JP2017021760A - Information processing device and program - Google Patents

Abstract

PROBLEM TO BE SOLVED: To make the filtering of emails performed more appropriately than filtering using a list of emails or a signature-type filter.SOLUTION: A gateway device 10 receives an object email destined to a terminal device 14 in a communication path N2 transmitted via a communication path N1. The gateway device 10 calculates the reliability of the object email on the basis of information on first reliable relation between a transmitter and a receiver of the object email, and information on second reliable relation between the transmitter and a third party other than the receiver. A process corresponding to the reliability is applied to the object email.SELECTED DRAWING: Figure 1

Description

  The present invention relates to an information processing apparatus and a program.

  In general, as a countermeasure against so-called spam mail and targeted attack mail, filtering is performed on electronic mail. For example, filtering using a white list of e-mail addresses, filtering using a signature type filter, or the like may be performed.

  Patent Document 1 discloses a system that makes an inquiry about components of an electronic mail and determines whether the electronic mail is an unnecessary electronic mail based on the result.

  Patent Document 2 discloses a method of training a probability filter based on a white list and a black list having network resource identifiers included in past e-mails, and generating a spam score using the probability filter. Yes.

Special table 2012-531666 gazette Special table 2008-547067 gazette

  By the way, in the filtering using the white list, even e-mails that are originally necessary may be filtered. Further, in the filtering using the signature type filter, there arises a problem that electronic mail not registered in the signature is not filtered. In particular, in the case of an advanced email attack in which a sender email address is not spoofed as represented by a targeted attack, the attached virus is often of a type that can pass through a signature.

  An object of the present invention is to perform filtering of e-mail more appropriately than when e-mail filtering is performed using an e-mail list or a signature type filter.

  The invention according to claim 1 is a receiving means for receiving a target electronic mail, information on a first trust relationship between a sender and a receiver of the target electronic mail, a third party other than the receiver, and the An information processing apparatus comprising: a processing unit that applies information related to a second trust relationship with a sender and processing corresponding to the information to the target electronic mail.

  The invention according to claim 2 further includes calculation means for calculating the reliability of the target e-mail based on information on the first trust relationship and information on the second trust relationship, The information processing apparatus according to claim 1, wherein processing according to reliability is applied to the target electronic mail.

  In the invention according to claim 3, the information related to the first trust relationship is information indicating at least one of a transmission history and a reception history of a past e-mail between the sender and the receiver, The information related to the second trust relationship is information indicating at least one of a transmission history and a reception history of past e-mails between the sender and the third party. The information processing apparatus described.

  The invention according to claim 4 is the information processing apparatus according to claim 2 or 3, wherein the calculation means calculates the reliability based further on a destination of the target electronic mail. .

  The invention according to claim 5 is characterized in that the calculation means calculates the reliability based further on the number of replies for the target e-mail. The information processing apparatus described.

  The invention according to claim 6 is characterized in that the computing means computes the reliability based further on data attached to the target e-mail. The information processing apparatus according to the item.

  The invention according to claim 7 is the invention according to any one of claims 1 to 6, wherein the third party is a person whose trust relationship with the receiver is equal to or greater than a threshold value. The information processing apparatus described.

  In the invention according to claim 8, the trust relationship is determined based on history information indicating at least one of a transmission history and a reception history of a past e-mail between the sender and the receiver. The information processing apparatus according to claim 7.

  The invention according to claim 9 is the information processing apparatus according to claim 8, wherein the number of the history information is the trust relationship between the sender and the receiver.

  The invention according to claim 10 is characterized in that the processing means permits or prohibits transmission of the target electronic mail to the recipient as the processing. The information processing apparatus according to the item.

  In the invention according to claim 11, when the transmission of the target electronic mail is permitted, the target electronic mail is transmitted to the recipient, and the target electronic mail is transmitted to the recipient and the administrator. Or sending the transmission of the target email to the recipient after deleting the file attached to the target email or the address information of the website described in the target email. The information processing apparatus according to claim 10, wherein the information processing apparatus is at least one of them.

  The information processing apparatus according to any one of claims 2 to 6, wherein the information used for the calculation of the reliability is shared by apparatuses other than the information processing apparatus. It is.

  According to a thirteenth aspect of the present invention, there is provided a computer, receiving means for receiving a target electronic mail, information on a first trust relationship between a sender and a receiver of the target electronic mail, and other than the sender and the receiver This is a program that functions as processing means that applies information corresponding to the second trust relationship with the third party to the target electronic mail.

  According to the first, second, and thirteenth aspects, e-mail filtering is performed more appropriately than e-mail filtering using an e-mail list or signature type filter.

  According to the invention of claim 3, by calculating the reliability using the third party transmission history and reception history, the target electronic can be compared with the case where the third party transmission history and reception history are not used. The reliability of the mail is more appropriately evaluated, and as a result, the target electronic mail is filtered more appropriately.

  According to the invention of claim 4, by calculating the reliability using the destination as well, the reliability of the target e-mail is more appropriately evaluated as compared with the case where the destination is not used. Mail filtering is performed more appropriately.

  According to the invention according to claim 5, by calculating the reliability using the number of replies, the reliability of the target e-mail is more appropriately evaluated as compared with the case where the number of replies is not used. Target email is filtered more appropriately.

  According to the invention according to claim 6, by calculating the reliability using the attached file, the reliability of the target e-mail is more appropriately evaluated as compared with the case where the attached file is not used. Target email is filtered more appropriately.

  According to the invention according to claim 7, the reliability of the target email is more appropriately evaluated as compared with the case where information on a third party whose trust relationship is not equal to or greater than the threshold is used, and as a result, filtering of the target email is performed. Is done more appropriately.

  According to the invention of claim 8, the trust relationship between the recipient and the third party can be automatically determined.

  According to the ninth aspect of the present invention, the trust relationship between the recipient and the third party is more appropriately evaluated as compared with the case where the number of history information is not used.

  According to the tenth aspect of the invention, transmission of a relatively reliable target e-mail to a recipient can be permitted, and transmission of a relatively unreliable target e-mail to a recipient can be prohibited.

  According to the eleventh aspect of the present invention, when transmission of a target electronic mail is permitted, processing according to the reliability of the target electronic mail can be applied.

  According to the twelfth aspect of the present invention, information used for the reliability calculation can be used in other devices.

