JP2013140553A - Information processing apparatus, information processing method, and program - Google Patents

Abstract

PROBLEM TO BE SOLVED: To achieve proper transmission control considering the content of an attached file which is encrypted, to reduce the risk of information leakage.SOLUTION: If a password is applied to a file attached to a received electronic mail (namely, the file is encrypted), a mail in which a password for viewing the file is described is extracted, the password is used to decode the file, for application of rules of transmission control. An electronic mail to be transmitted actually is one with an attached file having a password.

Description

  The present invention relates to an e-mail transmission control process.

  In recent years, electronic mail has been widely used as means for transmitting and receiving information. In order to reduce the risk of information leakage, companies, etc., take measures such as prohibiting the sending of e-mail outside the company, depending on the content and destination of the e-mail, when sending e-mail outside the company. Need came out.

  Therefore, in order to prevent erroneous transmission of e-mail and intentional information leakage, companies and the like may provide a server device for controlling transmission of e-mail data. In the server device, by combining items such as e-mail destinations and combinations thereof, the number of recipients, keywords included in the subject and body of the e-mail, contents of attached files, etc. A rule for performing e-mail relay control is set, and e-mail transmission control is performed according to the rule.

  For example, Patent Document 1 discloses an invention related to e-mail transmission control using domain information of e-mail, and Patent Document 2 discloses a technique for performing e-mail transmission control based on organization information in a company. Yes.

JP 2007-102334 A JP 2010-171523 A

  Some e-mail servers and e-mail clients send an e-mail with the attached file protected (encrypted) with a password. Since the content of such an encrypted attached file cannot be read, appropriate transmission control in consideration of the content of the attached file cannot be performed.

  Therefore, an object of the present invention is to provide a mechanism for realizing appropriate transmission control in consideration of the contents of an encrypted attached file.

  The present invention is an information processing apparatus that performs transmission control of an electronic mail, and includes a storage unit that stores a transmission control rule used for the transmission control of the electronic mail, an acquisition unit that acquires the electronic mail, and the acquisition unit. Search for e-mail storage means for storing the acquired e-mail and e-mails with passwords for releasing protection of files attached to e-mails from e-mail stored in the e-mail storage means The storage means for canceling protection of the file using the password described in the e-mail searched by the search means, and the attachment file released by the release means. A rule applying means for applying the stored transmission control rule; and an electronic control based on the rule applied by the rule applying means. Characterized in that it comprises a transmission control means for controlling transmission of Lumpur, the.

  The present invention also relates to an information processing method in an information processing apparatus that stores transmission control rules used for e-mail transmission control and an e-mail acquired by an acquisition unit, and performs e-mail transmission control. An acquisition step in which the acquisition unit of the processing device acquires the electronic mail, and an electronic device in which the search unit of the information processing device describes a password for releasing protection of the file attached to the electronic mail from the electronic mail A search step for searching for mail, a release step for releasing the protection of the file using a password described in the email searched by the search step, and a processing unit for releasing the information processing device, and the information processing device The rule applying means applies the stored transmission control rule to the attached file released by the releasing step. When the transmission control unit of the information processing apparatus, based on the rule application step by the application rule, and a transmission control step of controlling the transmission of electronic mail, comprising: a.

  Further, the present invention is a program executable in an information processing apparatus for storing a transmission control rule used for e-mail transmission control and an e-mail acquired by an acquisition unit and performing e-mail transmission control, An information processing apparatus is configured to obtain an e-mail in which a password for releasing protection of a file attached to an e-mail is described from an e-mail stored in the e-mail storage unit and an acquisition unit that acquires the e-mail Search means for searching, release means for releasing protection of the file using a password described in the e-mail searched by the search means, and the storage means for the attached file released by the release means Based on the rule applied by the rule applying means, the rule applying means for applying the transmission control rule stored in Characterized in that to function as a transmission control means for controlling the transmission of e-mail.

  According to the present invention, it is possible to realize appropriate transmission control in consideration of the contents of an encrypted attached file.

It is a figure which shows an example of the system configuration | structure of the information processing system of this invention. It is a figure which shows an example of the hardware constitutions of the information processing apparatus applicable to the proxy server 101 of FIG. 3 is a flowchart illustrating an outline of processing performed by a CPU 201 of a proxy server 101. It is a flowchart which shows the detail of the relay control mail preservation | save process of step S302 of FIG. 3 in 1st Embodiment. It is a flowchart which shows the detail of the mail data relay control process of FIG.3 S304 in 1st Embodiment. It is a flowchart which shows the detail of the pending | holding mail audit process of step S306 of FIG. 3 is a diagram illustrating an example of a data configuration of an electronic mail DB (database) stored in an external memory 211 of the proxy server 101. FIG. 4 is a diagram illustrating an example of a data configuration of a pending email list stored in an external memory 211 of the proxy server 101. FIG. 3 is a diagram illustrating an example of a data configuration of a mail relay control rule DB (database) stored in an external memory 211 of the proxy server 101. FIG. It is a figure which shows an example of the pending | holding electronic mail list display screen. FIG. 11 is a diagram showing an example of a pending email detail confirmation screen 1100. The flowchart which shows the detail of the mail data relay control processing in 2nd Embodiment Flowchart showing an example of a password description mail transmission request process

  Hereinafter, an example of an embodiment of the present invention will be described with reference to the drawings. FIG. 1 is a diagram showing an example of a system configuration diagram of an information processing system according to the present invention. As shown in FIG. 1, the information system of the present invention includes a proxy server 101, a mail server 102, and client devices 103-1 to 103-3 (hereinafter collectively referred to as the client device 103). In addition, the above devices are connected to each other via a LAN (Local Area Network) 104 so that they can communicate with each other.

