JP5610145B2 - E-mail audit apparatus, e-mail audit method, program, storage medium - Google Patents

Description

  The present invention relates to control of access rights when auditing electronic mail.

  In recent years, information leakage accidents from e-mails are increasing, and the introduction of e-mail audit systems is progressing as a countermeasure. In such a system, when an e-mail is sent, it is checked whether the e-mail satisfies a preset condition, and if the condition is satisfied, the e-mail is temporarily suspended, and the administrator holds the e-mail on hold. Is generally audited to determine whether or not transmission is possible.

  On the other hand, personnel changes occur regularly at companies, and the relationship between supervisors and subordinates changes, and the supervisor's access rights to subordinates are also changed each time. In such a case, it is common not to record past relationships, so there is a possibility that a new superior may have access to past e-mails of subordinates who did not have access rights at that time.

  The e-mail that has become accessible may contain information that should not be viewed by the senior manager, and there is a risk that the possibility of information leakage will increase.

  Patent Document 1 discloses a technique for setting access authority based on past organization information.

JP 2008-276389 A

  However, the system described in Patent Document 1 does not disclose the restriction on the censorship authority of the senior manager when belonging to a plurality of organizations (when serving concurrently).

  That is, if the sender of an email belongs to multiple organizations (for example, if it belongs to a temporary project and belongs to a department in normal business), the sender has multiple superiors. Will exist. In the case of a so-called concurrent job, if the supervisor's authority is not properly managed, the supervisors of other organizations may be able to access e-mails related to only one organization, leading to information leakage. is there.

  Accordingly, an object of the present invention is to perform appropriate authority management for a plurality of superiors existing in the case of a concurrent job in order to solve the above-described problem, and to reduce the possibility of information leakage.

  The present invention relates to a storage means for storing group information including the mail address of each member belonging to a group and a manager of the group, a first storage means for accumulating and storing e-mail, and an e-mail destination or transmission Whether there are a plurality of group specifying means for specifying a group to which a member set as an original belongs using group information stored in the storage means, and whether there are a plurality of groups to which the member specified by the group specifying means belongs When the group number determining unit determines that a plurality of groups have been specified by the group specifying unit, one of the administrators of the specified group transmits the e-mail. The administrator setting determining means for determining whether or not the destination is set and the administrator setting determining means If it is determined that one of the managers of the set group is set as the transmission destination of the email, an email management unit that causes the email to belong to the group managed by the set administrator; An extraction unit that extracts an email belonging to a group managed by the administrator from an email stored and stored in the first storage unit when there is an audit processing request for the email from the administrator; And an input receiving means for causing an administrator who has requested the audit processing of the e-mail to input audit information for the e-mail extracted by the extracting means.

  The present invention also relates to an electronic mail auditing method in an electronic mail auditing apparatus that stores group information including the mail address of each member belonging to a group and a manager of the group, and stores and saves the electronic mail. A group specifying unit for specifying a group to which a member set as an e-mail transmission destination or a transmission source belongs by using group information stored in the storage unit; A group number determination unit of the apparatus, a group number determination step of determining whether or not there are a plurality of groups to which the member specified by the group specification step belongs, and an administrator setting determination unit of the e-mail audit apparatus, In the group number determining step, it is determined that a plurality of groups have been specified by the group specifying means. The administrator setting determination step for determining whether one of the administrators of the identified group is set as the transmission destination of the email, and the email management means of the email auditing device, When it is determined by the administrator setting determination step that any one of the administrators of the specified group is set as the transmission destination of the e-mail, the electronic device is added to the group managed by the set administrator. The e-mail management process to which the e-mail belongs, and the e-mail auditing device extraction means, when the e-mail audit process is requested by the administrator, e-mail belonging to the group managed by the administrator An extraction process for extracting from the stored and stored e-mails and an input receiving unit of the e-mail auditing apparatus include the e-mail extracted in the extraction process. And having an an input receiving step for inputting the audit information against Le audit process requesting administrator who the e-mail.

  Further, the present invention is a program that can be executed by an electronic mail auditing apparatus, wherein the electronic mail auditing apparatus stores group information including an email address of each member belonging to a group and an administrator of the group First storing means for accumulating and storing e-mail, and group specifying means for specifying a group to which a member set as an e-mail transmission destination or transmission source belongs using group information stored in the storage means And a group number determining means for determining whether or not there are a plurality of groups to which the member specified by the group specifying means belongs, and determining that a plurality of groups have been specified by the group specifying means by the group number determining means The administrator of the specified group is set as the destination for the email. When it is determined by the administrator setting determination means that determines whether or not the administrator has been set, as one of the administrators of the specified group as the transmission destination of the email An e-mail management means for making the e-mail belong to a group managed by the set administrator, and a group managed by the administrator when the e-mail audit process is requested by the administrator Extracting the e-mail from the e-mail stored and stored in the first storage means, and making an audit process request for the e-mail with the audit information for the e-mail extracted by the extraction means It is made to function as an input reception means for making a manager input.

  According to the present invention, it is possible to provide an e-mail audit method and an audit system capable of executing change of access authority accompanying personnel changes and setting of access authority when a plurality of superiors exist. In particular, since an organization belonging to the e-mail itself can be assigned and an access authority can be set by referring to the related e-mails, an access authority with a more limited disclosure range can be set.

