JP5417914B2 - Relay device and program - Google Patents

Relay device and program Download PDF

Info

Publication number
JP5417914B2
JP5417914B2 JP2009062499A JP2009062499A JP5417914B2 JP 5417914 B2 JP5417914 B2 JP 5417914B2 JP 2009062499 A JP2009062499 A JP 2009062499A JP 2009062499 A JP2009062499 A JP 2009062499A JP 5417914 B2 JP5417914 B2 JP 5417914B2
Authority
JP
Japan
Prior art keywords
message
mail
data
relay device
setting
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
JP2009062499A
Other languages
Japanese (ja)
Other versions
JP2010219731A (en
Inventor
慎吾 梅島
雅行 水嶋
良信 岩崎
Original Assignee
ヤマハ株式会社
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by ヤマハ株式会社 filed Critical ヤマハ株式会社
Priority to JP2009062499A priority Critical patent/JP5417914B2/en
Publication of JP2010219731A publication Critical patent/JP2010219731A/en
Application granted granted Critical
Publication of JP5417914B2 publication Critical patent/JP5417914B2/en
Application status is Active legal-status Critical
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L51/00Arrangements for user-to-user messaging in packet-switching networks, e.g. e-mail or instant messages
    • H04L51/14Arrangements for user-to-user messaging in packet-switching networks, e.g. e-mail or instant messages with selective forwarding

Description

  The present invention relates to a technique for updating setting of a relay device.

  The relay device is a network device that performs data transfer according to a protocol of a third layer (network layer) or a fourth layer (transport layer) in an OSI (Open Systems Interconnection) reference model. Many relay devices refuse to forward packets that have a certain IP address as the source IP address or destination IP address, or refuse to forward packets that have a certain port number as the source port number or destination port number. These settings can be customized from an external computer. A user who customizes the setting of this type of relay device accesses a URL (Uniform Resource Locator) of setting utility screen data in the relay device from a computer connected to the relay device, and causes the computer to display a setting utility screen. Then, the user inputs an ID and password, which are unique account information, on the setting utility screen. Then, the computer transmits the ID and password to the relay device. When the ID / password pair received from the computer matches the registered pair, the relay device regards the computer as a user having a legitimate authority and follows the command transmitted from the computer thereafter. (See, for example, Patent Document 1).

JP 2004-041064 A

Whenever an administrator of this type of relay device grants the user the authority to customize the settings of the relay device, the administrator sets the account information unique to that user in the relay device. Therefore, if there are circumstances such as giving the authority to customize the settings of the relay device to many users or changing the user who gives the authority later, the burden of setting account information by the administrator is heavy. It becomes. On the other hand, if no account information is set in the relay device, and all computers that access the URL of the setting utility screen data are operated as if they have a legitimate authority, fraud by the Service-to-Self It is not possible to exclude changes in settings.
The present invention has been devised under such a background, and an object of the present invention is to make it possible to determine access from a legitimate person who is authorized to customize the setting of a relay device by simpler processing. And

  According to the present invention, a generation unit that generates setting data instructing setting contents of the relay device, and a message including the setting data generated by the generation unit is set to a predetermined address in a communication network under the relay device as a destination address. Included in the message when the message is received from the distribution means for transmission and the communication network under the relay device, and the received message contains the same setting data as the setting data generated by the generating means There is provided a relay device comprising update means for updating the setting contents of the relay device according to the set data.

  In the present invention, when a situation that requires updating of the setting contents of the relay apparatus occurs, the relay apparatus generates setting data instructing the updating contents, and updates the setting data, for example, the setting of the relay apparatus Send to the address of one or more authorized terminals. Then, the relay device considers that the transmission source is a person who has been given the authority to update when receiving the setting data from the terminal that was the transmission destination of the setting data generated by itself, and according to the setting data Update the settings of the relay device. Therefore, by limiting the transmission destination of the setting data, it is possible to eliminate an unauthorized update request from a person who has not been given authority.

It is a figure which shows the whole structure of the electronic mail transfer system containing the relay apparatus concerning 1st and 2nd embodiment of this invention. It is a figure which shows the data structure of the email message transmitted / received in the email transfer system shown in FIG. It is a block diagram which shows the structure of the relay apparatus in the electronic mail transfer system shown in FIG. It is a flowchart which shows operation | movement of the relay apparatus concerning 1st Embodiment of this invention. It is a figure which shows an example of the mail screen displayed when the terminal in the email transfer system shown in FIG. 1 receives an update notification email message. It is a flowchart which shows operation | movement of the relay apparatus concerning 2nd Embodiment of this invention.