  Further, the mail server 102 and the client device 103 are connected to the external mail servers 106-1 and 106-2 connected to the wide area network 105 via the proxy server 101 so as to be able to communicate with each other.

  The proxy server 101 is a server device that functions as an information processing device of the present invention, and performs a relay control process for electronic mail data transmitted from the mail server 102 or the client device 103 using a relay control rule described later. Device.

  In addition, the proxy server 101 has a web server function, and in response to a request from a user who operates the client device 103, the proxy server 101 inputs a relay control rule to be used for relay control processing of an e-mail. It accepts or accepts an input of transmission prohibition or transmission for an electronic mail whose transmission is suspended as a result of the relay control process.

  The mail server 102 is a server device that is used to send and receive e-mails, and has server functions such as e-mail address management and storing e-mails sent to the e-mail addresses. It is. The client device 103 is a terminal device operated by a user who uses a mail address managed by the mail server 102.

  Hereinafter, an example of the hardware configuration of the information processing apparatus applicable to the proxy server 101 illustrated in FIG. 1 will be described with reference to FIG.

  In FIG. 2, reference numeral 201 denotes a CPU that comprehensively controls each device and controller connected to the system bus 204. Further, the ROM 203 or the external memory 211 is necessary to realize a BIOS (Basic Input / Output System) or an operating system program (hereinafter referred to as an OS), which is a control program of the CPU 201, or a function executed by each server or each PC. Various programs are stored.

  A RAM 202 functions as a main memory, work area, and the like for the CPU 201. The CPU 201 implements various operations by loading a program necessary for execution of processing from the ROM 203 or the external memory 211 into the RAM 202 and executing the loaded program.

  An input controller 205 controls input from the input device 209 or the like. A video controller 206 controls display on a display device 210 such as a liquid crystal display. The display device is not limited to a liquid crystal display, and may be a CRT display or the like. These are used by clients as needed.

  A memory controller 207 is connected to the hard disk (HD), flexible disk (FD), or PCMCIA card slot for storing a boot program, various applications, font data, user files, editing files, various data, etc. via an adapter. The access to the external memory 211 such as a compact flash (registered trademark) memory is controlled.

  A communication I / F controller 208 connects and communicates with an external device via a network (for example, the LAN 400 shown in FIG. 1), and executes communication control processing in the network. For example, communication using TCP / IP is possible.

  Note that the CPU 201 enables display on the display device 210 by executing outline font rasterization processing on a display information area in the RAM 202, for example. Further, the CPU 201 enables a user instruction with a mouse cursor (not shown) on the display device 210.

  Various programs that operate on the hardware are recorded in the external memory 211 and are executed by the CPU 201 by being loaded into the RAM 202 as necessary.

  It should be noted that not all devices have these configurations, and it is only necessary to provide necessary devices.

  Next, an overview of processing performed by the CPU 201 of the proxy server 101 will be described with reference to FIG. A program for causing the proxy server 101 to execute the processing shown in FIG. 3 is stored in the external memory 211 or the like, and the CPU 201 of the proxy server 101 executes this processing according to control by the program.

  The CPU 201 of the proxy server 101 has newly received e-mail data during execution of this processing (step S301), whether there is e-mail data for determining whether relaying is possible (step S303), and an audit processing request for pending mail Is always received from the client device 103 (step S305).

  If it is determined that new e-mail data has been received (YES in step S301), relay control mail storage processing is performed (step S302). Details of the relay control mail storing process will be described later with reference to FIG.

If it is determined that there is e-mail data for determining whether or not e-mail can be relayed (YES in step S303), a mail data relay control process is performed (step S304). The details of this mail data relay control process will be described later with reference to FIG.

  If an audit request for a pending mail is received (YES in step S305), a pending mail audit process is performed (step S306). The details of the pending mail audit process will be described later with reference to FIG. The above is an outline of the processing performed by the CPU 201 of the proxy server 101.

  Next, details of the relay control mail storing process in step S302 of FIG. 3 will be described with reference to FIG. This is because if a file attached to an e-mail is protected by a password (such as if it is encrypted), the contents of the file cannot be confirmed without removing the protection from the password. This process is performed to realize transmission control in consideration of the contents of the file.

  In step S401, the CPU 201 of the proxy server 101 determines whether a file is attached to the received e-mail.

  If it is determined that a file is attached (step S401: YES), the process proceeds to step S402.

  If it is determined that no file is attached (step S401: NO), the process proceeds to step S404.

  In step S402, the CPU 201 of the proxy server 101 determines whether or not the file attached to the received e-mail is a file protected by a password.

  If it is determined that the attached file is protected by the password (step S402: YES), the process proceeds to step S403.

  If it is determined that the attached file is not protected by the password (step S402: NO), the process proceeds to step S404.