It is a figure which shows an example of a structure of the system in embodiment of this invention. It is a figure which shows the hardware constitutions of the email auditing server 103 shown in FIG. FIG. 2 is a block diagram illustrating functions of an electronic mail audit server 103 illustrated in FIG. 1. It is a flowchart which shows the transmission mail process sequence in this invention. It is a flowchart which shows the preliminary audit implementation procedure in this invention. It is a figure which shows an example of the screen used when the administrator of the group to which the mail belongs belongs to the mail whose transmission is suspended by the electronic mail audit server 103 in advance. It is a flowchart which shows the post-audit implementation procedure in this invention. 8 is a flowchart showing a procedure for extracting an e-mail that can be audited by an administrator who performs the audit in the post-audit execution procedure shown in FIG. 7. It is a figure which shows an example of the screen used for the search of an email, when an administrator performs a post audit. It is a figure which shows an example of the screen used for the display of the list of the email extracted according to the search conditions input in FIG. It is a figure which shows an example of the screen used for the display of the detailed information of an email displayed when an administrator performs a post audit. It is a figure which shows an example of the email audit status management information memorize | stored in the information management apparatus 307 of the email audit server 103. FIG. 5 is a flowchart showing a procedure for determining a group to which the electronic mail belongs in the outgoing mail processing procedure shown in FIG. 4. FIG. 5 is a flowchart showing a procedure for determining a group to which the electronic mail belongs in consideration of an electronic mail having a context in the outgoing mail processing procedure shown in FIG. 4. 7 is a flowchart showing a procedure for updating group information stored in an information management device 307 of the email audit server 103. It is a figure which shows an example of transition of a group. It is a figure which shows an example of the group information managed by the LDAP server. It is a figure which shows an example of the group definition information memorize | stored in the information management apparatus 307 of the electronic mail audit server 103, and group information. It is a figure which shows an example of the electronic mail memorized by the electronic mail information memorize | stored in the information management apparatus 307 of the electronic mail audit server 103. FIG.

  Hereinafter, embodiments of the present invention will be described in detail with reference to the drawings.

  FIG. 1 is a diagram showing a configuration of an electronic mail audit system according to an embodiment of the present invention.

  Note that the configurations of various terminals connected to the local area network 109 and the local area network 110 in FIG. 1 are merely examples, and it goes without saying that there are various configuration examples depending on applications and purposes.

  Reference numeral 101 denotes an electronic mail server. The e-mail server 101 manages transmission / reception of e-mail between the information processing apparatuses 104 and between the information processing apparatus 104 and devices outside the local area network 109.

  Reference numeral 102 denotes an LDAP (Lightweight Directory Access Protocol) server. The LDAP server 102 provides a directory service for managing directory information of organizations and individuals using a corporate network. The directory service applicable to the present invention is not limited to LDAP, and may be other services such as Active Directory.

  Reference numeral 103 denotes an electronic mail audit server. The e-mail audit server 103 stores and changes conditions used for storing e-mails transmitted from the local area network 109 to the wide area network 106, determining whether transmission is possible and holding, determining whether transmission is possible, and determining holding. have. The e-mail audit server 103 stores group configuration information in time series, and has a function of determining an administrator according to the data and a function of determining an e-mail affiliated group.

  Reference numeral 104 denotes an information processing apparatus. The information processing apparatus 104 is a normal computer and has a function of performing transmission / reception processing of electronic mail.

  An electronic mail server 107 having the same function as the electronic mail server 101 and an information processing apparatus 108 having the same function as the information processing apparatus 104 are connected to the local area network 110.

  FIG. 2 is a diagram showing a hardware configuration of the e-mail audit server 103 shown in FIG.

  Reference numeral 201 denotes a CPU that controls the entire electronic mail audit server 103 and executes each process of the electronic mail audit server, which will be described later, using programs and data stored in the RAM 202 and the ROM 203.

  Reference numeral 202 denotes a RAM which is an area for temporarily storing programs and data loaded from the HDD 204 and the storage medium drive 206 and data received via the network I / F, and when the CPU executes various processes. Provide a work area to be used.

  A ROM 203 stores setting data, a boot program, and the like of the e-mail audit server 103.

  Reference numeral 204 denotes an HDD that stores programs and data for causing the CPU 201 to execute processing described later performed by the operating system and the e-mail audit server 103. Some or all of these are loaded into the RAM 202 in accordance with instructions from the CPU 201. The electronic mail audit server 103 executes each process to be described later when the CPU 201 performs a process using this.

  Reference numeral 205 denotes a network I / F for connecting the e-mail audit server 103 to the local area network 109, and the e-mail audit server 103 communicates with an external device via the network I / F 205.

  Reference numeral 206 denotes an external storage drive that reads out programs and data recorded on a storage medium such as a CD-ROM, CD-R / RW, DVD-ROM, DVD-R / RW, and DVD-RAM and outputs them to the RAM 202. Yes, this read operation is controlled by the CPU 201.

  A keyboard 207 inputs various instructions to the CPU 201. A pointing device 208 such as a mouse inputs various instructions to the CPU 201.

  Reference numeral 209 denotes a video I / F, which functions as an I / F for supplying an image to be displayed on the display device 210 to the display device 210 as a signal.

  A display device 210 is composed of a CRT, a liquid crystal, or the like, and displays the processing result by the CPU 201 as an image or text.

  A peripheral device I / F 211 includes a USB port, an IEEE 1394 port, and the like, and can be connected to the peripheral device via the peripheral device I / F 211. The connection form with the peripheral device may be wired or wireless. A bus 212 connects the above-described units.

  FIG. 3 is a block diagram showing functions of the electronic mail audit server 103 shown in FIG.

  An e-mail audit manager 301 operates on the e-mail audit server 103. The e-mail transmission / reception control unit 302, the affiliation group determination unit 303, the pre-audit processing unit 304, the post-audit processing unit 305, and the group configuration update processing unit 306 Provides functionality.

  An e-mail transmission / reception control unit 302 provides a function of controlling transmission, hold, and deletion of e-mails according to conditions set in advance by an administrator.

  Reference numeral 303 denotes an affiliation group determination unit, which provides a function of determining a group to which the e-mail belongs, based on the e-mail sender / receiver and the related e-mail.

  304 is a pre-audit processing unit, and the administrator audits the content of the e-mail with respect to the e-mail put on hold by the e-mail transmission / reception control unit 302, determines whether or not the e-mail can be transmitted, Provides a function to send or delete an e-mail.

  A post-audit processing unit 305 provides a function of auditing the contents of a mail to be managed by an administrator and recording the evaluation of the mail that has already been transmitted.

  A group information update processing unit 306 provides a function of periodically acquiring group configuration information from the LDAP server 102 and updating the group information 310.

  An information management apparatus 307 stored in the HDD 204 manages audit status management information 308, group definition information 309, group information 310, and e-mail information 311.