It is a block diagram which shows the mail delivery system which concerns on embodiment of this invention. It is a block diagram which shows the gateway apparatus which concerns on this embodiment. It is a figure which shows an example of a user reliability table. It is a figure which shows an example of the transmission / reception log | history table. It is a figure which shows an example of the transmission / reception log | history table. It is a figure which shows an example of a destination table. It is a figure which shows an example of a reply frequency table. It is a figure which shows an example of an attachment file table. It is a figure which shows an example of a process content table. It is a flowchart which shows an example of the process at the time of reception of an email. It is a flowchart which shows an example of the process at the time of transmission of an email. It is a flowchart which shows an example of a reliability score calculation process. It is a flowchart which shows an example of a trust relationship update process. It is a figure for demonstrating the process which concerns on the specific example 1. FIG. It is a figure for demonstrating the process which concerns on the specific example 2. FIG. It is a figure for demonstrating the email which concerns on the specific example 3. FIG. It is a figure which shows an example of the transmission / reception log | history table which concerns on the specific example 3. FIG. It is a block diagram which shows the mail delivery system which concerns on the modification 1. FIG. It is a block diagram which shows the mail delivery system which concerns on the modification 2.

  FIG. 1 shows an example of a mail delivery system according to an embodiment of the present invention. The mail delivery system as an information processing system includes a gateway device 10 and terminal devices 12 and 14 as information processing devices. The gateway device 10 is connected to communication paths N1 and N2. The communication path N1 is, for example, the Internet, and the communication path N2 is a network such as a LAN (local area network). One or more terminal devices 12 (for example, three terminal devices 12) are connected to the communication path N1, and one or more terminal devices 14 (for example, three terminal devices 14) are connected to the communication path N2. Yes.

  The gateway device 10 is a device that connects a communication path N1 that is the Internet and a communication path N2 such as a LAN. The gateway device 10 has a function of receiving an electronic mail transmitted from the terminal device 12 to the terminal device 14, calculating a reliability of the electronic mail, and applying a process according to the reliability to the electronic mail. ing. For example, the gateway device 10 permits or prohibits transmission of the electronic mail to the terminal device 14 according to the reliability.

  The terminal devices 12 and 14 are devices such as a PC (personal computer), a tablet PC, a smartphone, or a mobile phone, and have a function of creating an e-mail and a function of transmitting and receiving data to and from other devices. .

  In the present embodiment, electronic mail is transmitted and received between the terminal device 12 connected to the communication path N1 and the terminal device 14 connected to the communication path N2 via the gateway device 10. In addition, transmission / reception of electronic mail is performed between the plurality of terminal devices 14 connected to the communication path N2 via the gateway device 10.

  Hereinafter, the configuration of the gateway device 10 will be described in detail. FIG. 2 shows the configuration of the gateway device 10.

  The communication unit 16 is a communication interface and has a function of transmitting data to other data and a function of receiving data from other devices. For example, the communication unit 16 receives an e-mail transmitted from the terminal device 12 via the communication path N1, and transmits the e-mail to the terminal apparatus 14 via the communication path N2. In addition, the communication unit 16 receives an electronic mail transmitted from the terminal device 14 via the communication path N2, and transmits the electronic mail to the terminal apparatus 12 via the communication path N1. In addition, the communication unit 16 receives an electronic mail transmitted from the terminal device 14 via the communication path N2, and transmits the electronic mail to another terminal apparatus 14 via the communication path N2.

  The mail management unit 18 has a function of managing information related to electronic mail transmitted / received between the terminal device 12 and the terminal device 14 and information related to electronic mail transmitted / received between the plurality of terminal devices 14. . For example, the mail management unit 18 manages the transmission / reception history of electronic mail between the terminal device 12 and the terminal device 14 and creates transmission / reception history information indicating the history. In addition, the mail management unit 18 manages the history of email transmission / reception among the plurality of terminal devices 14 and creates transmission / reception history information indicating the history. The transmission / reception history information created by the mail management unit 18 is stored in the mail information storage unit 20.

  The mail information storage unit 20 is a storage device such as a hard disk, and stores transmission / reception history information created by the mail management unit 18. Further, the e-mail data itself may be stored in the mail information storage unit 20. The mail information storage unit 20 stores information used for reliability calculation processing by a reliability calculation unit 22 described later. This information will be described in detail with reference to the drawings after FIG.

  When the target electronic mail is transmitted from the terminal device 12 to the terminal device 14 via the communication path N1, the reliability calculation unit 22 uses the information related to the trust relationship between the sender and the receiver of the target electronic mail. Based on this, a function for calculating the reliability of the target electronic mail is provided. In addition, the reliability calculation unit 22 determines the target electronic device based on the information on the trust relationship between the sender and the receiver and the information on the trust relationship between the sender and a third party other than the receiver. The reliability of mail may be calculated. The third party is a person who is reliable from the viewpoint of the receiver, for example, a person whose reliability with the receiver is equal to or greater than a threshold value. The information related to the trust relationship between the sender and the receiver is, for example, information indicating a past e-mail transmission / reception history between the sender and the receiver, and the trust between the sender and the third party. The information related to the relationship is, for example, information indicating a past e-mail transmission / reception history between the sender and the third party. Further, the reliability calculation unit 22 uses the information such as the destination of the target e-mail, the number of replies for the target e-mail, the data attached to the target e-mail, etc., to thereby increase the reliability of the target e-mail. You may calculate. The number of replies for the target electronic mail and the data attached to the target electronic mail are information that can be evaluated as a history of transmission / reception between the sender and the receiver. The processing by the reliability calculation unit 22 will be described in detail later.

  The mail processing unit 24 applies processing corresponding to the reliability of the target electronic mail to the target electronic mail. For example, the mail processing unit 24 permits or prohibits transmission of the target electronic mail to the receiver (the terminal device 14 of the receiver) according to the reliability. Of course, other processes may be executed.

  The control unit 26 controls the operation of each unit of the gateway device 10.

  Hereinafter, the gateway device 10 will be described in detail. Information for calculating the reliability of the target electronic mail will be described with reference to FIGS. This information is information stored in the mail information storage unit 20.

  FIG. 3 shows an example of the user reliability table. In the user reliability table, for each user who uses the communication path N2 (for example, LAN), the e-mail address of another user other than the user and the trust relationship between the user and the other user Are associated with each other. Other users are also users using the communication path N2. Of course, other users may be users who do not use the communication path N2. The information indicating the trust relationship is information indicating the degree of trust. FIG. 3 shows a user reliability table for “user A”. In the table, the e-mail addresses of “user B” and “user C” and information indicating the trust relationship between “user A” and “users B and C” are associated with each other. For example, “User B” is a user with high reliability for “User A”, and “User C” is a user with medium reliability for “User A”. User reliability tables for other users are also created and stored in the mail information storage unit 20. The user reliability table is created in advance, and the data is stored in the mail information storage unit 20. The user reliability table may be automatically created or may be created by a manual operation by the user.

  Here, processing for automatically creating a user reliability table will be described. In this case, the user reliability table is created by the mail management unit 18. The mail management unit 18 creates a user reliability table based on e-mail transmission / reception history, for example.