  In step S403, the CPU 201 of the proxy server 101 stores the received e-mail in the e-mail storage unit with a password-attached attached file.

  In step S404, the CPU 201 of the proxy server 101 determines whether the received e-mail is an e-mail in which a password (password for decrypting a file attached to any e-mail) is described.

  Specifically, for example, when the received e-mail subject or a character string such as “password notification” is included in the body of the e-mail, it is determined that the e-mail is a password description mail. The determination method is not limited to this, and any method may be used.

  It should be noted that the processing of step S404 is executed even for an e-mail for which YES is determined in step S402, assuming that the password is described in the body of the e-mail attached with the file protected by the password. This is because. As a result, it is possible to cope with a case where a password for releasing the protection of the attached file is described in the e-mail attached with the file protected by the password.

  If it is determined that the password is an e-mail in which the password is described (step S404: YES), the process proceeds to step S405.

  If it is determined that the password is not an email (step S404: NO), the process proceeds to step S406.

  In step S405, the CPU 201 of the proxy server 101 stores the electronic mail in the password description mail storage unit.

  If the password is described in the e-mail (e-mail attached with the file protected by the password) stored in the e-mail data storage unit with the password-attached attached file in step S403, the e-mail is a password. Data is stored in both the mail data storage unit with attached file attachment and the password description mail data storage unit.

  In step S406, the CPU 201 of the proxy server 101 determines whether or not the e-mail attached with the file protected by the password and the e-mail containing the password for decrypting the attached file are received (both received). Or not).

  Specifically, the password included in the email data stored in the password description email data storage unit is applied to the attachment file of the email data stored in the email data storage unit with the password attached attachment, Confirm whether the attached file can be decrypted (whether it can be protected by the password) or not, and if decrypted, e-mail with the password-protected file attached and for decrypting the attached file It is determined that the e-mail containing the password is ready.

  Here, instead of brute force, for example, e-mail data having the same destination information (source / destination) may be extracted and checked whether it can be decrypted. Further, it is possible to extract e-mail data having similar contents and subject lines of the e-mail body and confirm whether or not the e-mail data can be decrypted. By performing such processing, the determination in step S406 can be performed faster.

  If it is determined that the mail attached with the file protected by the password and the password description mail are prepared (step S406: YES), the process proceeds to step S407.

  If it is determined that the mail with the password protected file and the password description mail are not complete (step S406: NO), the process proceeds to step S409.

  In step S407, the CPU 201 of the proxy server 101 converts the file protected by the password attached to the e-mail into a passwordless file using the password described in the password description mail.

  Here, the password description mail is associated with the e-mail attached with a file that can be decrypted with the password described in the password description mail. For example, registration is performed in association with each other using a message ID or the like.

  In step S408, the CPU 201 of the proxy server 101 creates mail data in which the file attached to the e-mail is replaced with a file without a password converted in step S407 (file protected from password protection). Then, the process proceeds to step S410.

  In step S409, the CPU 201 of the proxy server 101 determines whether the received electronic mail is either a mail with a file protected by a password attached or a password description mail.

  If it is determined that the mail is one of the mails (step S409: YES), the processing shown in this flowchart is terminated.

  If it is determined that none of the mails are present (step S409: NO), the process proceeds to step S410.

  In step S410, the CPU 201 of the proxy server 101 stores the received e-mail data (step S406: e-mail data created in step S408 in the case of YES) in the e-mail DB. Then, the process shown in this flowchart is terminated.

  Here, the data configuration of the e-mail DB 700 stored in the external memory 211 of the proxy server 101 will be described with reference to FIG. As shown in FIG. 7, the e-mail DB 700 includes a message ID 701, a transmission date and time 702, a sender (FROM) 703, a transmission destination 704, a subject 705, a body 706, an attachment 707, a combination 708, a division size 709, a control result 710, and the like. The data item is configured.

  A message ID 701 is a data item in which identification information of an electronic mail is registered, and a value set in Message-id of the mail header is registered. In the transmission date / time 702, date / time information when the electronic mail is transmitted is registered. For example, a value set in Date of the mail header is registered.

  The sender 703 is a data item in which the sender information of the email is registered, and the email address set as the FROM information of the email is registered. For example, a sender mail address set in an email envelope is registered.

  The transmission destination 704 is a data item in which transmission destination information of an electronic mail is registered, and an electronic mail address set as an electronic mail transmission destination (TO, CC, BCC) is registered. The e-mail address set in TO is registered in TO704-1, the e-mail address set in CC is registered in CC704-2, and the e-mail address set in BCC is registered in BCC704-3. This information is registered according to the mail header and envelope of the electronic mail.

  The subject 705 is a data item in which subject information of an e-mail is registered, and information set in the subject (Subject) of the e-mail is registered. For example, the value set in the subject of the mail header is registered.

  A text 706 is a data item in which text information of an electronic mail is registered. An attachment 707 is a data item in which attached file information (decrypted attached file) attached to an electronic mail is registered.

  A combination 708 is a data item in which information indicating whether the mail data is a combination of size-divided mail is registered. For example, “◯” is registered in the case of a combined mail of size division mail, and “X” is registered in other cases. The registration method is not limited to this method. The division size 709 is a data item in which the maximum size information of the size division mail is registered when the electronic mail is a combined mail of the size division mail.