  Reference numeral 308 denotes audit status management information (shown in FIG. 12 to be described later), which manages the results of the post audit performed by the post audit processing unit 305.

  Reference numeral 309 denotes group definition information (group definition information 1801 shown in FIG. 18 to be described later), which manages a directory search formula for searching the LDAP server 102 for a group.

  Reference numeral 310 denotes group information (group information 1802 shown in FIG. 18 to be described later), which manages detailed information of the group such as group information, an administrator, and an affiliated user. (Memory means)

  Reference numeral 311 denotes e-mail information (e-mail information 1901 shown in FIG. 19 to be described later), which manages detailed information of the e-mail such as a sender / receiver and an affiliated group. (First management means)

  Next, the e-mail transmission permission determination process performed by the e-mail audit server 103 will be described with reference to FIG.

  This process is performed by the CPU 201 according to control by the e-mail transmission / reception control unit 302 and the belonging group determination unit 303 of the e-mail management manager 301. Also, in the HDD 204 of the email audit server 103, a transmission prohibition filtering rule setting for searching for a plurality of emails that cannot be sent (transmission impossible condition), and email transmission are temporarily suspended and the group administrator permits the transmission. The filtering rule setting (transmission hold condition) and the like to be transmitted are stored.

  First, the e-mail transmission / reception control unit 302 of the e-mail audit manager 301 acquires an e-mail (SMTP packet) sent from the local area network 109 to the wide area network 106 (step S401).

  Next, for the electronic mail acquired in step S401, the group to which the electronic mail belongs is determined (S402). Details of the processing in step S402 will be described below with reference to FIGS.

  13 and 14 are flowcharts showing the e-mail affiliation group determination process in the present invention. This process is performed by the CPU 201 according to the control by the group determination unit 303 of the email audit manager 301.

  The affiliation group determination unit 303 acquires the e-mail sender's e-mail address and the e-mail address of the e-mail acquired in step S401, and performs the processing described below on all of them (step S1301).

  The affiliation group determination unit 303 refers to the group information (FIG. 18) and determines whether or not the mail address acquired in step S1301 is included in the group defined in the group definition information (FIG. 18) (step S1302). ) (Group identification means). If it is not included (No in step S1302), it is determined whether or not the next mail address is included in the group.

  On the other hand, when the mail address acquired in step S1301 is included in the group defined in the group definition information (FIG. 18) (Yes in step S1302), all of the groups including the mail address are acquired (step S1303). .

  In step S1304, it is determined whether there are a plurality of groups acquired in step S1303 (group number determination means). If the number of groups acquired in step S1303 is one (No in step S1304), the group is added to the belonging group list (step S1307), and processing for the next mail address is started.

  On the other hand, when there are a plurality of the acquired groups (Yes in step S1304), it is determined whether the email address of the administrator of the group is included in the destination email address (To, CC, or BCC) (step S1305). (Administrator setting determination means).

  If it is determined that the mail address of the manager of any group is not included (No in step S1305), all of the groups are added to the belonging group list (step S1307).

  If the email address of the administrator of any group is included (Yes in step S1305), the group managed by the included administrator is added to the belonging group list (step S1306) (email management) means).

  In the transmission / reception of an electronic mail, when the broadcaster includes an administrator's mail address, it is considered that the electronic mail is strongly related to a group managed by the administrator. Therefore, in step S1306, by assigning the electronic mail to a group managed by the administrator included as a broadcaster and granting the audit authority to the administrator, an appropriate authority can be set. In other words, it is possible to prevent information leakage that occurs when an administrator who is not related to the e-mail audits even if a person who is concurrently serving and has multiple superiors sends and receives e-mail. It becomes.

  The above processing is performed for all the mail addresses acquired in step S1301, and when the processing is completed for all, the processing proceeds to the processing shown in the flowchart of FIG.

  In step S1401, an e-mail related to the e-mail acquired in step S401 (for example, an e-mail that is a reply source when the acquired e-mail is a reply mail, an e-mail in the same thread, or the like) Is determined (context relation determining means). If it does not exist (No in step S1401), the process proceeds to step S1407.

  On the other hand, if there is an e-mail having a context (Yes in step S1401), the e-mail immediately before the e-mail is acquired (step S1402).

  Note that whether or not there is an e-mail having a context can be determined from the header information of the e-mail, as indicated by 1902 in FIG. Also,

  The group belonging to the email acquired in step S1402 is acquired from the email information 311 (FIG. 19), and the number of groups belonging to the email acquired in step S1402 is compared with the number of groups belonging to the email acquired in step S401. (Step S1403).

  If the number of groups belonging to the e-mail acquired in step S1402 is greater than or equal to the number of groups belonging to the e-mail acquired in step S401 (No in step S1403), the process proceeds to step S1407.

  On the other hand, if the number of groups belonging to the email acquired in step S1402 is smaller than the number of groups belonging to the email acquired in step S401 (Yes in step S1403), the process proceeds to step S1404, and the flowchart of FIG. The affiliation group list created in the process is replaced with the affiliation group of the e-mail acquired in step S1402.

  In step S1405, it is determined whether a mail address that does not exist in the e-mail sender / receiver address acquired in step S1402 is added to the e-mail sender / receiver mail address acquired in step S401. If it has been added (Yes in step S1405), the group to which the added mail address belongs is added to the group list created in step S1404 (step S1406).

  If the number of groups belonging to the e-mail is greater than the number of groups belonging to the previous e-mail, there is a possibility that a group unrelated to the contents of the e-mail is assigned as the group belonging to the e-mail. In that case, an administrator who is unrelated to the contents of the e-mail has audit authority, and there is a risk of information leakage. Therefore, it is necessary to avoid giving audit authority to the unrelated administrator. . Therefore, in step S1404, a process of replacing the group to which the electronic mail belongs with the group to which the previous electronic mail belongs is performed. In other words, when an e-mail has a context, it is considered that the content of the e-mail is strongly related to the content of the previous e-mail. It is possible to grant audit authority to an appropriate person by modifying the group to which the user belongs.