(First embodiment)
Hereinafter, a first embodiment of the present invention will be described with reference to the drawings.
FIG. 1 is a diagram showing an overall configuration of an electronic mail transfer system including a relay device 10 according to the first embodiment of the present invention.
The relay device 10 constitutes a LAN (Local Area Network) together with the terminals 20-i (i = 1 to 3) and the mail transfer server device 30. The relay device 10 serves to relay the exchange of data packets via the line 91 between the terminal 20-i (i = 1 to 3) and the mail transfer server device 30 and the Internet 90 under the relay device 10. It is a device that plays. Details of the relay device 10 will be described later.

  The terminal 20-i (i = 1 to 3) is, for example, a personal computer. The user who uses the terminal 20-i (i = 1 to 3) is given the authority to update the security setting of the relay device 10. The terminal 20-i (i = 1 to 3) is equipped with a mailer program. The mailer program is a program that causes the terminal 20-i (i = 1 to 3) to execute processing for generation, transmission / reception, and display of an e-mail message in MIME (Multipurpose Internet Mail Extension) format.

As shown in the example of FIG. 2, the MIME-format e-mail message has a mail header and a mail body. The mail header of the e-mail message has a plurality of header fields, and information such as a destination e-mail address, a transmission source e-mail address, a subject, and a transmission date / time is described in these header fields. In the mail body, the body of the e-mail message and various contents such as an image file and an audio file attached to the e-mail message are described for each group called a part.
The part has a content header and a content body. In the content body of each part, encoded data obtained by encoding a character string forming the body of the e-mail message and other various contents is described. In the content header of each part, a character string indicating the data type of the content described in the content body of the part is described.

  In FIG. 1, an electronic mail address (XXX@example1.net) assigned to the user is set in the terminal 20-1. An electronic mail address (YYY@example1.net) assigned to the user is set in the terminal 20-2. An electronic mail address (ZZZ@example1.net) assigned to the user is set in the terminal 20-3.

The mail transfer server device 30 is configured to use SMTP (Simple) in the domain (example1.net) to which the terminal 20-i (i = 1 to 3) belongs.
It is a server device that plays a role as a Mail Transfer Protocol (POS) server and a POP (Post Office Protocol) 3 server. The mail transfer server device 30 is implemented with SMTP and POP3. SMTP is a protocol related to transmission of an e-mail message by the terminal 20-i (i = 1 to 3). POP3 is a protocol related to reception of an e-mail message by the terminal 20-i (i = 1 to 3). The mail transfer server device 30 has a mailbox database 31 and a mailing list 32. The mailbox database 31 is a collection of mailboxes of the terminal 20-i (i = 1 to 3). Each mailbox in the mailbox database 31 stores an e-mail message having each e-mail address of the terminal 20-i (i = 1 to 3) as a destination e-mail address. Further, the mailing list 32 includes “XXX@example1.net” which is the electronic mail address of the terminal 20-1, “YYY@example1.net” which is the electronic mail address of the terminal 20-2, and the electronic mail of the terminal 20-3. A set of “ZZZ@example1.net” which is a mail address is registered in association with “LIST@example1.net” which is a representative e-mail address representing those three.

In accordance with SMTP, the mail transfer server device 30 receives an email message from the terminal 20-i (i = 1 to 3) or the relay device 10, and the destination email address of the received email message is the terminal 20-i ( It is determined whether the e-mail address is i = 1 to 3). When the mail transfer server device 30 receives an e-mail message having any one of the e-mail addresses of the terminals 20-i (i = 1 to 3) as the destination e-mail address, the mail transfer server device 30 The electronic mail message is stored in the mail box corresponding to the terminal 20-i. In addition, when an e-mail message is received that has an e-mail address other than that of the terminal 20-i (i = 1 to 3) as the destination e-mail address, the e-mail message has a payload portion, and the e-mail address has the e-mail address. A data packet having the IP address of a POP3 server (not shown) in the same domain as the destination IP address is assembled, and the assembled data packet is delivered to the relay device 10. The data packet is transferred from the relay device 10 to the Internet 90 via the line 91, and then received by a POP3 server (not shown) having the destination IP address and stored in the mailbox.
Further, when the mail transfer server device 30 receives an e-mail message having “LIST@example1.net”, which is the representative e-mail address of the mailing list 32, as the destination e-mail address, the e-mail message is sent to the terminal 20-i ( i = 1 to 3), and the destination e-mail address of each copied e-mail message is stored in the mailbox corresponding to each terminal 20-i (i = 1 to 3) in the mailbox database 31. To do.

  In accordance with POP3, the mail transfer server device 30 receives the user ID and password, which are each account information, from the terminal 20-i (i = 1 to 3), and performs an authentication process using the received account information. Then, the mail transfer server device 30 reads an e-mail message having the e-mail address of the terminal 20-i that has been authenticated by the account information as the destination e-mail address from the corresponding mailbox in the mailbox database 31, and the terminal 20 Deliver to i.