  A control result 710 is a data item in which a relay control result or the like by the proxy server 101 is registered. In the update date / time 711, date / time information on the update of the record of the e-mail data is registered. The above is the description of the e-mail DB stored in the external memory 211 of the proxy server 101.

  Note that the e-mail stored in the password-attached attached mail data storage unit and the e-mail stored in the password description mail data storage unit are also stored in the same data configuration.

  Next, details of the mail data relay control process in step S304 of FIG. 3 will be described with reference to FIG. The CPU 201 of the proxy server 101 checks the e-mail DB 700 at regular intervals, and the e-mail data in which the data of the control result 710 has not been registered (the relay control process has not yet been performed), and the last update time (update time) 3) is set to 711), the determination is YES in step S303 in FIG. 3, and this processing is performed.

  In the present embodiment, the processing shown in the flowchart of FIG. 5 is executed for the mail data stored in the email DB. However, the email data stored in the password description mail data storage unit is also executed. The processing shown in the flowchart of FIG. 5 is executed.

  First, the CPU 201 of the proxy server 101 determines whether there is a relay control rule that has not been applied to the relay control target mail (step S501), and if it is determined that there is an unapplied relay control rule ( The process proceeds to step S502, and an unapplied relay control rule is acquired according to the priority.

  In step S503, it is determined whether the relay control rule e-mail matches the relay control rule condition acquired according to the priority information set in each data of the relay control rule DB (step S503).

  If it is determined in the determination process in step S503 that the relay control rule is matched (YES), the process proceeds to step S504, and it is determined to execute the operation set in the operation 906 of the relay control rule. At this time, if conditions regarding destinations (TO, CC, BCC) are set in the relay control rule, the information regarding those destinations set in the envelope is checked against the destination conditions to determine whether the destination conditions are met. It will be judged.

  On the other hand, if it is determined in step S503 that the condition is not met (NO), the process proceeds to step S501, and it is determined whether there is an unapplied relay control rule. Performs the processing after step S502. If it is determined that there is no (NO), the process proceeds to step S505, and it is determined to execute the operation set as the default process.

  In step S506, it is determined whether the process determined to be executed for the e-mail in step S504 or step S505 is “transmission”, “hold”, or “transmission prohibited”.

  If it is determined in step S506 that it is “send”, the process proceeds to step S507, and an email with a password-protected file attached and a password description email are sent to the designated destination. Transmit (step S507).

  Here, the e-mail transmitted in step S507 is not an e-mail in which the attached file is converted into a passwordless file in step S407, but an e-mail in which a file protected by a password is attached.

  That is, the processing in steps S501 to S505 is performed on the mail data replaced with the passwordless file, and what is actually transmitted in step S507 is the password corresponding to the email converted to the passwordless file. This is an e-mail attached with the file protected by the e-mail (the e-mail stored in the e-mail data storage unit with the password-attached attached file in step S403).

  As a result, the relay control process (rule application process) is executed in a state where the protection by the password is released, so that the process considering the contents of the attached file can be performed. In addition, since the file that is actually transmitted is a file with a password-attached (protected) file attached, it is possible to reduce the risk of information leakage.

  If it is determined in the determination process in step S506 that it is “pending”, the process proceeds to step S508, and the information on the e-mail is registered in the hold e-mail list shown in FIG.

  After adding information related to the email determined to be suspended in step S508 to the suspended email list 800, the sender is notified that the email is suspended (step S509). In addition, the user set as an auditor of the suspended email is notified that the email is suspended (step S510).

  If it is determined in step S506 that the process to be executed is “transmission prohibited”, the process proceeds to step S511, and transmission of the e-mail is prohibited. Then, it notifies the sender of the email that transmission of the email is prohibited (step S512).

  After any one of steps S507, S510, and S512 is completed, the CPU 201 proceeds to step S513 and registers the relay control result in the control result 710 of the email in the email DB 700. The above is the details of the mail data relay control process in step S304 of FIG.

  Next, with reference to FIG. 6, the details of the pending mail audit process in step S306 of FIG. 3 will be described. This process is performed when an access request is received from the client device 103 used by the inspector for a web page for auditing a pending electronic mail provided by the proxy server 101.

  The CPU 201 of the proxy server 101 performs a process for identifying the user who operates the client apparatus 103 that has requested access (step S601). For example, when an input of a user ID and a password is accepted and the information is registered in a user management DB (not shown), the user specified by the user ID is specified as the user who audits the email. .

  Then, after the user is specified in step S601, the CPU 201 determines whether or not a pending email to be audited by the user is stored in the pending email list 800 (step S602).

  If it is determined in step S602 that there is no pending email to be audited by the user (NO), the process proceeds to step S603 to notify that there is no pending email to be audited.

  On the other hand, if it is determined in the determination process in step S602 that there is a pending email that the user should audit (YES), the process proceeds to step S604, and the pending email that the user should audit from the pending email list 800. Get mail. Then, screen information including a list of pending emails to be audited is generated (step S605), and the screen information is transmitted to the client device 103 (step S606).

  After transmitting screen information for displaying the pending email list screen (step S606), if a detailed email request for pending email is received from the client device 103 (YES in step S607), the process proceeds to step S608. The e-mail data for which the detailed data is requested is acquired from the e-mail DB 700, and screen information including the detailed data of the pending e-mail is generated using the e-mail data. Then, the screen information is transmitted to the client apparatus 103 that has made the request (step S609).