  On the other hand, as a cause of the increase in the number of group members, there is a possibility that a new person has joined the exchange of e-mails. In this case, since it is necessary to enable auditing of the e-mail by the administrator of the person newly added to the exchange, in step S1406, the group to which the person newly added to the exchange belongs is assigned to the electronic mail. Add as an email group.

  On the other hand, if it is determined that it has not been added (step S1405: NO), the process proceeds to step S1407.

  In step S1407, the group in the belonging group list modified in this flowchart is set as the belonging group of the electronic mail, and the process ends.

  Note that when a plurality of groups belonging to an email is set, the email is configured to be audited by a plurality of administrators. In this case, the evaluation value of the e-mail set as a result of the audit is determined based on the evaluation values by the plurality of administrators (for example, the maximum value, the minimum value, and the average value of the evaluation values by the plurality of administrators). May be set as the evaluation value of the e-mail, and the administrator is given a priority and the evaluation value is determined by differentiating the degree of influence on the evaluation value according to the priority.

  Alternatively, the determination may be made only from the evaluation value by the administrator who first audited.

With the above processing, it is possible to grant auditing authority only to appropriate administrators in the exchange of e-mails of concurrent senders and receivers, and audits when new persons participate in e-mail exchanges It can respond to the addition of a person.
Hereinafter, the description returns to the flowchart of FIG.

  The e-mail transmission / reception control unit 302 determines whether or not the e-mail acquired in step S401 matches the transmission disable condition stored in the HDD 204 (step S403).

  If it is determined that the transmission disable condition is met (Yes in step S403), the process proceeds to step S405, and the transmission of the electronic mail is stopped.

  On the other hand, if it is determined that the transmission disabling condition is not met (No in step S403), the process proceeds to step S404, and it is determined whether the transmission holding condition stored in the HDD 204 is met.

  If it is determined in step S404 that the transmission suspension condition is not met (No in step S404), the process proceeds to step S406, and the electronic mail is transmitted.

  On the other hand, if it is determined in step S404 that the transmission hold condition is met (Yes in step S404), the process proceeds to step S407, the electronic mail is put on hold, and the process proceeds to step S408.

  Here, the pending state corresponds to the case where the administrator of the e-mail belonging group gives an instruction to determine whether transmission is possible / not possible after visual confirmation. Further, the above-mentioned “transmission permitted” is called “relay”, and the above-mentioned “transmission impossible” case and “hold” case may be collectively called “interruption”.

  Next, in step S408, the group information 310 is referred to, and the manager of the belonging group set in step S402 is specified. Specifically, the group to which the email acquired in step S401 is extracted from the email information in FIG. 19, and the manager of the group is specified from the group information in FIG.

  Then, the administrator identified in step S408 is notified so as to perform preliminary auditing of the e-mail (step S409). This notification may be performed by means such as sending an e-mail requesting prior audit to the e-mail address assigned to the administrator. Further, when the administrator logs in, a message may be displayed so as to perform a preliminary audit of the e-mail.

  In step S410, the e-mail transmission / reception control unit 302 stores the e-mail acquired in step S401 in the HDD 204, and sets transmission status data (data indicating the status of transmission / holding / cancellation) of the e-mail. (Save in the HDD 204) and add the information of the e-mail (send date and time, sender / receiver address, affiliation group, etc.) to the e-mail information 311. And the process of this flowchart is complete | finished.

  Note that the e-mail whose transmission status data is “pending” may be configured such that the administrator information specified in step S408 is associated with the e-mail and stored in the HDD 204.

  Further, the transmission status data may be stored in the e-mail data 311 in association with the e-mail.

  The saving of the e-mail itself may be performed at the time of acquisition in step S401.

  Next, processing performed by the e-mail audit server 103 when the group manager performs pre-audit of e-mail will be described with reference to FIG.

  This process is performed by the CPU 201 of the e-mail monitoring server 103 according to control by the pre-audit processing unit 304 of the e-mail audit manager 301.

  First, the pre-audit processing unit 304 receives a transmission permission / non-permission processing request for a pending mail from the information processing apparatus 104 (step S501). The transmission permission / prohibition processing request is requested to the electronic mail audit server 103 when the group administrator operates the information processing apparatus 104.

  In step S502, the suspended mail belonging to the management target group of the group manager is displayed on the display device of the information processing apparatus 104 that has requested the transmission permission / inhibition processing request.

  Specifically, the pre-audit processing unit 304 first confirms the authority of the group administrator who has made the transmission permission / inhibition processing request. Here, based on the group information 310, the pre-audit processing unit 304 determines whether the group administrator has group management authority (a group administrator in either the past or the present).

  If it is determined that the request is made by a user who does not have authority as a group manager (not a group manager in both the past and the present), the pre-audit processing unit 304 ends this process (not shown).

  On the other hand, if it is determined that the user who made the transmission permission / inhibition processing request is a group manager, the transmission status data is “pending” in the email to be managed by the group manager based on the group information 310. And the list is displayed on the display device of the information processing apparatus 104 that has requested the transmission permission / inhibition determination process (FIG. 6 shows an example of a list screen).

  If the “pending” e-mail and the manager have already been linked and stored in step S410 of FIG. 4, the “pending” e-mail linked to the manager who accepted the processing request in step S501. You may comprise so that mail may be acquired and the list may be displayed.

  FIG. 6 is a diagram illustrating an example of a screen used when an administrator of a group to which an e-mail belongs is audited in advance for an e-mail whose transmission is suspended by the e-mail transmission / reception control unit 302.

  Through the operation via this screen 601, the group administrator gives an instruction to transmit / delete (do not transmit) the suspended electronic mail.

For example, in the screen of FIG. 6, the pre-audit processing unit 304 is controlled to display a mail content confirmation screen (not shown) on the display device by double-clicking the row of the pending mail list 602. The pre-audit processing unit 304 transmits / deletes the e-mail according to an instruction from the input unit by the group administrator who determines whether or not transmission is possible based on the content of the main text displayed on the e-mail content confirmation screen or an attached file. Processing will be performed. When mail transmission / deletion processing is performed, the group administrator selects a line in the pending mail list 602, selects “send” / “delete” from the operation selection list 603, and executes an operation with the execution button 604.
Returning to the flowchart of FIG.