FIG. 3 is a block diagram illustrating a configuration of the relay device 10. The relay device 10 includes a communication interface 11-k (k = 1 to 4), a storage unit 12, a control unit 13, and a real time clock 19. The communication interface 11-k (k = 1 to 4) is a NIC (Network Interface Card). At least one of the communication interfaces 11-k (k = 1 to 4) (for example, communication interface 11-1) of the relay device 10 is the terminal 20-i (i = 1 to 3) and the mail transfer server device 30. The remaining at least one (for example, communication interface 11-2) is connected to the line 91. The communication interfaces 11-1 and 11-2 receive Ethernet (registered trademark) frames (hereinafter simply referred to as “frames”) whose destination MAC addresses are the MAC addresses of the communication interfaces 11-1 and 11-2. The data packet included in the frame is delivered to the control unit 13.
The real time clock 19 outputs a signal indicating the current time.

The storage unit 12 includes a volatile storage unit 14 and a nonvolatile storage unit 15. The volatile storage unit 14 is a RAM (Random Access Memory) and provides a work area to the control unit 13. The nonvolatile storage unit 15 is, for example, a hard disk or a Flash ROM. In addition to ID data indicating an ID unique to the relay device 10, a spam mail source address list 16 and a control program 17 are stored in the nonvolatile storage unit 15.
The junk mail sender address list 16 is a list for registering e-mail addresses handled as junk mail senders in the relay device 10.

The control program 17 has the following four functions.
a. The junk mail discard function includes an e-mail message whose destination e-mail address is the e-mail address of the terminal 20-i in the payload portion of the data packet delivered from the communication interface 11-2. This is a function for discarding the e-mail message when the sender e-mail address is registered in the junk mail sender address list 16.
b. Setting data generation function This is when the e-mail address of the e-mail message is not registered in the junk e-mail sender address list 16 and the mail body contains a predetermined character string that violates public order and morals. This is a function for generating setting data that is a pair of commands related to the registration of the e-mail address of the e-mail message and the e-mail address in the junk e-mail transmission source address list 16.
c. Configuration data distribution function This generates an update notification email message, which is an email message containing the configuration data generated by the function of the configuration data generation function, and this update notification email message is represented by a representative email address in the mailing list 32. This is a function that transmits a certain “LIST@example1.net” as a destination electronic mail address.
d. Setting data update function This is a setting data generated by receiving a Hyper Text Transfer Protocol (HTTP) message from the terminal 20-i after transmitting an update notification e-mail message, and generating the received HTTP message by the function of the setting data generation function. When the same setting data is included, the setting content of the relay device 10 is updated according to the setting data.

  Next, the operation of this embodiment will be described. FIG. 4 is a flowchart showing the operation of the relay device 10 in the present embodiment. The control unit 13 of the relay device 10 performs the operation shown in FIG. 4 every time a data packet is delivered from the communication interfaces 11-1 and 11-2. Of the series of processes shown in FIG. 4, steps S100 to S130 are processes executed by the control unit 13 by the function of the junk mail discard function, and steps S140 to S150 are performed by the control unit 13 by the function of the setting data generation function. Steps S160 to S170 are processes executed by the control unit 13 by the function of the setting data distribution function, and steps S180 to S230 are processes executed by the control unit 13 by the function of the setting data update function. is there.

In FIG. 4, when the data packet is delivered from the communication interfaces 11-1 and 11-2, the control unit 13 of the relay apparatus 10 receives the terminal 20-i (i = 1 to 3) in the payload portion of the data packet. It is determined whether an e-mail message having one of the e-mail addresses as a destination e-mail address is included (S100).
When the corresponding e-mail message is included in the payload portion of the data packet (S100: Yes), the control unit 13 takes out the e-mail message from the payload portion of the data packet and stores it in the volatile storage unit 14 It is stored in an area (referred to as “determined mail storage area”) (S110). Next, the control unit 13 determines whether or not the transmission source email address of the email message stored in the determination required email storage area is registered in the junk mail transmission source address list 16 (S120). And the control part 13 cancels | discards the email message, when the transmission origin email address is registered into the junk mail transmission source address (S120: Yes).

  In addition, when the transmission source email address of the email message stored in the determination required email storage area is not registered in the spam email transmission source address (S120: No), the control unit 13 determines the email body of the email message. It is determined whether or not a predetermined character string that violates public order and morals is included (S140). The determination in step S140 is performed, for example, by collating the character string described in the mail body with the contents recorded in the junk mail determination dictionary file.