  When the CPU 201 of the proxy server 101 receives an audit result for the pending email from the client device 103 (YES in step S610), the process proceeds to step S611, and the received audit result is “transmission” or “transmission prohibited”. It is determined whether it is. If it is determined in this determination process that the message is “transmission” (“transmission” in step S611), a pending email transmission process is performed (step S612).

  At this time, if a file protected by a password is attached to the pending e-mail, transmission is performed in a state protected by the password. In other words, not the e-mail data stored in the e-mail DB 700 but the e-mail stored in the e-mail data storage unit with the password-attached attached file is transmitted.

  On the other hand, if it is determined that “transmission is prohibited” (“transmission prohibited” in step S611), transmission of the pending electronic mail is prohibited (step S613).

  After the process of step S612 or S613 is completed, a notification is sent to the sender of the pending email that processing has been performed on the pending email. At this time, the notification is made in such a way that it can be seen whether the pending electronic mail is transmitted or transmission is prohibited.

  Thereafter, the control result 710 of the data in the email DB 700 corresponding to the pending email is updated according to the audit result (step S615).

  When a transmission audit result is input, the information of the data item is changed to “hold → transmission”, and when a transmission prohibition audit result is input, the information of the data item is changed.

  The above processing is performed until it is determined in step S616 that the present processing is to be ended (YES). The above is the detailed description of the pending email audit process in step S306 in FIG.

  Next, an example of the data configuration of the relay control rule DB 900 stored in the external memory 211 of the proxy server 101 will be described with reference to FIG.

  As illustrated in FIG. 9, the relay control rule DB 900 includes a rule ID 901, a priority 902, a rule name 903, a comment 904, a condition 905, and an operation 906 as data items.

  The rule ID 901 is a data item in which identification information for uniquely identifying the relay control rule is registered. The priority 902 is a data item in which priority information indicating the priority order to which the relay control rule is applied is registered.

  The rule name 903 is a data item in which the name of the relay control rule is registered. A comment 904 is a data item in which a comment regarding the relay control rule is registered. For example, information indicating what purpose the relay control rule is provided for is registered.

  The condition 905 includes a sender condition 905-1, a destination condition 905-2, a subject / body condition 905-3, and an attached file condition 905-4 as data items in which the condition of the e-mail to which the relay control rule is applied is set. Is set.

  The sender condition 905-1 is a data item in which the sender condition of the e-mail is registered. For example, “*@example.co.jp”, “other than *@example.co.jp”, etc. The condition will be registered.

  The destination condition 905-2 is a data item in which an e-mail destination condition is registered. For example, “TO, CC, BCC has an address other than *@example.co.jp”, “TO, Conditions such as “the number of addresses set in the CC is n or more”, “includes n or more domains”, “the email address of the administrator of the sender is not set in the CC” are registered. Will be.

  The subject / body condition 905-3 is a data item in which a condition related to a character string set in the subject or body of an e-mail is registered. For example, “subject is not input”, “subject or body A condition such as “Contains any of confidential, confidential, confidential, or confidential” is registered.

  The attached file condition 905-4 is a data item in which a condition related to an attached file attached to an e-mail is registered. A MIME type condition 905-41, a keyword condition 905-42, and a size condition 905-43 are set. Yes.

  The MIME type condition 905-41 is a data item in which information about the file type is registered. For example, “image / jpeg” is registered for a JPEG file, and “text / plain” is registered for a text file. Will be.

  The keyword condition 905-42 is a data item in which a condition related to the character string included in the attached file is registered. For example, “Contains any one of“ confidential, confidential, confidential ”and“ confidential ”. The condition will be registered.

  The size condition 905-43 is a data item in which a condition related to the size of the attached file is registered. For example, conditions such as “30 MB or more” and “less than 20 MB” are registered.

  Of course, it is not necessary to set all of the sender condition 905-1, the destination condition 905-2, the subject / text condition 905-3, and the attached file condition 905-4 in one relay control rule. Further, when a plurality of conditions are registered among the sender condition 905-1, the destination condition 905-2, the subject / body condition 905-3, and the attached file condition 905-4, an e-mail including all these conditions Is an e-mail to which the relay control rule is applied.

  An operation 906 is a data item in which a process to be applied to e-mail data matching the condition 905 is registered, and any one of “transmission”, “transmission prohibited”, and “hold” is registered. If “send” is set, the e-mail is sent to the designated destination. When “transmission prohibition” is set, transmission of electronic mail is prohibited. When “hold” is set, transmission of the electronic mail is suspended, and transmission control is performed in accordance with an instruction of “transmission” or “transmission prohibited” received from the administrator.

  The above is the description of the data configuration of the relay control rule DB 900 stored in the external memory 211 of the proxy server 101.

  Next, an example of the data structure of the pending email list 800 will be described with reference to FIG. As shown in FIG. 8, the hold email list 800 includes data items such as a mail ID 801, a sender 802, an auditor 803, a hold date and time 804, and an audit result 805.

  The mail ID 801 is a data item in which identification information for uniquely identifying an electronic mail is registered. By using the information registered in the mail ID 801, the mail information registered in the e-mail DB 700 is acquired.

