

  If it is determined in step 202 in FIG. 10 that a secure mail header has been added, the process proceeds to step 204 where the header confirmation unit 22 itself (mail server 20) is described in the X-SecureMail-Target header. By determining whether or not the corresponding server name (svr2.example2.com) corresponds, it is determined whether or not the mail is a mail to be decrypted (step 204). The server name of the mail server 20 is stored in storage means such as a memory, and the header confirmation unit 22 compares the stored information with the information in the X-SecureMail-Target header.

  If it is determined in step 204 that the mail server 20 itself does not correspond to the server name (svr2.example2.com) described in the X-SecureMail-Target header, the mail is not subject to decryption. For example, the mail is transferred to the server described in the X-SecureMail-Target header (step 205).

  If it is determined in step 204 that the mail server 20 itself corresponds to the server name (svr2.example2.com) described in the X-SecureMail-Target header, the mail is a decryption target. Is passed to the decryption unit 23.

  Then, the decryption unit 23 decrypts the mail text using its own private key stored in the private key storage unit 26 (step 206). The decryption process itself can use the normal S / MIME method.

  The decrypted mail is stored in the mail storage unit 27 by the decryption unit 23 (step 207). As a result, based on a request from the user terminal 2 at the site B, a plain text mail is delivered to the user terminal 2 by the mail acquisition unit 24. This mail is the mail in the section γ in FIG. 3, and has the same configuration as that shown in FIG.

(Summary of the embodiment, effects)
By using the technology of the present embodiment described above, it becomes possible to encrypt all mail exchanged between any two users through any user, and encrypt the mail text such as the text and attached files, and secure transmission / reception Can be realized.

  In addition, when it is necessary to build different security policies and different networks between group companies, etc., when sending and receiving emails more securely, the change of the operating rules to both network environments must be minimized, and Security can be improved.

  Furthermore, the sender and receiver do not need to acquire certificates or perform encryption / decryption processing in the mail client, so there is no need for individual processing for each user who operates the client, and prior certificate exchange work Is unnecessary, the work required by the client at the time of transmission and reception is reduced, and the convenience for the user is improved. In addition, since all mail between the two sites is encrypted / decrypted using the public / private key through the mail server, even if a special address such as a mailing list is used, In addition, special processing such as preparing key information of all destination users is unnecessary.

  The present invention is not limited to the above-described embodiments, and various modifications and applications are possible within the scope of the claims.

1, 2 User terminals 10 and 20 Mail server 11 Mail communication unit 12 Encryption processing determination unit 13 Encryption processing unit 14 Header processing unit 15 Encryption target destination information storage unit 16 Public key storage unit 21 Mail communication unit 22 Header confirmation unit 23 Decryption unit 24 Mail acquisition unit 25 Mail reception processing unit 26 Private key storage unit 27 Mail storage unit

Claims (10)

A mail server that receives mail from a user terminal and sends the mail to a receiving mail server,
Encryption destination information storage means for storing destination information of mail to be encrypted,
An encryption key storage means for storing an encryption key for each destination information;
Encryption processing determination means for determining whether to encrypt the mail by confirming whether the destination information of the mail received from the user terminal is stored in the encryption target address information storage means When,
When it is determined by the encryption processing determination means that the mail is to be encrypted, an encryption key corresponding to the destination information is obtained from the encryption key storage means, and the body of the mail is obtained using the encryption key Encryption processing means for encrypting,
When it is determined by the encryption processing determination means that the mail is to be encrypted, a secure mail header including decryption processing server identification information indicating a mail server that performs the decryption processing is included in the header portion of the mail. A mail server comprising a header processing means for adding.   The mail server according to claim 1, wherein the destination information is a destination domain. A mail server that receives mail from a sending mail server and delivers the mail to a user terminal,
When the body of the mail received from the sender mail server is encrypted, a secure mail header including decryption processing server identification information indicating the mail server that performs the decryption processing is added to the header portion of the mail. And
The header part of the mail includes the secure mail header, and by confirming whether or not the decryption server identification information in the secure mail header is information indicating the own mail server, the decryption for the mail is performed. Header confirmation means for determining whether or not to perform the digitization process;
When it is determined by the header confirmation unit that decryption is to be performed, the body of the mail is decrypted using the decryption key corresponding to the encryption key used for encrypting the mail, and decrypted. A mail server comprising: decryption means for storing mail in the mail storage means.   4. The mail server according to claim 1, wherein the encryption key is a public key. A receiving mail that receives mail from the sending user terminal, sends the mail to the receiving mail server, and a receiving mail that receives the mail from the sending mail server and delivers the mail to the receiving user terminal A mail communication system comprising a server,
The sender mail server is
Encryption destination information storage means for storing destination information of mail to be encrypted,
An encryption key storage means for storing an encryption key for each destination information;
Encryption for determining whether or not to encrypt the mail by confirming whether or not the destination information of the mail received from the transmission-side user terminal is stored in the encryption target destination information storage means Processing determination means;
When it is determined by the encryption processing determination means that the mail is to be encrypted, an encryption key corresponding to the destination information is obtained from the encryption key storage means, and the body of the mail is obtained using the encryption key Encryption processing means for encrypting,
When it is determined by the encryption processing determination means that the mail is to be encrypted, a secure mail header including decryption processing server identification information indicating a mail server that performs the decryption processing is included in the header portion of the mail. Adding header processing means,
The receiving mail server is
Check whether the secure mail header is included in the header portion of the mail received from the sender mail server, and whether the decryption server identification information in the secure mail header is information indicating the mail server. A header check means for determining whether to perform a decryption process on the mail;
When it is determined by the header confirmation unit that decryption is to be performed, the body of the mail is decrypted using the decryption key corresponding to the encryption key used for encrypting the mail, and decrypted. A mail communication system comprising: decryption means for storing mail in the mail storage means.   The mail communication system according to claim 5, wherein the destination information is a destination domain.   The mail communication system according to claim 5 or 6, wherein the encryption key is a public key. A receiving mail that receives mail from the sending user terminal, sends the mail to the receiving mail server, and a receiving mail that receives the mail from the sending mail server and delivers the mail to the receiving user terminal A mail transmission / reception method executed by a mail communication system including a server,
The sender mail server includes encryption destination information storage means for storing destination information of mail to be encrypted, and encryption key storage means for storing an encryption key for each destination information,
Whether the sending mail server encrypts the mail by checking whether the destination information of the mail received from the sending user terminal is stored in the encryption target destination information storage means An encryption processing determination step for determining whether or not,
When it is determined by the encryption processing determination step that the mail is to be encrypted, the transmitting mail server acquires an encryption key corresponding to the destination information from the encryption key storage unit, and the encryption key An encryption processing step for encrypting the body of the email using
When it is determined by the encryption process determination step that the mail is encrypted, the sender mail server indicates a mail server that performs a decryption process in the header part of the mail. A header processing step for adding a secure mail header including information;
The receiving mail server includes the secure mail header in the header part of the mail received from the transmitting mail server, and the decryption processing server identification information in the secure mail header is information indicating the mail server. A header confirmation step for determining whether to perform a decryption process on the mail by confirming whether or not there is;
When the receiving mail server determines that the header confirmation step performs decryption, the mail body is decrypted using a decryption key corresponding to the encryption key used for encrypting the mail. A decryption step of storing the decrypted mail in the mail storage means,
An e-mail transmission / reception method comprising:   The mail transmission / reception method according to claim 8, wherein the destination information is a destination domain. The mail transmission / reception method according to claim 8 or 9, wherein the encryption key is a public key.

Images