  If it is determined in step S140 that the mail body of the e-mail message stored in the determination required mail storage area does not include a character string that violates public order and morals (S140: No), the control unit 13 performs a transfer process ( S300). In this transfer process, the control unit 13 assembles a data packet having the payload of the electronic mail message stored in the determination required mail storage area, and transmits a frame including the data packet from the communication interface 11-1.

  If the control unit 13 determines in step S140 that the mail body of the e-mail message stored in the determination required mail storage area includes a character string that violates public order and morals (S140: Yes), the control data generation process is performed. Perform (S150). In this setting data generation process, the control unit 13 sends a command (referred to as an “address registration command”) for instructing registration of an email address to the junk mail source address list 16 and an email message email in the determination required email storage area. A pair of sender e-mail addresses described in the header is set as setting data.

  Next, the control unit 13 performs an encryption process (S160). In this encryption process, the control unit 13 reads ID data stored in the nonvolatile storage unit 15. Then, the control unit 13 sets the ID data read from the nonvolatile storage unit 15, the setting data generated in step S150, the time data indicating the current time output from the real-time clock 19 at the time of generation, and the expiration date of the setting data. Encrypted data is generated by encrypting a set of four types of data consisting of time length data indicating the time length set in the relay device 10 with a secret key unique to the relay device 10.

  After performing the update notification mail transmission process (S170), the control unit 13 proceeds to the transfer process (S300) described above. In the update notification mail transmission process in step S170, the control unit 13 generates a new e-mail message in the storage area secured in the volatile storage unit 14 (referred to as “new mail storage area”), and the e-mail message The mail header of the electronic mail message stored in the determination mail storage area and the body part in the mail body are copied. Then, after the character string of the text in the body part, a character string for requesting confirmation of the update contents (referred to as “update confirmation request character string”) and the URL of the relay device 10 are described. The update confirmation request string is: "This email has been determined to be suspected of being spam. By registering the sender address of this email in the list, receiving emails with the same address as the sender is rejected. If you wish to register in the list, please upload to the following URL. "

  In the update notification mail transmission process, the control unit 13 adds a new part to the mail body of the e-mail message stored in the new mail storage area, and uses the encrypted data generated by the encryption process in step S160. Describe it as the content body of the added part. Further, the destination e-mail message described in the e-mail header of the e-mail message is replaced with “LIST@example1.net” which is the representative e-mail address of the mailing list 32, and this e-mail message is replaced with an update notification e-mail message. To do. When the generation of the update notification e-mail message is completed, the control unit 13 assembles a data packet having the update notification e-mail message as a payload portion and transmits a frame including the assembled data packet from the communication interface 11-1.

  When the mail transfer server device 30 acquires the update notification email message from the relay device 10 and confirms that the destination email address is “LIST@example1.net”, which is the representative email address, the update notification email The same number of messages as the terminal 20-i (i = 1 to 3) are copied, and the updated update notification e-mail message is stored in the mailbox of each terminal 20-i (i = 1 to 3) in the mailbox database 31. Remember each one. These update notification e-mail messages are delivered to each terminal 20-i (i = 1 to 3) according to POP3, and each terminal 20-i (i = 1 to 3) receives the e-mail message acquired by each terminal 20-i. Display as mail screen.

  FIG. 5 shows an example of a mail screen displayed when the terminal 20-1 (e-mail address: XXX@example1.net), which is one of the destinations of the update notification e-mail message, acquires the update notification e-mail message. FIG. In the example of FIG. 5, the header information display column 51 of the mail screen displays each character string indicating the destination, sender, subject, and transmission date / time, and is described in the mail header of the update notification email message on the right of each. The destination information e-mail address, transmission source e-mail address, subject, and transmission date and time are displayed.

  Further, in the text display field 52 of this mail screen, a character string “Would you like a photo of SSS?” That was the text of the email message stored in the judgment required mail storage area is displayed. The And below that, “It was determined that this email was suspected of being spam. By registering the sender address of this email in the list, it was refused to receive emails from the same address. If you wish to register in the list, please upload to the following URL "and the string" http://133.176.74.1/decode.mail "indicating the URL will be displayed. . These character strings are described by the control unit 13 of the relay apparatus 10.

  The user of the terminal 20-i (i = 1 to 3) refers to the sender e-mail address in the header information display column 51 and the content of the text in the text display column 52 of the mail screen displayed by each terminal 20-i. The sender e-mail address is registered in the junk e-mail sender address list 16 to determine whether there is no problem. If the user determines that the sender e-mail address can be registered in the junk mail sender address list 16, the user moves the mouse pointer mp to the URL in the text display field 52 and performs a left double-click operation. .