  The sender 802 is a data item in which the user who sent the e-mail is registered. The inspector 803 is a data item in which user information of a user who performs an audit for instructing “transmission” or “transmission prohibition” with respect to the electronic mail specified by the mail ID is registered. For example, the superior of the sender of the e-mail is registered as an auditor.

  The hold date and time 804 is a data item in which the date and time information on which the e-mail is put on hold is registered. Of course, the e-mail may be transmitted or the e-mail may be prohibited from being transmitted even if there is no instruction from the auditor when the e-mail has been held for a certain period of time.

  The audit result 805 is a data item in which an audit result (“transmission” or “transmission prohibited”) by the auditor is registered. The above is an example of the data configuration of the pending email list.

  Next, an example of the pending email list display screen 1000 displayed on the display device of the client device 103 that has received the screen information transmitted in step S606 of FIG. 6 will be described with reference to FIG.

  As shown in FIG. 10, a hold email list display unit 1001, a send button 1002, and a send prohibit button 1003 are set on the hold email list display screen 1000.

  The pending email list display unit 1001 is a display unit that displays a list of pending emails, and includes an audit target email selection check box 1001-1, a message ID 1001-2, a transmission date and time display unit 1001-3, a sender / subject. A display unit 1001-4, an attached file presence / absence display unit 1001-5, and a detail button 1001-6 are set.

  The audit target mail selection check box 1001-1 is a check box for selecting an electronic mail to be subjected to the summary audit. When an instruction to press the send button 1002 is received for the e-mail data in which the audit target mail selection check box 1001-1 is checked, a transmission process is performed, and when an instruction to press the send prohibit button 1003 is received In this case, transmission prohibition processing is executed.

  The message ID 1001-2 is a display unit that displays the message ID of the pending electronic mail. The transmission date and time display unit 1001-3 is a display unit that displays time information when the hold electronic mail is transmitted. A sender / subject display unit 1001-4 is a display unit that displays the sender information and subject information of the hold electronic mail.

  The attached file presence / absence display unit 1001-5 is a display unit that displays the presence / absence of an attached file of the pending electronic mail. A detail button 1001-6 is a button used to make a request for detailed data of an e-mail to the proxy server 101. The above is an example of the on-hold email list display screen 1000 in FIG.

  Next, an example of the hold email detail confirmation screen 1100 displayed on the display device of the client device 103 that has received the screen information transmitted in step S609 in FIG. 6 will be described with reference to FIG.

  As shown in FIG. 11, the pending email detail confirmation screen 1100 includes a sender (FROM) information display column 1101, a TO information display column 1102, a CC information display column 1103, a BCC information display column 1104, and a subject information display column 1105. , A text information display field 1106, an attached file display field 1107, an audit input field 1108, and a decision button 1109 are set.

  The sender (FROM) information display column 1101 is a display column for displaying information on the sender of the pending email, and is a display column for displaying information registered in the sender (FROM) 703 of the email DB 700. is there. The TO information display field 1102 is a display field for displaying the transmission destination (TO) information of the pending electronic mail, and is a display field for displaying information registered in TO 704-1 of the electronic mail DB 700. The CC information display column 1103 is a display column for displaying information on the transmission destination (CC) of the pending email, and is a display column for displaying information registered in the CC 704-2 of the email DB 700. The BCC information display column 1104 is a display column for displaying the transmission destination (BCC) information of the pending email, and is a display column for displaying information registered in the BCC 704-3 of the email DB 700.

  The subject information display column 1105 is a display column for displaying the subject of the suspended electronic mail, and is a display column for displaying information registered in the subject 705 of the electronic mail DB 700. The text information display column 1106 is a display column for displaying the text of the pending email, and is a display column for displaying information registered in the text 706 of the email DB 700. The attached file display field 1107 is a display field for displaying an icon according to the file format when an attached file is set for the pending email, and is registered in the attached 707 of the email DB 700. Is a display field for displaying. If the double-click process is performed on the icon displayed in the attached file display field 1107, the contents of the file can be confirmed.

The audit input field 1108 is an input field for receiving an input of audit information (“transmission” or “transmission prohibited”) for the pending electronic mail. The decision button 1109 is a button used to execute the process specified in the audit input field 1108 for the pending email. The above is an example of the hold email detail confirmation screen 1100 in FIG.
<Second Embodiment>

  Next, a second embodiment will be described with reference to FIGS.

  In the second embodiment, when a transmission control rule is applied to an electronic mail to which a file is attached, and the transmission of the electronic mail is prohibited, a password for decrypting the attached file is described. Transmission of mail (password description mail) can also be prohibited (step S1205 in FIG. 12). As a result, it is possible to prevent only the password description mail from being transmitted.

  Also, as a result of applying a transmission control rule to an email with an attached file, if the email is suspended, an email with a password for decrypting the attached file (password description email) ) Can also be suspended (step S1203 in FIG. 12). As a result, it is possible to prevent only the password description mail from being transmitted first.

  In this way, by matching the transmission control between the password description email and the email to which the file to which the password is applied is attached, it is possible to prevent the recipient from being confused by receiving only the password description email. It becomes.