  In step S503, the pre-audit processing unit 304 accepts an e-mail selection instruction (selection of e-mail displayed in the hold mail list 602) by the group administrator, and when the selection instruction is made, based on the instruction. An email to be sent / deleted is designated and stored in the RAM 202.

  Next, the pre-audit processing unit 304 determines whether or not there is a transmission instruction (select “Send” from the operation selection list 603 and operate the execution button) according to the operation instruction via the user's screen ( Step S504).

  If it is determined that there is a transmission instruction (Yes in step S504), the pre-audit processing unit 304 specifies the e-mail specified based on the selection instruction in step S503 (the e-mail selected in the pending mail list 602). Mail) transmission processing is performed (step S505).

  If no transmission instruction is given (step S504: NO), the process proceeds to step S507.

  Then, the pre-audit processing unit 304 changes the transmission status data of the e-mail that has been subjected to the transmission process in step S505 to “send after suspension” (step S506).

  In step S507, the pre-audit processing unit 304 determines whether or not there has been a deletion instruction (selecting “delete” from the operation selection list 603 and operating the execution button) in accordance with an operation instruction via the user's screen (step S507). Step S507).

  If the pre-audit processing unit 304 determines that there is a deletion instruction (Yes in step S507), the electronic mail designated based on the selection instruction in step S503 (the electronic mail selected in the pending mail list 602) Mail) transmission status data is changed to “delete after hold” (step S508).

  Then, the pre-audit processing unit 304 determines whether or not there has been an end instruction based on an operation through the user's screen. Note that the termination instruction is, for example, an instruction to close the screen illustrated in FIG. 6 or an instruction to log out.

  If the pre-audit processing unit 304 determines that there is no end instruction yet (No in step S509), the process returns to step S503 and repeats the e-mail pre-audit shown in this flowchart.

  On the other hand, if the pre-audit processing unit 304 determines that there is an end instruction (Yes in step S509), the pre-audit processing unit 304 ends the process.

  In the above-described configuration, the example in which the preliminary audit is performed on the outgoing mail has been described. However, the preliminary audit may be performed on both the incoming mail and the transmitted / received mail.

  Next, processing performed by the e-mail audit server 103 at the time of post-audit of e-mail performed in this system will be described with reference to FIG.

  This process is performed by the CPU 201 according to the control by the post-audit processing unit 305 of the e-mail audit manager 301.

  First, the post-audit processing unit 305 receives a post-audit execution request by the group manager from the information processing apparatus 104 (step S701).

  Then, a process for selecting / displaying an email to be audited by the group manager is performed (step S702). Details of this processing will be described below with reference to FIG.

  FIG. 8 is a flowchart showing the mail data selection / display process in step S702 of FIG.

  Prior to the description of FIG. 8, a brief description will be given of how the administrator for auditing electronic mail is determined in the electronic mail auditing system.

  In this system, for group e-mails belonging to a group, the group manager of the group performs an audit. However, the group configuration and its manager will change over time. Therefore, in this system, group information is managed in time series, and the group manager of the group to which the e-mail belongs at the time when the e-mail is transmitted is audited.

  First, creation of group information managed in time series will be described with reference to FIG.

  FIG. 15 shows group information update processing performed by the email audit server 103. This processing is performed by the CPU 201 under the control of the group information update processing unit 306 of the email audit manager 301.

  First, the group information update processing unit 306 of the email audit manager 301 makes an inquiry to the LDAP server 102 having the latest group configuration information periodically (for example, once a day). The managed company directory information (for example, FIG. 17) is acquired, and the company directory information is searched from the acquired directory information using the directory search formula in the group definition information 1801 (FIG. 18), and the group configuration information is acquired. (Step S1501).

  Next, the group information update processing unit 306 acquires each newest group information in the group information table 1802 (FIG. 18) of the group information 310 (step S1502).

  Further, the group information update processing unit 306 compares the content acquired by the inquiry in step S1501 with the group information acquired in step S1502, and confirms whether there has been a change since the previous main processing (step S1503). ). If it is determined that there is no change from the previous time (that is, the content acquired in step S1501 corresponds to the group information acquired in step S1502) (No in step S1503), the group information update processing unit 306 ends the process. Let

  On the other hand, if it is determined that there has been a change since the last time (that is, the content acquired in step S1501 does not correspond to the group information acquired in step S1502) (Yes in step S1503), the group information update processing unit 306 It is confirmed whether there is a change in the existing group among the changed groups (step S1504).

  When there is a change in the existing group (Yes in step S1404), the group information update processing unit 306 sets “end” of the “valid period” of the changed group information (step S1505), and step S1506. Proceed to the process.

  On the other hand, if there is no change in the existing group (No in step S1504), the group information update processing unit 306 advances the process to step S1506 as it is.

  In step S1506, the group information update processing unit 306 newly creates group information based on the changed contents, registers the group information in the group information table 1802 (FIG. 18) of the group information 310, and ends the process. When creating a new group, the system administrator creates group definition information, and registers the created group definition information in the group definition information table 1801 (FIG. 18) of the group definition information 309.

  In this way, when there is a change in the group information of the LDAP server 102, the email audit server 103 adds new group data while saving the history.

  That is, the email audit server 103 stores group information in the HDD 204, and the group information update processing unit 306 is based on directory information acquired from an external device (here, the LDAP server 102) that manages directory information. The group information is updated.

  Note that due to the operational convenience of the data update timing of the enterprise directory of the LDAP server 102, the actual change date and the difference are also expected. In addition, the organizational structure itself is expected to change. Therefore, the administrator of the e-mail audit server 103 can adjust and edit the group name and the expiration date in the group information table 1802 in which the organization (group) and the group members are associated with each other on the e-mail audit server 103 side. Configure. In other words, the group information table 1802 changed based on the data of the LDAP server 102 can be adjusted and changed by the administrator of the e-mail audit server 103 by the processing shown in FIG.