  When the terminal 20-i detects that an operation of moving the mouse pointer mp over the URL in the text display field 52 and double-clicking has been performed, the terminal 20-i receives the URL and the URL in a DNS (Domain Name System) server (not shown). The associated IP address, that is, the IP address of the relay device 10 is acquired from the server. Then, the terminal 20-i extracts the encrypted data from the update notification electronic mail message acquired by the terminal 20-i, and generates an HTTP message including the encrypted data. Further, the terminal 20-i assembles a data packet having the HTTP message as a payload part and the IP address of the relay device 10 as a destination IP address, and transmits a frame including the assembled data packet. The communication interface 11-1 of the relay device 10 receives the frame transmitted by the terminal 20-i and delivers the data packet included in the frame to the control unit 13. Since the payload portion of the data packet does not include an e-mail message having the e-mail address of the terminal 20-i as the destination e-mail address, the determination result in step S100 in FIG. 4 is “No”. In this case, the control unit 13 determines whether an HTTP message is included in the payload portion of the data packet (S180).

  If the control unit 13 determines in step S180 that the HTTP message is included in the payload portion of the data packet (S180: Yes), the control unit 13 determines whether encrypted data is included in the HTTP message (S190). .

  If the control unit 13 determines in step S190 that the HTTP message includes encrypted data (S190: Yes), the control unit 13 stores the encrypted data in the storage area (" (S200), the decryption process is performed (S210). In this decryption process, the control unit 13 decrypts the encrypted data stored in the decryption required data storage area with a secret key unique to the relay device 10 to obtain ID data, time data, and time length. The data and the four types of data set data are restored.

Next, the control unit 13 determines whether or not the set of four types of data restored by the decoding process in step S210 should be discarded (S220). More specifically, the control unit 13 should discard these data sets when the four types of data sets restored by the decoding process do not satisfy at least one of the following conditions a and b. If both conditions a and b are satisfied, it is regarded as a valid set of data that should not be discarded.
a. ID data constituting a set of four types of data restored by the decryption process matches the ID data stored in the nonvolatile storage unit 15.
b. The time at which the decoding process was executed from the time indicated by the time data forming the set (specifically, the decoding time) rather than the time length indicated by the time length data forming the set of four types of data restored by the decoding process The time length from the real-time clock 19 to the current time when the processing is started is shorter.

When it is determined in step S220 that the four types of data sets are to be discarded (S220: Yes), the control unit 13 ends the process without proceeding to the subsequent processes.
If it is determined in step S220 that the four types of data sets are not to be discarded (S220: No), the control unit 13 performs a setting update process (S230). In the setting update process in step S230, the control unit 13 extracts the address registration command included in the setting data from the four types of data restored by the decoding process, and executes the extracted address registration command. Then, the e-mail address included in the setting data is registered in the junk mail transmission source address list 16.

  If it is determined in step S180 that the HTTP message is not included in the payload portion of the data packet (S180: No), or the encrypted data is not included in the HTTP message in step S190. When it determines (S190: No), it progresses to step S300, without performing step S230 from step S200. For example, a request transmitted from a terminal 20-i to a DNS server (not shown) or a WWW server (not shown) in the Internet 90 is included in the payload portion of the data packet delivered from the communication interfaces 11-1 and 11-2. If the response transmitted from the server to the terminal 20-i is included, the control unit 13 immediately proceeds from step S180 or step S190 to step S300, and performs the following transfer process. First, the control unit 13 determines the transfer destination of the data packet by referring to the destination IP address of the data packet delivered from the communication interfaces 11-1 and 11-2. When a data packet whose destination IP address is the IP address of any of the terminals 20-i (i = 1 to 3) or the mail transfer server device 30 is delivered, the frame including the data packet is transmitted to the communication interface 11. -1 and a data packet having a destination IP address as an IP address other than that of the terminal 20-i (i = 1 to 3) and the mail transfer server device 30 is delivered, a frame including the data packet is transmitted. It is transmitted from the communication interface 11-2.

  As described above, in the present embodiment, the control unit 13 of the relay apparatus 10 determines the e-mail address when a situation that requires registration of a new e-mail address in the spam mail source address list 16 occurs. Setting data for instructing registration in the list 16 as setting contents is generated. Then, the control unit 13 uses the encrypted data obtained by encrypting the set of four types of data, that is, the setting data, the ID data, the time data, and the time length data, as the update notification e-mail message. Broadcast transmission to the terminal 20-i (i = 1 to 3). Thereafter, the ID data of the four types of data included as a set in the HTTP message received from the terminal 20-i (i = 1 to 3) is stored in the nonvolatile storage unit 15 and then the own ID is stored. When the time length indicated by the time length data constituting the set is shorter than the time length from the time indicated by the time data constituting the set to the current time (condition b) A new e-mail address is registered in the spam mail source address list 16 according to the setting data. Therefore, by restricting the transmission destinations to which the update notification e-mail message is broadcast from the relay device 10, fraud from a computer of a person who is not authorized to update the junk mail source address list 16 of the relay device 10. Can be easily eliminated.