  Further, a process for requesting transmission of a password description mail when a password description mail has not been received for a certain period of time is added (FIG. 13). As a result, it is possible to prevent a situation in which a sender who has sent a file protected by a password forgets to provide a password for decrypting the file, so that a mail is not sent indefinitely.

  Details of the mail data relay control process (step S304) in the second embodiment will be described with reference to FIG.

  Note that the process shown in the flowchart of FIG. 12 is a process in which steps S1201 to S1206 are added to the flowchart of FIG. 5 in the first embodiment. Therefore, only the added processing of S1201 to S1206 will be described here. Other processes are the same as those in the first embodiment.

  In step S1201, the CPU 201 of the proxy server 101 determines whether the electronic mail received in step S301 is a password description mail. Specifically, the determination is made based on whether or not the e-mail is stored in the password description mail data storage unit.

  If it is a password description mail (step S1201: YES), the process proceeds to step S1202.

  If it is not a password description mail (step S1202: NO), the process proceeds to step S501.

  In step S1202, the CPU 201 of the proxy server 101 determines the result of transmission control for the mail corresponding to the password description mail (mail attached with a file decrypted with the password described in the password description mail).

  Specifically, for example, when it is determined in step S406 that the corresponding mails are available, the corresponding mail is determined by associating the password description mail with the corresponding mail.

  If the result of the transmission control is “transmission”, the process proceeds to step S501.

  If the result of the transmission control is “hold”, the process proceeds to step S1203.

  If the result of the transmission control is “prohibited”, the process proceeds to step S1205.

  In step S1203, the CPU 201 of the proxy server 101 suspends transmission of the password description mail received in step S301.

  In step S1204, the CPU 201 of the proxy server 101 transmits the password description mail suspended in step S1203 in accordance with the transmission of the corresponding mail. In other words, when a mail suspended in step S612 is transmitted, a password description mail is also transmitted. If transmission is prohibited in step S613, transmission of the password description mail is also prohibited.

  Here, when the corresponding mail is transmitted, the password description mail may be transmitted simultaneously with the corresponding mail, or may be transmitted after the corresponding mail is transmitted. That is, the processes in steps S1203 and S1204 are processes for preventing the password description mail from being transmitted before the corresponding mail.

Although not shown in FIG. 12, when the password description mail is to be sent after being suspended, the password control mail is executed by executing the relay control processing in steps S501 to S504 for the password description mail. It is also possible to determine relay control of the description mail itself. As a result, for example, even when the password description mail itself contains contents prohibited from being transmitted, an appropriate transmission control process can be performed.
Then, the process shown in this flowchart is terminated.

  As a result of applying the transmission control rule to the e-mail with the file attached as a result of the above processing, when the transmission of the e-mail is suspended, the e-mail (in which the password for decrypting the attached file is described ( It is also possible to suspend transmission of the password description mail. As a result, it is possible to prevent only the password description mail from being transmitted first.

  In step S1205, the CPU 201 of the proxy server 101 prohibits transmission of the password description mail received in step S301.

  In step S1206, the CPU 201 of the proxy server 101 notifies the sender of the password description mail that transmission is prohibited. Then, the process shown in this flowchart is terminated.

  As a result of applying the transmission control rule to the email with the file attached as a result of the above processing, if the email is prohibited from being sent, the email that contains the password for decrypting the attached file Transmission of (password description mail) can also be prohibited. As a result, it is possible to prevent only the password description mail from being transmitted.

  In this way, by matching the transmission control between the password description email and the email to which the file to which the password is applied is attached, it is possible to prevent the recipient from being confused by receiving only the password description email. It becomes.

  Next, the password description mail request process in the second embodiment will be described with reference to FIG.

  The process shown in the flowchart of FIG. 13 is a process in which the CPU 201 of the proxy server 101 reads and executes a predetermined program. The CPU 201 of the proxy server 101 always performs the processing shown in the flowchart of FIG.

  In step S1301, the CPU 201 of the proxy server 101 acquires the mail data stored in the mail data storage unit with attached password attached file in step S403.

  In step S1302, the CPU 201 of the proxy server 101 determines whether a predetermined period has elapsed since the mail acquired in step S1301 was received in step S301.

  In other words, an email that contains a password that decrypts the file attached to the email has not been received for a certain period of time, so the attached file cannot be decrypted and relay control processing cannot be executed. Judge whether there is.

  If it is determined that the predetermined period has elapsed since the mail acquired in step S1301 was received in step S301, the process proceeds to step S1303.

  If not, the process shown in this flowchart is terminated.

  In step S1303, the CPU 201 of the proxy server 101 requests the sender of the email acquired in step S1301 to send a password description email. Then, the process shown in this flowchart is terminated.

  It should be noted that the configuration and contents of the various data described above are not limited to this, and it goes without saying that the various data and configurations are configured according to the application and purpose.

  Through the above processing, the relay control processing (rule application processing) can be executed in a state where the protection by the password is released, and processing in consideration of the contents of the attached file is also possible. In addition, since the file that is actually transmitted is a file with a password-attached (protected) file attached, it is possible to reduce the risk of information leakage.

  Therefore, according to the present invention, it is possible to realize appropriate transmission control in consideration of the contents of the encrypted attached file.

  Moreover, the program in this invention is a program which a computer can perform the processing method of FIGS. The program in the present invention may be a program for each processing method of each apparatus in FIGS.