  The user reliability table creation process will be described below. FIG. 4 shows an example of an e-mail transmission / reception history. FIG. 4A shows an example of a transmission history table, FIG. 4B shows an example of a reception history table, and FIG. 4C shows an example of a score table. It is shown.

  The transmission history table is information indicating an electronic mail transmission history for each individual user using the communication path N2 (for example, LAN). In the transmission history table, information indicating a sender, information indicating a receiver, information indicating the number of transmissions, and a trust relationship score are associated with each other. The trust relationship score is a value indicating the degree of trust between the sender and the receiver, and is a value calculated based on the number of transmissions. For example, the greater the trust relationship score, the greater the degree of trust. In the example shown in FIG. 4A, the trust relationship score is the same value as the number of transmissions. The transmission history table shown in FIG. 4A is a transmission history table for “user A”. Therefore, the trust relationship score indicates the degree of trust between “user A” and “users B and D”. For example, the number of transmissions from “user A” to “user B” is 100, and the trust relationship score is “100”. Further, the number of transmissions from “user A” to “user D” is 20, and the trust relationship score is “20”. Each time an electronic mail is transmitted, the transmission history table is updated by the mail management unit 18 and the data is stored in the mail information storage unit 20. A transmission history table is also created for users other than “user A”, and the data is stored in the mail information storage unit 20.

  The reception history table is information indicating the reception history of e-mail for each individual user using the communication path N2 (for example, LAN). In the reception history table, information indicating a sender, information indicating a receiver, information indicating the number of transmissions, and a trust relationship score are associated with each other. The trust relationship score is a value indicating the degree of trust between users, and is a value calculated based on the number of transmissions. For example, the greater the trust relationship score, the greater the degree of trust. In the example shown in FIG. 4B, the trust relationship score is the same value as the number of transmissions. The reception history table shown in FIG. 4B is a reception history table for “user A”. For example, the number of transmissions from “user B” to “user A” is 100 times. That is, the number of times “user A” has received an e-mail from “user B” is 100 times. The trust relationship score is “100”. Further, the number of transmissions from “user D” to “user A” is 20, and the trust relationship score is “20”. Each time an e-mail is received, the reception history table is updated by the mail management unit 18, and the data is stored in the mail information storage unit 20. A reception history table is also created for users other than “user A”, and the data is stored in the mail information storage unit 20.

  The score table is a table for obtaining information indicating the trust relationship. The score table is created in advance, and the data is stored in the mail information storage unit 20. In the score table, the trust relationship score is associated with information indicating the trust relationship. By referring to this score table, information indicating the trust relationship is obtained based on the trust relationship score.

  Information indicating the trust relationship of “users B and D” for “user A” is obtained as follows. For example, the mail management unit 18 transmits the number of transmissions from “user A” to “users B and D” (trust relationship score) and the number of transmissions from “users B and D” to “user A” (trust relationship score). And are added together. Since the number of transmissions from “User A” to “User B” is “100” and the number of transmissions from “User B” to “User A” is “100”, the total trust relationship score is “100”. 200 ". Referring to the score table, the trust relationship corresponding to the trust relationship score is “high”. Therefore, the trust relationship of “user B” for “user A” is “high”. In addition, since the number of transmissions from “User A” to “User D” is “20” and the number of transmissions from “User D” to “User A” is “30”, the total trust relationship score is Becomes “50”. Referring to the score table, the trust relationship corresponding to the trust relationship score is “medium”. Therefore, the trust relationship of “user D” for “user A” is “medium”.

  As described above, information indicating the trust relationship of “user A” with respect to other users other than “user A” is obtained, and the user reliability table shown in FIG. 3 is created. Similarly, a user reliability table is created for users other than “user A”.

  FIG. 5 shows an example of an e-mail transmission / reception history. FIG. 5A shows an example of a transmission history table, and FIG. 5B shows an example of a reception history table.

  The transmission history table is information indicating an electronic mail transmission history for each individual user using the communication path N2 (for example, LAN). In the transmission history table, information indicating a sender, information indicating a receiver, information indicating the number of transmissions, information indicating a weight (weighting factor), and a reliability score are associated with each other. The sender is a user (for example, users A, B, C, and D) using the communication path N2. The recipient is a user who uses a communication path other than the communication path N2, for example, a user who uses the communication path N1 (for example, the Internet). The reliability score is a value indicating the degree of trust between the sender and the receiver, and is a value calculated based on the number of transmissions and the weight. For example, the greater the confidence score, the greater the degree of confidence. In the example shown in FIG. 4A, the reliability score is a product of the number of transmissions and a weight (= number of transmissions × weight). The weight is a value determined based on a trust relationship between a user who uses the communication path N2 and another user who uses the communication path N2. The transmission history table shown in FIG. 4A is a transmission history table for “user A”. Therefore, each weight included in the table is determined based on the trust relationship between the user A and the other users B, C, and D. For example, the weight for “user A” is determined based on the user reliability table shown in FIG.

An example of the weight is shown below.
Myself: 0.1
Trust relationship “High”: 0.1
Trust relationship “Medium”: 0.05
Trust relationship “low”: 0.02
Trust relationship “none”: 0

  That is, the weight is set so that the value increases as the degree of trust increases. The user himself is “user A” here. The number of transmissions is multiplied by the weight based on the trust relationship, thereby obtaining a reliability score. Thereby, the reliability between the sender “user A” in the LAN and the recipient outside the LAN is obtained, and other senders “user B” in the LAN with reference to the sender “user A”. , C, D "and a recipient outside the LAN.

  The transmission history table will be described with reference to a specific example shown in FIG. For example, the number of transmissions from the sender “user A” in the LAN to the recipient (sample@sample.com) outside the LAN is 100, the weight is 0.1, and the reliability score is 10 (= 100 × 0.1). This reliability score indicates the reliability of the recipient for himself. Further, the number of transmissions from “user B” to the recipient is 100, the weight is 0.1, and the reliability score is 10 (= 100 × 0.1). This reliability score indicates the reliability of the recipient when viewed from “user B” who is highly reliable for “user A”. Further, the number of transmissions from “user C” to the same recipient is 100, the weight is 0, and the reliability score is 0 (= 100 × 0). The reliability score indicates the reliability of the recipient when viewed from “user C” who has no reliability for “user A”. Thus, the reliability between each sender and receiver is obtained based on the trust relationship between “user A” and “users B, C, D”. Each time an electronic mail is transmitted, the transmission history table is updated by the mail management unit 18 and the data is stored in the mail information storage unit 20. A transmission history table is also created for users other than “user A”, and the data is stored in the mail information storage unit 20.