  Further, in the present embodiment, by imposing the condition a as a condition for permitting registration of a new e-mail address in the junk mail transmission source address list 16 according to the setting data, the relay device 10 is a device other than the relay device 10. The inconvenience of updating the junk mail sender address list 16 according to the setting data generated by the apparatus can be prevented. Furthermore, by imposing the condition b, the relay device 10 prevents the occurrence of inconvenience that the junk mail source address list 16 is updated according to the setting data that has lost its value after a lapse of a considerable period from the time of generation. be able to.

  Furthermore, according to the present embodiment, when the relay apparatus 10 erroneously determines that an e-mail message that should not be determined as junk mail is junk mail, an e-mail message that is subsequently transmitted from that e-mail address Can be prevented from being discarded by the relay device 10.

(Second Embodiment)
Hereinafter, a second embodiment of the present invention will be described with reference to the drawings.
In the present embodiment, the relay device 10 registers the e-mail address in the junk e-mail sender address list 16 when a situation that requires registration of a new e-mail address in the junk e-mail sender address list 16 occurs. After the process is performed as the first setting update process, setting data for instructing cancellation of the first setting update process is transmitted as an update notification e-mail message. Then, the relay device 10 receives the HTTP message from the terminal 20-i subordinate to the relay device 10, and has the same setting as the setting data transmitted as the update notification e-mail message to the terminal 20-i (i = 1 to 3). When the data is included in the HTTP message, a process of deleting the electronic mail address registered in the spam mail sender address list 16 from the list 16 is performed as a second setting update process.

  FIG. 6 is a flowchart showing the operation of the relay device 10 in the present embodiment. In the operation illustrated in FIG. 6, when the determination result in step S140 is “Yes”, the control unit 13 of the relay apparatus 10 proceeds to the next step after executing step S141. In step S141, the control unit 13 performs a first setting update process. In the first setting update process, the control unit 13 registers the destination e-mail address of the e-mail message stored in the determination necessary mail storage area in the junk mail transmission source address list 16.

In the flowchart shown in FIG. 6, steps S150, S170, and S230 in the flowchart shown in FIG. 4 (first embodiment) are replaced with steps S151, S171, and S231.
More specifically, in the setting data generation process in step S151, the control unit 13 instructs the deletion of the e-mail address from the junk mail transmission source address list 16 (referred to as “address deletion command”) and the determination required mail. A pair of sender email addresses described in the email header of the email message in the storage area is set as setting data.
In addition, in the update notification mail transmission process in step S171, the control unit 13 adds the mail header of the email message stored in the determination required mail storage area and the mail body to the email message generated in the new mail storage area. After copying the body part, after the text string in the body part, “The email address of the sender was registered in the list because it was determined that this email was suspected of being spam. If you do not wish, please upload the update confirmation request character string “Please upload to the following URL” and the URL of the relay device 10, and let this email message be the update notification email message.
Furthermore, in the second setting update process in step S231, the control unit 13 extracts an address deletion command from the setting data, and executes the extracted address deletion command, thereby changing the e-mail address included in the setting data. It is deleted from the spam mail sender address list 16.

  Also in this embodiment, when the relay apparatus 10 erroneously determines that an e-mail message that should not be determined as junk mail is junk mail, an e-mail message that is subsequently transmitted from that e-mail address is relayed. It is possible to prevent an inconvenience that the device 10 continues to be discarded.

Although one embodiment of the present invention has been described above, the present invention may have other embodiments. For example, it is as follows.
(1) In the first and second embodiments, two conditions a and b are imposed as conditions for permitting registration or deletion of a new e-mail address in the spam mail source address list 16 in step S230 or step S231. It was done. However, only condition b may be imposed. In this embodiment, the control unit 13 of the relay apparatus 10 restores a set of ID data, time data, time length data, and setting data from the encrypted data included in the HTTP message, and then forms the set. When the time length from the time indicated by the time data to the current time is longer than the time length indicated by the time length data forming the set (when the condition b is not satisfied), setting update processing according to the setting data forming the set is performed. Do not do it.

(2) In the first and second embodiments, the control unit 13 of the relay apparatus 10 performs the encryption process and the decryption process using a secret key unique to the relay apparatus 10. However, the encryption process may be performed using a public key unique to the relay device 10, and the decryption process may be performed using a secret key that is paired with the public key.