  As described above, a recording medium that records a program that implements the functions of the above-described embodiments is supplied to a system or apparatus, and a computer (or CPU or MPU) of the system or apparatus stores the program stored in the recording medium. It goes without saying that the object of the present invention can also be achieved by reading and executing.

  In this case, the program itself read from the recording medium realizes the novel function of the present invention, and the recording medium recording the program constitutes the present invention.

  As a recording medium for supplying the program, for example, a flexible disk, hard disk, optical disk, magneto-optical disk, CD-ROM, CD-R, DVD-ROM, magnetic tape, nonvolatile memory card, ROM, EEPROM, silicon A disk or the like can be used.

  Further, by executing the program read by the computer, not only the functions of the above-described embodiments are realized, but also an OS (operating system) operating on the computer based on an instruction of the program is actually It goes without saying that a case where the function of the above-described embodiment is realized by performing part or all of the processing and the processing is included.

  Furthermore, after the program read from the recording medium is written to the memory provided in the function expansion board inserted into the computer or the function expansion unit connected to the computer, the function expansion board is based on the instructions of the program code. It goes without saying that the case where the CPU or the like provided in the function expansion unit performs part or all of the actual processing and the functions of the above-described embodiments are realized by the processing.

  The present invention may be applied to a system constituted by a plurality of devices or an apparatus constituted by a single device. Needless to say, the present invention can be applied to a case where the present invention is achieved by supplying a program to a system or apparatus. In this case, by reading a recording medium storing a program for achieving the present invention into the system or apparatus, the system or apparatus can enjoy the effects of the present invention.

  Furthermore, by downloading and reading a program for achieving the present invention from a server, database, etc. on a network using a communication program, the system or apparatus can enjoy the effects of the present invention. In addition, all the structures which combined each embodiment mentioned above and its modification are also included in this invention.

101 Proxy server 102 Mail server 103-1 to 103-3 Client device 104 LAN
105 Wide area network 106-1, 106-2 External mail server

Claims (8)

An information processing apparatus that controls transmission of electronic mail,
Storage means for storing a transmission control rule used for transmission control of the e-mail;
Obtaining means for obtaining the e-mail;
E-mail storage means for storing the e-mail acquired by the acquisition means;
Search means for searching for an e-mail in which a password for releasing protection of a file attached to the e-mail is described from the e-mail stored in the e-mail storage means;
Using a password described in the email searched by the search means, a release means for releasing the protection of the file;
Rule applying means for applying the transmission control rule stored in the storage means to the attached file released by the releasing means;
Based on the rules applied by the rule applying means, transmission control means for controlling the transmission of the email;
An information processing apparatus comprising:   When the transmission control unit prohibits transmission of an e-mail, the transmission control unit also transmits an e-mail in which a password for decrypting a file attached to the e-mail prohibited from being transmitted is described. The information processing apparatus according to claim 1, wherein the information processing apparatus is prohibited.   The information processing apparatus according to claim 1, wherein the transmission control unit transmits the attached file to which the rule is applied by the rule application unit while protecting the attached file with a password.   If the search means does not search for an e-mail with a password for canceling the protection of the file attached to the e-mail, the password is described for the sender of the e-mail with the file attached. The information processing apparatus according to any one of claims 1 to 3, further comprising a notification unit that notifies the user to transmit the received e-mail. Cancellation file storage means for storing the attached file whose protection has been canceled by the cancellation means;
Audit accepting means for accepting an audit for an email whose transmission is suspended by the transmission control means;
With
5. The information processing apparatus according to claim 1, wherein the audit receiving unit receives an audit of electronic mail data including a file stored in the release file storage unit. Further comprising transmission means for transmitting an e-mail under transmission control by the transmission control means,
6. The information processing apparatus according to claim 1, wherein the e-mail transmitted by the transmission unit is an e-mail that is not protected by the password. An information processing method in an information processing apparatus for storing a transmission control rule used for e-mail transmission control and an e-mail acquired by an acquisition unit and performing e-mail transmission control,
An acquisition step in which the acquisition unit of the information processing apparatus acquires the electronic mail;
A search step in which the search means of the information processing apparatus searches for an e-mail in which a password for releasing protection of a file attached to the e-mail is described from the e-mail
A canceling step of canceling the protection of the file by using the password described in the email searched by the searching step;
A rule applying step in which the rule applying means of the information processing device applies the stored transmission control rule to the attached file released by the releasing step;
A transmission control step in which the transmission control means of the information processing apparatus controls transmission of an e-mail based on the rule applied by the rule application step;
An information processing apparatus comprising: A program that can be executed in an information processing apparatus that stores a transmission control rule used for e-mail transmission control and an e-mail acquired by an acquisition unit and performs e-mail transmission control,
The information processing apparatus;
Obtaining means for obtaining the e-mail;
Search means for searching for an e-mail in which a password for releasing protection of a file attached to the e-mail is described from the e-mail stored in the e-mail storage means;
Using a password described in the email searched by the search means, a release means for releasing the protection of the file;
Rule applying means for applying the transmission control rule stored in the storage means to the attached file released by the releasing means;
A program that functions as transmission control means for controlling transmission of electronic mail based on the rules applied by the rule application means.

Images