  The reception history table is information indicating the reception history of e-mail for each individual user using the communication path N2 (for example, LAN). In the reception history table, the response indicating the sender, the information indicating the receiver, the information indicating the number of transmissions, the information indicating the weight (weight coefficient), and the reliability score are associated with each other. The sender is a user who uses a communication path other than the communication path N2, for example, a user who uses the communication path N1 (for example, the Internet). The recipient is a user (for example, user A) using the communication path N2. The number of transmissions is the number of receptions for the user who uses the communication path N2. The reliability score is a value indicating the degree of reliability between the sender and the receiver, and is a value calculated based on the number of transmissions and the weight. For example, the greater the confidence score, the greater the degree of confidence. In the example shown in FIG. 4B, the reliability score is the product of the number of transmissions and the weight (= number of transmissions × weight). As the weight, the weight of the receiver itself (for example, 0.1) is used as in the weight in the transmission history table. As another example, the weight may be changed between a transmission history (transmission from the LAN to the outside) and a reception history (transmission from the outside to the LAN). In some cases, spam mails and the like are unilaterally transmitted from outside the LAN. Therefore, the number of transmissions (number of receptions) does not simply correspond to the reliability. For example, a value that is 1/10 of the weight of the transmission history may be used as the weight of the reception history. In the example shown in FIG. 5B, “0.01” (= 0.1 / 10) is used as the weight. The weight is multiplied by the number of transmissions, thereby obtaining a confidence score. Thereby, the reliability between the sender outside the LAN and the receiver inside the LAN is obtained.

  The reception history table will be described with a specific example. The reception history table shown in FIG. 5B is a reception history table for “user A”. For example, the number of transmissions from the sender outside the LAN (sample@sample.com) to the recipient “User A” in the LAN is 100, the weight is 0.01, and the reliability score is 1 (= 100 × 0.01). Each time an e-mail is received, the reception history table is updated by the mail management unit 18, and the data is stored in the mail information storage unit 20. A reception history table is also created for users other than “user A”, and the data is stored in the mail information storage unit 20.

  FIG. 6 shows an example of the destination table. The destination table is information indicating the destination of the target electronic mail and the reliability score, and is information created for each user using the communication path N2 (for example, LAN).

  In the destination table, information indicating an email destination, information indicating a trust relationship, and a reliability score are associated with each other. The information indicating the destination is, for example, an e-mail address. This destination is a destination of a user who is reliable for the recipient of the target electronic mail. For example, among the users using the communication path N2, destinations of users whose trust relationship is “medium” or higher for a certain recipient are registered in the destination table. The destination may include a carbon copy (CC) or the like in addition to a narrowly defined destination (TO). The information indicating the trust relationship is information indicating the degree of trust. The reliability score is a value for calculating the reliability of the target electronic mail, and is a value determined based on information indicating the trust relationship. For example, the reliability score is set such that the higher the trust relationship, the higher the value.

  The destination table shown in FIG. 6 is a destination table for “user A”. For “user A”, the trust relationship of “user B” is “high”, and the trust relationship of “user C” is “medium”. Therefore, e-mail addresses of “user B” and “user C” are registered in the table. The higher the trust relationship, the higher the reliability score is set. For example, since the trust relationship of “user B” is “high”, “10” is set as the reliability score, and since the trust relationship of “user D” is “medium”, the reliability score is “5”. Is set. The value of the reliability score is an example, and other values may be adopted. The destination table is created by the mail management unit 18 and the data is stored in the mail information storage unit 20. A destination table is also created for users other than “user A”, and the data is stored in the mail information storage unit 20.

  FIG. 7 shows an example of the reply count table. The reply count table is information indicating the number of replies included in the title of the target electronic mail and the reliability score. When an e-mail is replied, the title of the e-mail generally automatically includes information meaning a reply. For example, the character string “Re” is included in the title. In general, the character string “Re” is added to the title each time an e-mail is returned, and the number of character strings “Re” increases according to the number of replies. Therefore, the number of replies is specified by counting the number of the character string “Re”. In the reply count table, the number of character strings “Re” and the reliability score are associated with each other. Since the reliability of the target e-mail is assumed to be higher as the number of replies increases, the reliability score is set so that the value increases as the number of character strings “Re” increases. The reply count table is created in advance, and the data is stored in the mail information storage unit 20.

  FIG. 8 shows an example of the attached file table. The attached file table is information indicating the file attached to the e-mail and the reliability score, and is created for each individual user using the communication path N2 (for example, LAN).

  In the attached file table, information on the attached file and the reliability score are associated with each other. The attached file is a file transmitted or received by the user in the past. In the attached file table, for example, the hash value (for example, MD5) of the attached file is registered. The attached file table shown in FIG. 8 is an attached file table for “user A”, for example. In this table, hash values of files transmitted or received by “User A” in the past are registered. Each time an electronic mail with a file attached is transmitted or received, the attached file table is updated by the mail management unit 18 and the data is stored in the mail information storage unit 20. The hash value of the attached file is calculated by, for example, the reliability calculation unit 22. An attached file table is also created for users other than “user A”, and the data is stored in the mail information storage unit 20.

  Hereinafter, the contents of the processing executed by the mail processing unit 24 will be described. FIG. 9 shows an example of the processing content table. In the processing content table, the reliability score is associated with information indicating the processing content. The reliability score is, for example, a value calculated using at least one of the transmission history table, the reception history table, the destination table, the reply count table, and the attached file table. The processing content is the content of processing applied to the target electronic mail, and is the content of processing according to the reliability of the target electronic mail. It is assumed that the reliability of the target email is higher as the reliability score is larger. In this case, transmission of the target electronic mail to the recipient is permitted. On the other hand, when the reliability score is low, processing according to the score is applied to the target electronic mail. For example, when the reliability score is 50 or more, since the reliability of the target electronic mail is assumed to be high, transmission of the target electronic mail to the recipient is permitted. Further, when the reliability score is 5 or more and less than 50, the reliability of the target electronic mail is assumed to be medium. In this case, transmission of the target electronic mail to the recipient is permitted, and the target electronic mail is transferred to the administrator. When the reliability score is 1 or more and less than 5, the reliability of the target electronic mail is assumed to be low. In this case, while the transmission of the target e-mail to the recipient is permitted, the deletion of the file attached to the target e-mail and the deletion of the address information such as the URL of the website described in the target e-mail , Etc. are executed. In addition, when the reliability score is 0, it is assumed that there is no reliability of the target e-mail, so that transmission of the target e-mail to the recipient is prohibited (rejected) and that the process is applied. An e-mail is sent to the administrator. Note that the value of the reliability score and its classification are examples, and other values and other classifications may be employed. Processing is also an example, and other processing may be applied. For example, a log may be recorded.

  Hereinafter, an example of processing by the gateway device 10 will be described. First, with reference to the flowchart shown in FIG. 10, a process at the time of receiving the target electronic mail will be described.