  As a result, the effective period of the group corresponding to a certain administrator ID can be changed or deleted to enable flexible operation according to the company policy.

  That is, the start, end date / time, and time setting of the effective period can be adjusted according to the actual operation, or can be adjusted at the end of the month or the beginning of the month. Further, when the management of the effective period is managed in units of date and is changed to the morning of the actual organization implementation date, the diversion of the effective period of the group information can be set to the previous day. Alternatively, when the company directory information is changed to the night before the actual organization change date, the effective period of the new group information can be started on the next day.

  Further, group information whose valid period is older than a predetermined period may be deleted from the group information table 1802.

  The group information created by the process shown in FIG. 15 is, for example, as indicated by 1802 in FIG.

  FIGS. 16 and 18 are diagrams illustrating examples of the group definition information table and the group information table stored in the HDD 204 of the e-mail audit server 103.

  First, in FIG. 16, there are two organizations whose group information is Group1 and Group2, as shown by 1601, and “Akagi”, “Ito”, and “Oda” are included in Group1 on “January 1, 2010”. Group 2 includes “Uemura”, “Eto”, and “Oda”. This “Oda” is a member belonging to both groups (for example, concurrently). The administrator of Group1 is Admin1, the administrator of Group2 is Admin2, and its organization is moved from Group1 to Group2 on April 1, and the administrator of Group1 is changed from Admin1 to Admin3 on July 1. Indicates a change.

  In this case, a group information table 1802 shown in FIG. 18 shows how the group information changes.

  In addition, a group definition information table 1801 is prepared in order to link information managed on the LDAP server 102 and information managed on the e-mail audit server 103.

  The group definition information table 1801 includes information indicating how the history of group information managed by the email audit server 103 is managed by the LDAP server 102. The CPU 201 of the e-mail audit server 103 searches the information (FIG. 17) managed on the LDAP server 102 by “ou = group1” described in the “directory search expression” of the group definition information table 1801. The information of the group managed on the LDAP server 102 can be acquired.

  FIG. 17 is a diagram illustrating an example of information managed on the LDAP server 102.

  In FIGS. 16 and 18, as indicated by 1601, for example, the group information has been changed in both Group 1 and Group 2 because “Ito” has been changed from Group 1 to Group 2 on April 1. Therefore, changes are made to both group information at the timing of April 1st. Further, since the manager of Group 1 was changed from Admin1 to Admin3 on July 1, Group 1 was changed at the timing of July 1.

  Therefore, in the group information table 1802, Group 1 has 3 records and Group 2 has 2 records, and records with serial numbers “0” include information indicating the group configuration before March 31, 2010 for Group 1 and Group 2, respectively. (The validity period ends on March 31, 2010), and the record whose serial number is “1” has information indicating the group structure of Group 1 from April 1, 2010 to June 30, 2010. (The start of the effective period is April 1, 2010 and the end is June 30, 2010). Information indicating the group structure of Group 2 after April 1, 2010 (the start of the effective period is 2010) The record whose serial number is “2” is the group after July 1, 2010 in Group 1 Information indicating the formation (start of the validity period is in the July 1, 2010) has been registered.

  As described above, the CPU 201 of the e-mail audit server 103 creates copy information for the corporate directory information managed on the LDAP server 102, and stores and manages the history thereof, whereby the LDAP server 102 is stored. This eliminates the need for double registration and management of the corporate directory information on both the electronic mail management server 103 and the electronic mail audit server 103 side, and can greatly reduce the trouble of registration and maintenance by the administrator.

This completes the description of the group and manager in the present invention.
Hereinafter, the flowchart of FIG. 8 will be described.

  First, when an e-mail post-audit request is received from a group manager, the CPU 201 displays the group management target group and the period of the group administrator who made the e-mail post-audit request in step S701 in FIG. 1802) (step S801).

  Then, a screen 901 as shown in FIG. 9 is displayed on the display device of the information processing device 104 used by the group manager, and an instruction input for the search target period is accepted (step S802).

  FIG. 9 is a diagram illustrating an example of an e-mail search screen that is displayed on the display device of the information processing apparatus 104 used by the group manager when the group manager performs a post-audit of the e-mail. .

  This screen 901 is created by the CPU 201 of the e-mail audit server 103 based on a request from the information processing apparatus 104 and transmitted to the information processing apparatus 104.

Through this screen 901, the group manager can search for emails by entering conditions such as sender email address, recipient / broadcaster address, email size, etc., as well as the period of post-audit. Is also possible. This screen 901 is provided with a “determined” button (not shown). When this “determined” button is instructed by the pointing device or the like of the information processing apparatus 104, instruction input such as a search target period is confirmed. Then, the information is transmitted from the information processing apparatus 104 to the e-mail audit server 103.
Returning to the flowchart of FIG.

  When the search target period is input from the screen shown in FIG. 9 (Yes in step S802), the post audit processing unit 305 of the email audit manager 301 sets the search target period in the RAM 202 with the input content. (Step S803). If no search target period is set, it is assumed that the search target period is set for all periods.

  Thereafter, the post-audit processing unit 305 acquires e-mail data within the set search target period one by one from e-mail information (e-mail information 311 in the information management apparatus 307) as indicated by 1901 in FIG. (Step S804) (extraction means).

  1901 in FIG. 19 is a diagram illustrating an example of details of the e-mail information.

  As indicated by 1901 in FIG. 19, in this embodiment, as e-mail information, an ID for uniquely identifying an e-mail, the e-mail transmission date and time, the e-mail address of the e-mail sender, and the e-mail of the recipient An address, a group to which the email belongs, and the like are stored and managed in the information management apparatus 307 in the email monitoring server 103. The CPU 201 determines a group administrator who audits the mail based on the group information.

Reference numeral 1902 in FIG. 19 shows a specific example of a related electronic mail. The example of 1902 indicates that the reply mail to the e-mail with “Mail ID: KKI88573” is the e-mail with “Mail ID: KIO99395”. That is, “Mail ID: KKI88573” is an e-mail immediately before “Mail ID: KIO99395”.
Returning to the flowchart of FIG.