(3) In the first and second embodiments, the control unit 13 of the relay apparatus 10 uses the set of setting data, ID data, time data, and time length data as an update notification e-mail message as a terminal 20-i (i = 1 to 3), the terminal 20-i transmits the setting data included in the update notification e-mail message to the relay apparatus 10 as an HTTP message. However, transmission / reception of setting data between the relay device 10 and the terminal 20-i (i = 1 to 3) is performed using a message (for example, an instant messenger, an IP phone, a push-type e-mail protocol) according to another protocol. Message).

(4) In the first and second embodiments, the control unit 13 of the relay device 10 receives an HTTP message from any one of the terminals 20-i (i = 1 to 3) (for example, the terminal 20-1). When the setting of the relay apparatus 10 is received and updated according to the setting data included in the HTTP message, the message 20 including the update completion data indicating that the update is completed is transmitted to the terminal 20 that broadcasts the update notification e-mail message. The addresses of the terminals 20-2 and 20-3 that are not the transmission source of the HTTP message among -i (i = 1 to 3) may be transmitted as the destination address. According to this embodiment, the user of the terminals 20-2 and 20-3 is notified that there is no need to perform an operation for instructing registration or deletion of an e-mail address in the junk mail transmission source address list 16. Can do. Further, the control unit 13 of the relay device 10 receives an HTTP message from any one of the terminals 20-i (i = 1 to 3) (for example, the terminal 20-1), and setting data included in the HTTP message. When the setting of the relay device 10 is updated according to the above, a message including update completion data indicating that the update is completed is transmitted to all terminals 20-i (i = 1 to 3) under the relay device 10. May be. According to this embodiment, it is possible to notify the user of the terminal 20-1 that the registration and deletion of the e-mail address in the junk mail transmission source address list 16 has been completed successfully.

(5) In step S230 of the first embodiment or step S231 of the second embodiment, the control unit 13 of the relay device 10 determines whether or not the set of four types of data restored by the decoding process satisfies the condition b. This determination may be made as follows. First, the control unit 13 compares the time length data forming the set of four types of data restored by the decoding process with the time length data set for itself, and selects the shorter one. Furthermore, the time length indicated by the selected time length data is compared with the time length from the time indicated by the time data in the set to the time when the decoding process is executed, and until the time when the decoding process is executed. When the time length is shorter, it is determined that the condition b is satisfied.

(6) The control program 17 in the first and second embodiments may be downloaded from a server device on the Internet 90 to a computer, and the computer may function as the relay device 10. Further, such a program may be distributed after being stored in a storage medium.

DESCRIPTION OF SYMBOLS 10 ... Relay device, 11 ... Communication interface, 12 ... Memory | storage part, 13 ... Control part, 14 ... Volatile memory | storage part, 15 ... Nonvolatile memory | storage part, 17 ... Control program, 19 ... Real time clock, 20 ... Terminal, 30 ... Mail transfer server device, 31 ... mailbox database, 32 ... mailing list, 90 ... internet, 91 ... line.

Claims (3)

  1. In a relay device that connects a subordinate communication network to another communication network,
    Generating means for generating setting data for updating the operation setting of the relay device;
    A distribution unit that transmits a message including the setting data generated by the generation unit and an identifier unique to the relay device, with a predetermined address in the subordinate communication network as a destination address;
    When a message including setting data for updating the operation setting of the relay device is received from the subordinate communication network and the identifier is included in the message, the setting data included in the message is used. Updating means for updating the operation setting of the relay device ,
    The predetermined address is an address representative of a plurality of terminals belonging to the subordinate communication network,
    The updating unit updates the operation setting of the relay device according to setting data included in a message transmitted from any of the plurality of terminals, and includes a source other than the transmission source of the message among the plurality of terminals. A relay apparatus that transmits a message notifying completion of update of operation settings to each terminal .
  2. A real-time clock that outputs the current time is further provided.
    The distribution means includes time data indicating a time when the setting data is generated, and time length data indicating a predetermined time length in addition to the setting data generated by the generating means and the identifier unique to the relay device. Sending a message with the predetermined address as the destination address;
    The update means, when the setting data, time data, and time length data are included in the message received from the subordinate communication network, the real time clock is calculated from the time indicated by the time data included in the message. Compare the output time length up to the current time with the time length indicated by the time length data included in the message, and update the operation settings according to the setting data included in the message if the former is shorter The relay device according to claim 1, wherein:
  3.   On the computer,
      Relay means for relaying data communication between a subordinate communication network and another communication network;
      Generating means for generating setting data for updating the operation setting of the relay means;
      A distribution unit that transmits a message including setting data generated by the generation unit and a unique identifier, with a destination address as an address representing a plurality of terminals belonging to the subordinate communication network;
      If a message including setting data for updating the operation setting of the relay means is received from any of the plurality of terminals, and the message includes the unique identifier, the message is included in the message. Updating the operation setting of the relay means according to the setting data, and updating means for transmitting a message for notifying completion of update of the operation setting to each terminal other than the transmission source of the message among the plurality of terminals,
      A program that realizes
JP2009062499A 2009-03-16 2009-03-16 Relay device and program Active JP5417914B2 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
JP2009062499A JP5417914B2 (en) 2009-03-16 2009-03-16 Relay device and program