  When an electronic mail (target electronic mail) is transmitted from the terminal device 12 connected to the communication path N1 (for example, the Internet) to the terminal device 14 connected to the communication path N2 (for example, the LAN), the gateway device 10 Receives the target electronic mail from the terminal device 12 (S01).

  In the gateway device 10, it is determined whether or not the target electronic mail corresponds to an obvious junk mail or a spoofed mail (S02). This determination process is executed by applying a known technique. For example, the determination may be performed by applying a signature type filter as a known technique to the target e-mail, or the determination is performed based on the information indicating the IP address or the server that has passed through. Also good. This determination process is performed by the control unit 26, for example. When the target electronic mail corresponds to an obvious junk mail or spoofed mail (S02, Yes), the process proceeds to step S07. In this case, transmission of the target electronic mail to the recipient's terminal device 14 is prohibited (S07). If the target electronic mail does not correspond to an obvious junk mail or spoofed mail (S02, No), the process proceeds to step S03.

  In step S03, it is determined whether the target electronic mail corresponds to a reliable mail (S03). This determination process is executed by applying the conventional technique. For example, the determination is made based on the white address of the e-mail address. This determination process is performed by the control unit 26, for example. When the target electronic mail corresponds to a reliable mail (S03, Yes), the process proceeds to step S06. In this case, the target electronic mail is transmitted to the destination terminal device 14 via the communication path N2 (S06). If the target electronic mail does not correspond to a reliable mail (S03, No), the process proceeds to step S04.

  Note that the processing of steps S02 and S03 may not be executed. When the processes of steps S02 and S03 are applied, the process of step S04 is applied when it is unclear whether the target electronic mail is a reliable mail.

  In step S04, the reliability calculation unit 22 calculates the reliability score of the target email (S04). For example, the reliability calculation unit 22 calculates the reliability score using at least one of the transmission history table, the reception history table, the destination table, the reply count table, and the attached file table.

  If it is determined that the target email is a suspicious email based on the reliability score (S05, Yes), the process proceeds to step S07, and the process according to the reliability score is applied to the target email. (S07).

  If it is determined based on the reliability score that the target electronic mail is not suspicious mail (S05, No), the process proceeds to step S06, and the target electronic mail is sent to the destination terminal device 14 via the communication path N2. It is transmitted (S06). Next, information indicating the trust relationship is updated by the mail management unit 18 (S08). Further, the data of the target electronic mail is stored in the mail information storage unit 20 (S09).

  Next, with reference to the flowchart shown in FIG. 11, a process at the time of transmitting the target electronic mail will be described.

  When an electronic mail (target electronic mail) is transmitted from the terminal device 14 connected to the communication path N2 (for example, LAN) to the terminal device 12 connected to the communication path N1 (for example, the Internet), the gateway device 10 Receives the target electronic mail from the terminal device 14 (S10). The gateway device 10 transmits the target electronic mail to the destination terminal device 14 via the communication path N1 (S11). Next, information indicating the trust relationship is updated by the mail management unit 18 (S12). Further, the data of the target electronic mail is stored in the mail information storage unit 20 (S13).

  Hereinafter, the reliability score calculation process (the process of step S04 in FIG. 10) will be described in detail with reference to the flowchart shown in FIG.

  First, the reliability calculation unit 22 reads past e-mail data from the mail information storage unit 20 (S20).

  Next, the reliability calculation unit 22 examines the transmission history for the recipient of the target electronic mail (for example, “user A”) (S21), and calculates the reliability score for the target electronic mail (S22). Specifically, the reliability calculation unit 22 refers to the transmission history table for the user A, and determines a reliability score (first value) indicating the reliability between the recipient “user A” and the sender of the target email. (Reliability score) is acquired from the transmission history table.

  Next, the reliability calculation unit 22 examines the reception history for the recipient of the target email (S23), calculates the reliability score for the target email, and adds the scores (S24). Specifically, the reliability calculation unit 22 refers to the reception history table for the user A, and determines a reliability score (second) indicating the reliability between the recipient “user A” and the sender of the target email. (Reliability score) is obtained from the reception history table. The reliability calculation unit 22 adds the first reliability score and the second reliability score.

  Next, the reliability calculation unit 22 checks the destination of the target electronic mail (S25), calculates a reliability score for the target electronic mail, and adds the scores (S26). Specifically, the reliability calculation unit 22 refers to a destination table for the user A, and acquires a reliability score (third reliability score) corresponding to the destination of the target email. The reliability calculation unit 22 adds the second reliability score to the total value of the first reliability score and the second reliability score.

  Next, the reliability calculation unit 22 checks the title of the target electronic mail (S27), calculates the reliability score for the target electronic mail, and adds the scores (S28). Specifically, the reliability calculation unit 22 refers to the reply count table, and acquires a reliability score (fourth reliability score) corresponding to the number of character strings “Re” included in the title of the target email. . The reliability calculation unit 22 adds the fourth reliability score to the total value of the first, second, and third reliability scores.

  Next, the reliability calculation unit 22 examines the attached file of the target electronic mail (S29), calculates the reliability score for the target electronic mail, and adds the scores (S30). Specifically, the reliability calculation unit 22 refers to the attached file table and acquires a reliability score (fifth reliability score) corresponding to the attached file of the target electronic mail. The reliability calculation unit 22 adds the fifth reliability score to the total value of the first, second, third, and fourth reliability scores. Thereby, a reliability score total value is obtained. This reliability score combined value is a combined value of the first to fifth reliability scores.

  As described above, the reliability score is calculated in step S04. In step S05, it is determined whether or not the target electronic mail is a suspicious mail based on the finally obtained reliability score total value. In the example shown in FIG. 12, the reliability score total value is calculated based on the transmission history, the reception history, the destination, the title (number of replies), and the attached file. However, the reliability score total value is not limited to this example. Absent. That is, the reliability score may be calculated using other parameters for the target electronic mail, and the reliability score may be added to the reliability score combined value. Further, the reliability score or the reliability score combined value may be calculated using at least one parameter among the transmission history, the reception history, the destination, the title, and the attached file. That is, the reliability score may be calculated based on one item from among them, or the reliability score combined value may be calculated based on two or more items. Whether or not the target electronic mail is a suspicious mail may be determined based on the reliability score or the reliability score combined value.

  Hereinafter, the trust relationship update process (the process of step S08 in FIG. 10) will be described in detail with reference to the flowchart shown in FIG.

  First, the mail management unit 18 reads past e-mail data from the mail information storage unit 20 (S40). Next, the mail management unit 18 checks the transmission history of the recipient of the target electronic mail (for example, “user A”) (S41), and updates the number of transmissions and the trust relationship (S42). Next, the mail management unit 18 checks the reception history for the recipient (S43), and updates the number of transmissions and the trust relationship (S44). In this way, the trust relationship for the recipient is updated. Note that other items may also be updated.