  Next, the post-audit processing unit 305 should audit the e-mail acquired in step S804 by the group administrator from the management target group of the group administrator acquired in step S801 and the group information of the e-mail. It is determined whether it is an e-mail (step S805).

  If the group managed by the group manager is the same as the group to which the e-mail belongs, it is determined that the e-mail is an audit target of the group manager. Here, when the post-audit has already been completed for the e-mail, it may of course be controlled not to be audited. In the case of the audit target, the change of the audit result is accepted.

  If the group administrator determines that the email acquired in step S804 is an email to be audited (Yes in step S805), the post-audit processing unit 305 determines that the email acquired in step S804. It is determined whether the mail data meets the other search conditions input via the screen of FIG. 9 (step S806).

  If it is determined in step S806 that they match (Yes in step S806), the post-audit processing unit 305 moves the process to step S807, and displays the e-mail data acquired in step S804 as a display target. The data is added as e-mail data to a predetermined storage area in the RAM 202, and the process proceeds to step S808.

  In step S808, the post-audit processing unit 305 performs an evaluation process on the email data added to the display target email in step S807. More specifically, the post-audit processing unit 305 performs a similar sentence search of the e-mail data by using a well-known similar search technique, and previously evaluated e-mail data stored in the HDD 204 (evaluation value will be described later). As shown in FIG. 12, it is stored in the HDD 204). Then, the evaluation of e-mail data having a certain degree of similarity or higher is acquired from the e-mail data evaluated in the past and averaged (may be distributed according to the degree of similarity) to evaluate the e-mail. Guess. Then, the estimated evaluation is added to a predetermined storage area in the RAM 202 in association with the electronic mail data. For example, if an email that has been evaluated in the past and has a similarity of 20% or more with the email has an evaluation of 100 with a similarity of 90%, an evaluation of 100 with a similarity of 60%, and an evaluation of 50 with a similarity of 20%, When averaged, the evaluation of the e-mail is estimated to be “75”.

  When the evaluation process in step S808 ends, the post-audit processing unit 305 advances the process to step S809.

  On the other hand, when it is determined that the email data acquired in step S804 is not an email to be audited by the group manager (No in step S805), or the email data acquired in step S804 is the screen of FIG. If it is determined that it does not match the other search conditions input via (No in step S806), the process proceeds directly to step S809.

  Thereafter, in step S809, the processing from step S804 to step S808 is repeated until there is no unprocessed e-mail in the search target period (No in step S809).

  After the processing for all mails is completed (that is, when the post-audit processing unit 305 determines that there is no unprocessed e-mail in the search target period) (No in step S809), the post-audit processing unit 305 The display target mail data is displayed on the display device of the information processing device 104 used by the group manager (step S810). For example, the image of the screen 1001 in FIG. Here, the data are sorted and displayed in descending order of evaluation value. Further, in the present embodiment, an e-mail with a higher evaluation value has a lower evaluation (highly likely to be unsent).

  Note that it is highly likely that the CPU 201 determines that the evaluation 1007 is higher than a certain value (threshold value included in the operation condition), that is, the evaluation is bad and transmission is impossible due to the operation condition being set. It may be configured such that only the e-mail is displayed on the screen 1001 and the administrator evaluates (audits) only an e-mail whose estimated evaluation is higher than a certain value (threshold). As a result, it is possible to narrow down the emails to be audited.

  With the above processing, even if the stored data of the e-mail is extended over a long period of time and the manager is moved or the manager is moved, the group to which the e-mail belongs at the time of e-mail transmission, and the When a manager who manages a group is specified and the e-mail is transmitted, a list of managers who easily manage the group to which the e-mail belongs is identified and the e-mail is audited (FIG. 10). ) Can be created.

  As described above, the CPU 201 of the e-mail audit server 103, when there is an e-mail audit processing request from any of the group managers, from the stored and stored e-mail, the manager of the group to which the e-mail belongs. Extracts the email that is the administrator who has requested the audit processing of the email as an email to be audited by the administrator, and causes the administrator to input the audit information for the extracted email Features the configuration.

  Therefore, when an e-mail is audited, it is possible to have the group administrator of the e-mail at the time of e-mail transmission audit the e-mail. Even after changes are made to the time and the auditor, audits by other administrators are no longer performed, and information that was originally inaccessible is not accessed. In addition, when the mail sender belongs to multiple groups, it is possible to specify an administrator who can disclose information by broadcasting to the administrator. Since the e-mail affiliation group is determined in consideration of the relationship, it is possible to have an appropriate administrator perform the audit, and as a result, the risk of information leakage due to the spread of information can be reduced. It becomes possible.

  Therefore, the supervisor who was an administrator who audits the email of a certain employee can access only the information issued by the employee to be managed and does not allow access to other information. You can manage rights.

  Also, similar sentence search is performed from past evaluation results to estimate the evaluation of unaudited mail, and the priority order of mail to be audited is presented based on the estimated evaluation value, or mail to be audited is not audited. You can sort emails you like.

  As described above, the CPU 201 of the email audit server 103 acquires an email similar to the extracted email from the HDD 204, and the post-audit result DB (in which the audit information of the acquired email is stored in the HDD 204 is stored. 12), based on the acquired similar audit information of the e-mail, the evaluation of the extracted e-mail is estimated, the estimated evaluation is presented to the administrator, and the extracted Audit information for an e-mail is input to the administrator.

  Further, the CPU 201 of the electronic mail audit server 103 causes the administrator to input audit information for the extracted electronic mail in the order based on the estimated evaluation.

  The above is a flowchart showing details of the mail data selection / display processing.

  FIG. 10 is a view showing an example of a search result list screen 1001 for displaying results based on the e-mail selection / display processing shown in FIG.

  In this screen 1001, the post-audit implementation status (audit status) 1002, email subject 1003, sender address 1004, recipient / broadcaster address 1005, transmission date and time 1006, evaluation 1007 for each email that matches the search conditions. Etc. are displayed.