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
JP2009062499A JP5417914B2 (en) 2009-03-16 2009-03-16 Relay device and program
CN201080012509.8A CN102356611B (en) 2009-03-16 2010-03-16 Relay device, setting update method, and program
PCT/JP2010/054455 WO2010107031A1 (en) 2009-03-16 2010-03-16 Relay device, setting update method, and program

Publications (2)

Publication Number Publication Date
JP2010219731A JP2010219731A (en) 2010-09-30
JP5417914B2 true JP5417914B2 (en) 2014-02-19

Family

ID=42739691

Family Applications (1)

Application Number Title Priority Date Filing Date
JP2009062499A Active JP5417914B2 (en) 2009-03-16 2009-03-16 Relay device and program

Country Status (3)

Country Link
JP (1) JP5417914B2 (en)
CN (1) CN102356611B (en)
WO (1) WO2010107031A1 (en)

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
AU2003266549A1 (en) * 2003-02-10 2004-09-30 Guang Feng Receiver-side-led communication method, communication apparatus and communication program
JP2004254034A (en) * 2003-02-19 2004-09-09 Fujitsu Ltd System and method for controlling spam mail suppression policy
JP2005251230A (en) * 2005-05-10 2005-09-15 Nec Corp Mail server
JP2008139926A (en) * 2006-11-30 2008-06-19 Database Consultants Corp Email server apparatus and email server program

Also Published As

Publication number Publication date
JP2010219731A (en) 2010-09-30
WO2010107031A1 (en) 2010-09-23
CN102356611A (en) 2012-02-15
CN102356611B (en) 2015-05-06

Similar Documents

Publication Publication Date Title
JP5313311B2 (en) Secure message system with remote decryption service
US6574658B1 (en) System and method for secure classification of electronic mail
US8631227B2 (en) Processing encrypted electronic documents
US7406501B2 (en) System and method for instant messaging using an e-mail protocol
US6904521B1 (en) Non-repudiation of e-mail messages
US20030009698A1 (en) Spam avenger
US20040260837A2 (en) Data Translation Architecture
EP1675327B1 (en) Mail distribution system, mail distribution method, and mail distribution program
US7739508B2 (en) Secure instant messaging system
US20040148356A1 (en) System and method for private messaging
US6807277B1 (en) Secure messaging system with return receipts
ES2315379T3 (en) System and method for the treatment of coded messages.
US20050015455A1 (en) SPAM processing system and methods including shared information among plural SPAM filters
US7363490B2 (en) Method and system for selective email acceptance via encoded email identifiers
EP0899918B1 (en) System and method for providing anonymous remailing and filtering of electronic mail
US20030065941A1 (en) Message handling with format translation and key management
US8615661B2 (en) System and method for transmitting and utilizing attachments
CN100514320C (en) Message screening system and method
US8819410B2 (en) Private electronic information exchange
US9917828B2 (en) Secure message delivery using a trust broker
US20050198170A1 (en) Secure electronic message transport protocol
US20080098237A1 (en) Secure e-mail services system and methods implementing inversion of security control
EP1807985B1 (en) A method, computer program and system for regulating electronic mail
US20070130464A1 (en) Method for establishing a secure e-mail communication channel between a sender and a recipient
US20070006308A1 (en) Methods and systems for detecting and preventing the spread of malware on instant messaging (IM) networks by using fictitious buddies

Legal Events

Date Code Title Description
A621 Written request for application examination

Free format text: JAPANESE INTERMEDIATE CODE: A621

Effective date: 20120120

A131 Notification of reasons for refusal

Free format text: JAPANESE INTERMEDIATE CODE: A131

Effective date: 20130409

A521 Written amendment

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20130610

A131 Notification of reasons for refusal

Free format text: JAPANESE INTERMEDIATE CODE: A131

Effective date: 20130730

A521 Written amendment

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20130927

A01 Written decision to grant a patent or to grant a registration (utility model)

Free format text: JAPANESE INTERMEDIATE CODE: A01

Effective date: 20131022

A61 First payment of annual fees (during grant procedure)

Free format text: JAPANESE INTERMEDIATE CODE: A61

Effective date: 20131104