  Hereinafter, the processing by the gateway device 10 will be described with a specific example.

(Specific example 1)
Specific example 1 will be described with reference to FIG. In the first specific example, the reliability score is calculated using only the transmission history table of the recipient, and the process according to the reliability score is applied to the target email.

  FIG. 14A shows an example of the target electronic mail according to the first specific example. The sender's e-mail address is “spam@example.com”, and the destination (recipient) is “user A”. No file is attached to the target e-mail. This target electronic mail is an electronic mail transmitted to the terminal device 14 of “user A” connected to the communication path N2 (for example, LAN) via the communication path N1 (for example, the Internet). The target electronic mail transmitted via the communication path N1 is received by the gateway device 10.

  FIG. 14B shows an example of a transmission history table for “user A”. The number of times “user A” has sent an e-mail to the address “spam@example.com” in the past is zero (zero).

  The reliability calculation unit 22 calculates a reliability score based on the number of transmissions. In the above example, since the number of transmissions is 0, the reliability score is 0 (zero). For example, when the reliability score is less than 10, transmission of the target electronic mail is prohibited. In specific example 1, since the reliability score is 0 (zero), transmission of the target electronic mail to “user A” is prohibited by gateway device 10. Since the sender of the target e-mail is a user who has never sent an e-mail in the past, it is assumed that the reliability of the sender is low or absent for “user A”. Accordingly, transmission of the target electronic mail to “user A” is rejected. This prevents a suspicious e-mail that is assumed to be low or unreliable from being sent to “user A”.

(Specific example 2)
Specific example 2 will be described with reference to FIG. In the second specific example, the reliability score is calculated using the transmission history table of the recipient and the third party, and the process according to the reliability score combined value is applied to the target electronic mail.

  FIG. 15A shows an example of the target electronic mail according to the second specific example. The sender's e-mail address is “not_spam@example.com”, and the destination (recipient) is “user A”. No file is attached to the target e-mail. This target electronic mail is an electronic mail transmitted to the terminal device 14 of “user A” connected to the communication path N2 (for example, LAN) via the communication path N1 (for example, the Internet). The target electronic mail transmitted via the communication path N1 is received by the gateway device 10.

  FIG. 15B shows an example of a transmission history table. This transmission history table shows a transmission history for “user A” and a transmission history for “user B” who is reliable for “user A”. Whether or not “user A” is a trusted user is specified based on, for example, the user reliability table shown in FIG. Referring to this user reliability table, since the trust relationship of “user B” is “high”, “user B” corresponds to a trusted user for “user A”. In the second specific example, the reliability score is calculated using the transmission history of the “user B”.

  The reliability calculation unit 22 calculates a reliability score based on the number of transmissions. In the second specific example, the number of times “user A” has sent an e-mail to the address “not_spam@example.com” in the past is 10 times. In this case, the reliability score is 10. Further, the number of times that “user B” has sent an e-mail to the address “not_spam@example.com” in the past is 100 times. In this case, the reliability score is 100. The reliability calculation unit 22 adds the reliability score for “user A” and the reliability score for “user B”. Thereby, a reliability score total value is obtained. In the above example, the total reliability score value is 110 (= 10 + 100). For example, when the reliability score total value is 10 or more, transmission of the target electronic mail is permitted. Since the reliability score total value is 110, transmission of the target electronic mail to “user A” is permitted. As a result, an electronic mail that is assumed to have high reliability is transmitted to “user A”. As described above, according to the second specific example, not only the trust relationship between the receiver itself and the sender, but also the trust relationship between the third party and the sender that is trusted by the receiver is used. Mail reliability is calculated.

(Specific example 3)
Specific example 3 will be described below. In the third specific example, the transmission score table, the reception history table, the destination table, the reply count table, and the attached file table are used to calculate the reliability score total value, and processing according to the reliability score total value is targeted. Applies to email.

  FIG. 16 shows an example of the target electronic mail according to specific example 3. The sender's e-mail address is “attacaker@example.com”, and the destination (recipient) is “user A”. The title of the target electronic mail is “Re: Re: About the data of the other day”, and a file is attached. The hash value (MD5) of the attached file is “87394g9hbhl4ihl”. This target electronic mail is an electronic mail transmitted to the terminal device 14 of “user A” connected to the communication path N2 (for example, LAN) via the communication path N1 (for example, the Internet). The target electronic mail transmitted via the communication path N1 is received by the gateway device 10.

  When the target electronic mail is received by the gateway device 10, the gateway device 10 executes the process of step S02 in FIG. Thereby, it is determined whether or not the target electronic mail corresponds to an obvious junk mail or spoofed mail. When it is determined that the target electronic mail corresponds to an obvious junk mail or spoofed mail, transmission of the target electronic mail to “user A” is prohibited. When it is determined that the target electronic mail does not correspond to an obvious spam mail or spoofing mail, the process of step S03 in FIG. 10 is executed. Thereby, it is determined whether the address of the target electronic mail is included in, for example, a white list of electronic mail addresses. When the address of the target electronic mail is included in the white list, the target electronic mail is transmitted to the terminal device 14 of “user A”. If the address of the target email is not included in the whitelist, the reliability score of the target email is calculated as described below, and the process corresponding to the reliability score is applied to the target email. The Note that the processing of steps S02 and S03 in FIG. 10 may not be executed.

  First, the reliability calculation unit 22 refers to the user reliability table stored in the mail information storage unit 20 and identifies a user who is reliable for “user A”. The trusted user is, for example, a user whose reliability with the recipient “user A” is equal to or greater than a threshold value. FIG. 3 shows an example of the user reliability table. According to this user reliability table, the trust relationship of “user B” is “high” and the trust relationship of “user C” is “medium”. For example, a user whose trust relationship is set to a threshold value “medium” or higher is identified as a trusted user. In the example illustrated in FIG. 3, “user B” and “user D” are identified as reliable users for “user A”. In the calculation of the reliability score, the transmission / reception history of the users A, B, and D is used.

  Hereinafter, a specific example of the reliability score calculation process will be described.

  First, the reliability calculation unit 22 calculates a reliability score based on an email transmission / reception history. FIG. 17 shows an example of a transmission / reception history of “users A, B, D” for the address “attacaker@example.com”. FIG. 17A shows an example of a transmission history table, and FIG. 17B shows an example of a reception history table.

  The transmission history table is information indicating an electronic mail transmission history for each individual user using the communication path N2 (for example, LAN). In the transmission history table, information indicating a sender, information indicating a receiver, information indicating the number of transmissions, information indicating a weight (weighting factor), and a reliability score are associated with each other. The sender is “users A, B, D”. The recipient's address is “attacaker@example.com”. The weight and the reliability score are determined by the method described with reference to FIG.

  The reliability calculation unit 22 acquires the reliability score of “users A, B, D” for the recipient “attacaker@example.com” from the transmission history table, and adds the plurality of reliability scores. The reliability score of “user A” with respect to the recipient is “1”, and the reliability score of “users B and D” is “0 (zero)”. Therefore, the total value of the reliability score is “1” (= 1 + 0 + 0). This total value corresponds to the first reliability score.

  The reception history table is information indicating the reception history of e-mail for each individual user using the communication path N2 (for example, LAN). In the reception history table, the response indicating the sender, the information indicating the receiver, the information indicating the number of transmissions, the information indicating the weight (weight coefficient), and the reliability score are associated with each other. The sender's address is “attacaker@example.com”. The recipient is “users A, B, D”. The weight and the reliability score are determined by the method described with reference to FIG.

  The reliability calculation unit 22 acquires the reliability score of “users A, B, and D” for the sender “attacaker@example.com” from the reception history table, and adds the plurality of reliability scores. The reliability score of “user A” with respect to the sender is “0.1”, and the reliability score of “users B and D” is “0”. Therefore, the total value of the reliability score is “0.1” (= 0.1 + 0 + 0). This total value corresponds to the second reliability score. The reliability calculation unit 22 adds the first reliability score “1” and the second reliability score “0.1”. The total value is “1.1”.

  Next, the reliability calculation unit 22 calculates a reliability score based on the destination of the target electronic mail. For example, the reliability calculation unit 22 refers to the destination table shown in FIG. 6 and acquires the reliability score corresponding to the destination of the target electronic mail from the destination table. Since the destination of the target electronic mail according to specific example 3 is only “user A”, the reliability score for other users is not acquired. Therefore, the reliability score based on the destination is “0 (zero)”. This reliability score corresponds to the third reliability score. The reliability calculation unit 22 adds the third reliability score “0” to the total value “1.1”. The total value is “1.1”.

  Next, the reliability calculation unit 22 calculates a reliability score based on the title of the target email. For example, the reliability calculation unit 22 refers to the reply count table shown in FIG. 7, and from the reply count table, the reliability corresponding to the number of character strings “Re” included in the title of the target email. Get a degree score. Since the title of the target electronic mail according to the specific example 3 includes two character strings “Re”, the reliability score is “2”. This reliability score corresponds to the fourth reliability score. The reliability calculation unit 22 adds the third reliability score “2” to the total value “1.1”. The total value is “3.1”.

  Next, the reliability calculation unit 22 calculates a reliability score based on the file attached to the target electronic mail. For example, the reliability calculation unit 22 refers to the attached file table shown in FIG. 8 and acquires a reliability score corresponding to the file attached to the target electronic mail. The hash value (MD5) of the attached file according to the specific example 3 is “87394g9hbhl4ihl”. The same value is registered in the attached file table. That is, the same file as the file attached to the target electronic mail has been transmitted or received by “User A” in the past. In this case, the reliability score “5” is acquired. This reliability score corresponds to the fifth reliability score. The reliability calculation unit 22 adds the fifth reliability score “5” to the above total value “3.1”. The total value is “8.1”. This sum value corresponds to the confidence score sum value.

  Note that the two files may be compared without using a value such as a hash value. For example, the mail management unit 18 stores in the mail information storage unit 20 a file attached to an e-mail that has been sent and received in the past. The reliability calculation unit 22 compares the file attached to the target e-mail and the file stored in the mail information storage unit 20, calculates the degree of coincidence or similarity between both files, and the degree of coincidence or similarity Calculate the reliability score according to the degree. For example, the reliability score when the coincidence or similarity is equal to or greater than the threshold is “5”, and the reliability score when the coincidence or similarity is less than the threshold is “0”.

  As another example, when a file is attached to the target electronic mail, a negative value may be used as the reliability score.

  For example, the mail processing unit 24 refers to the processing content table shown in FIG. 9 and applies the processing corresponding to the reliability score total value “8.1” to the target electronic mail. The process corresponding to the total value is “permit mail, forward mail to administrator”. In this case, the target electronic mail is transmitted from the gateway device 10 to the terminal device 14 of “user A” via the communication path N2, and further transmitted to the administrator.

  Next, the mail management unit 18 updates the transmission history table and the reception history table. Specifically, in the tables shown in FIGS. 17A and 17B, the corresponding transmission count and reliability score are updated. When the target electronic mail is transmitted via the communication path N2, the corresponding number of transmissions and the trust relationship score are updated in the tables shown in (A) and (B) of FIG. Further, the mail management unit 18 stores the data of the target electronic mail and the attached file in the mail information storage unit 20.

  As described above, according to the present embodiment, the reliability score of the target e-mail is calculated based on the transmission / reception history between the sender and receiver of the target e-mail, and the process according to the reliability score is performed. Applies to targeted emails. The greater the number of transmissions or the number of receptions, the more reliable the sender is assumed. Therefore, by calculating the reliability score based on the transmission / reception history and applying the processing according to the reliability score to the target email, the target email with high reliability for the receiver is transmitted to the receiver, Transmission of target emails with low reliability is prohibited. In this way, by allowing or prohibiting the transmission of the target e-mail according to the reliability of each individual user, filtering of the target e-mail can be performed as compared with the case where the transmission of the target e-mail is uniformly permitted or prohibited. Done more appropriately.

  In the present embodiment, the reliability score is calculated based on the transmission / reception history between the sender and the receiver and the transmission / reception history between a third party other than the receiver and the sender. The third party is a trusted user for the recipient. By using the third party's transmission / reception history, the reliability of the target electronic mail is more appropriately evaluated. Even if no e-mail transmission / reception has been performed in the past between the sender and the receiver itself, the reliability of the target e-mail can be increased by using a reliable third-party transmission / reception history. Be evaluated. Thereby, the target electronic mail with high reliability is transmitted to the recipient, and the target electronic mail is more appropriately filtered.

  In the present embodiment, the reliability score is calculated based on the destination of the target electronic mail. When a third party that is reliable for the recipient is included in the destination, the reliability of the target electronic mail is assumed to be relatively high. Therefore, the reliability of the target electronic mail is appropriately evaluated by using the destination.

  In the present embodiment, the reliability score is calculated based on the number of replies. It is assumed that the greater the number of replies, the higher the reliability of the target e-mail sender. Therefore, the reliability of the target electronic mail is appropriately evaluated by using the number of replies.

  In the present embodiment, the reliability score is calculated based on the attached file. When a file that is the same as or similar to an attached file transmitted / received in the past is attached to the target electronic mail, it is assumed that the reliability of the target electronic mail is relatively high. Therefore, by calculating the reliability score based on the attached file, the reliability of the target electronic mail is appropriately evaluated.

  In Specific Example 3, a reliability score is calculated based on at least one piece of information in the transmission history table, the reception history table, the destination table, the reply count table, and the attached file table, and the reliability score is determined according to the reliability score. The process may be applied to the target electronic mail.

  In the specific example 3, in the gateway device 10, a signature type filter or a rule matching type filter may be applied. In this case, more powerful filtering is realized.

(Modification 1)
Hereinafter, the mail delivery system according to Modification 1 will be described. FIG. 18 shows a mail delivery system according to the first modification.

  The mail delivery system according to the first modification includes a plurality of gateway devices 10. The first gateway device 10 is connected to the communication paths N1 and N2, and the second gateway device 10 is connected to the communication paths N2 and N3. The communication path N1 is, for example, the Internet, and the communication paths N2 and N3 are networks such as a LAN. One or a plurality of terminal devices 14 are connected to the communication paths N2 and N3. Each gateway device 10 has the same function as the gateway device 10 according to the above embodiment.

  In the first modification, information used for reliability calculation processing is shared among a plurality of gateway devices 10. For example, information acquired by the first gateway device 10 is transmitted to the second gateway device 10 via the communication path N1, and information acquired by the second gateway device 10 is transmitted via the communication path N1. It is transmitted to the first gateway device 10. The shared information is, for example, information such as a transmission history table, a reception history table, a destination table, a reply count table, and an attached file table. The plurality of gateway devices 10 are connected by a communication technique such as VPN (Virtual Private Network). As a result, the information is shared while the security of the information is ensured.

  According to the first modification, information used for reliability calculation processing is integrated in the communication paths N2 and N3, and the integrated information is used. Thereby, more information is utilized, the reliability score of the target electronic mail is calculated, and the accuracy of the reliability score itself can be improved.

(Modification 2)
Hereinafter, the mail delivery system according to Modification 2 will be described. FIG. 19 shows a mail delivery system according to the second modification.

  Similar to the mail delivery system according to the first modification, the mail delivery system according to the second modification includes a plurality of gateway devices 10. The communication paths N2,... Nx are networks such as a LAN. One or a plurality of terminal devices 14 are connected to these communication paths. Each gateway device 10 has the same function as the gateway device 10 according to the above embodiment. A server device 28 is connected to the communication path N1 (for example, the Internet). The server device 28 and each gateway device 10 are connected by, for example, VPN.

  In the second modification, information used for the reliability calculation process is transmitted from each gateway device 10 to the server device 28. As a result, information used for the reliability calculation processing is collected in the server device 28. This information is the same information as that in the first modification. Each gateway device 10 acquires information used for reliability calculation processing in another communication path from the server device 28. Thereby, in each gateway apparatus 10, the information in another communication path | route is utilized, and the communication load between each gateway apparatus 10 is reduced.

  The gateway device 10 according to the embodiment and the modification is realized by cooperation of hardware resources and software, for example. Specifically, the gateway device 10 includes a processor such as a CPU (not shown). When the processor reads and executes a program stored in a storage device (not shown), the functions of the respective units of the gateway device 10 are realized. The program is stored in the storage device via a recording medium such as a CD or DVD, or via a communication path such as a network. Or each part of gateway device 10 may be realized by hardware resources, such as a processor and an electronic circuit, for example. In the realization, a device such as a memory may be used. As another example, each unit of the gateway device 10 may be realized by a DSP (Digital Signal Processor), an FPGA (Field Programmable Gate Array), or the like.

  In the embodiment, the program executed by the gateway device includes a magnetic recording medium (magnetic tape, magnetic disk (HDD, FD (Flexible Disk)), etc.), an optical recording medium (optical disk (CD (Compact Disk)), DVD (Digital Versatile). Disk))), a magneto-optical recording medium, a semiconductor memory (flash ROM, etc.), etc. These programs may be downloaded via a network such as the Internet.

  DESCRIPTION OF SYMBOLS 10 Gateway apparatus, 12, 14 Terminal device, 18 Mail management part, 20 Mail information storage part, 22 Reliability calculation part, 24 Mail processing part, 26 Control part, 28 Server apparatus.

Claims (13)

Receiving means for receiving the target e-mail;
Processing according to information on the first trust relationship between the sender and recipient of the target email and information on the second trust relationship between a third party other than the recipient and the sender Processing means for applying to the target e-mail;
An information processing apparatus. A calculation unit for calculating the reliability of the target e-mail based on the information on the first trust relationship and the information on the second trust relationship;
The processing means applies processing according to the reliability to the target email.
The information processing apparatus according to claim 1. The information related to the first trust relationship is information indicating at least one of a transmission history and a reception history of a past e-mail between the sender and the receiver,
The information related to the second trust relationship is information indicating at least one of a transmission history and a reception history of past e-mails between the sender and the third party.
The information processing apparatus according to claim 2. The calculation means calculates the reliability based further on a destination of the target email.
The information processing apparatus according to claim 2, wherein the information processing apparatus is an information processing apparatus. The calculation means calculates the reliability based further on the number of replies for the target email.
The information processing apparatus according to claim 2, wherein the information processing apparatus is an information processing apparatus. The calculation means calculates the reliability based further on data attached to the target email.
The information processing apparatus according to claim 2, wherein the information processing apparatus is an information processing apparatus. The third party is a person whose trust relationship with the recipient is equal to or greater than a threshold value.
The information processing apparatus according to claim 1, wherein the information processing apparatus is an information processing apparatus. The trust relationship is determined based on history information indicating at least one of a transmission history and a reception history of a past e-mail between the sender and the receiver.
The information processing apparatus according to claim 7. The number of the history information is the trust relationship between the sender and the receiver.
The information processing apparatus according to claim 8. The processing means permits or prohibits transmission of the target e-mail to the recipient as the processing.
The information processing apparatus according to claim 1, wherein the information processing apparatus is an information processing apparatus. When the transmission of the target e-mail is permitted, the processing includes transmitting the target e-mail to the recipient, transmitting the target e-mail to the recipient and the administrator, or the target e-mail. And deleting the address information of the website described in the file attached to the target email or the target email, and at least one of sending the transmission of the target email to the recipient.
The information processing apparatus according to claim 10. Information used for the calculation of the reliability is also shared by devices other than the information processing device.
The information processing apparatus according to claim 2, wherein the information processing apparatus is an information processing apparatus. Computer
Receiving means for receiving the target e-mail;
Processing according to information on the first trust relationship between the sender and recipient of the target e-mail and information on the second trust relationship between the sender and a third party other than the recipient Processing means for applying to the target email,
Program to function as.