  As described above, this evaluation 1007 is performed by, for example, searching for an e-mail similar to the e-mail using a known similar sentence search technique in advance, and determining that the e-mail is determined to have a certain degree of similarity (similar e-mail). This is an estimated evaluation value obtained by calculating an evaluation value (estimated evaluation value) on the basis of evaluation with other group managers (evaluated value if audited).

  Of course, it is possible to sort the e-mails displayed on this screen 1001. Therefore, when the estimated evaluation values (evaluation 1007) are sorted in descending order, it becomes possible to preferentially audit e-mails that are likely to be unable to be sent, and other group administrators thereafter It is possible to accumulate data that can serve as an index for auditing more quickly.

  Note that, by default, the CPU 201 performs control so that the e-mails displayed as a list on the screen 1001 are sorted and displayed in descending order of the estimated evaluation value indicated in the evaluation 1007.

  Items other than the evaluation 1007, that is, items such as the audit status 1002, the mail subject 1003, the sender address 1004, the receiver / broadcaster address 1005, the transmission date and time 1006, and the like may be configured to be sortable. In addition, in FIG. 10, all emails are displayed regardless of whether auditing is completed or not. However, there is a setting for displaying only audited emails or a setting for displaying only unaudited emails. Is possible.

  In addition, the CPU 201 of the e-mail audit server 103 detects this by double-instructing the row of the list on this screen 1001 with the pointing device of the information processing apparatus 104 used by the group manager, and the result is shown in FIG. Such a detail confirmation screen 1101 can be displayed on the display of the information processing apparatus 104 used by the group manager.

The evaluation input on the detail confirmation screen 1101 is based on the result of the post-audit for similar emails. For example, the evaluation input as shown in 1102 is “0”, “check required” if it is evaluated as “transmittable” Or “50” for those evaluated as “neither”, and “100” for those determined as “not transmittable”. In addition, this numerical example is an example and can be arbitrarily adjusted. Further, the categories such as “transmission enabled” and “transmission disabled” are not limited to this, and can be arbitrarily set.
Returning to the flowchart of FIG.

  When the mail data selection / display process (FIG. 8) in step S702 is completed, the post-audit processing unit 305 performs a mail data detail display request (double-click instruction for each line of the mail list) via the screen shown in FIG. ) (Step S703), and if it is determined that an instruction has been received (Yes in step S703), the display of the information processing apparatus 104 used by the group manager for details of the specified mail (Step S704) (). At that time, a screen as shown in FIG. 11 is displayed.

  FIG. 11 is a diagram showing an example of a post-audit screen 1101 for e-mail.

  On this screen 1101, to which e-mail address, e-mail address (TO), broadcast address (CC), BCC, etc., is sent from the group manager, the contents of the text, and attached to the e-mail Confirm the contents of the file, and accept how the mail should actually be handled (sendable / not sendable / check required / cannot say either) by inputting the radio button in the evaluation 1102 column (Input acceptance means) When the “confirm” button 1103 is pressed, the post-audit of the e-mail is completed.

Note that the administrator can confirm the contents of the attached file not only by the text 1104 but also by giving an instruction to click the attached file with the pointing device in the attached 1105.
Returning to the flowchart of FIG.

  When the post-audit processing unit 305 determines that the audit end instruction input has been received via the screen as illustrated in FIG. 11 (“Confirm” button 1103 has been pressed) (Yes in step S705), The result data is stored in the post-audit result DB (FIG. 12) in the HDD 204.

  Then, the processing from step S703 to step S706 is performed until end support is received from the group manager (until the “end” button 1008 in FIG. 10 is clicked).

  In other words, the post-audit processing unit 305 determines whether or not there has been an end instruction based on an operation by the user via the screen. Note that the termination instruction is, for example, an instruction to close the screen in FIG. 10 or an instruction to log out.

  If the post-audit processing unit 305 determines that there is no end instruction yet (No in step S707), the post-audit processing unit 305 returns the process to step S703.

  On the other hand, if the post-audit processing unit 305 determines that there is an end instruction (Yes in step S707), the post-audit processing unit 305 ends the process.

  FIG. 12 is a diagram showing an example of the configuration of a post-audit result DB that registers post-audit results of e-mails.

  As shown in FIG. 12, ID information for uniquely identifying an e-mail, audit execution date, auditor, evaluation, and the like are registered in the post-audit result DB.

  For example, “0” is registered in the evaluation column for “transmission enabled”, “100” for transmission impossible, “50” for “check required”, and “50” for “neither”. In addition, this numerical example is an example and can be arbitrarily adjusted. Further, the categories such as “transmission possible” and “transmission impossible” are not limited to this, and can be arbitrarily set.

  Note that when an email belongs to a plurality of groups, each group administrator performs a post-audit, so there may be a plurality of post-audit data for one mail.

  Through the above-described post-audit processing, each management determines whether the audit was valid separately from the audit based on the filtering rule by the e-mail audit server that can send (send) / hold / cannot send (delete) Data is accumulated by the person who makes the judgment at the time of the ex-post audit.

  In this embodiment, the e-mail auditing right has been described as an example. However, the above-mentioned e-mail sender and transmission date and time are replaced with the information creator and the creation date and time, thereby giving general information access rights. Can be managed.

  With this configuration, an administrator who is an administrator can manage access rights that are accessible only to information issued by employees to be managed and are not allowed to access other information. it can.

  When an information audit is performed, it is possible to have the administrator at the time of information creation perform the audit, so even after changes have been made to the information creator and the auditor due to changes in the information creator or administrator, Since no audit is performed by another administrator, it is possible to reduce the risk of information leakage due to information spreading as a result.

DESCRIPTION OF SYMBOLS 101 Email server 102 LDAP server 103 Email audit server 104 Information processing device 106 Wide area network 107 Email server 108 Information processing device 109 Local area network

Claims (10)

Storage means for storing group information in which one or more email addresses belonging to a group and an administrator of the group are associated with each other;
A group identification unit that identifies a group to which a mail address set as a transmission destination or a transmission source of the e-mail belongs using group information stored in the storage unit;
E-mail management that is managed as an e-mail to be audited by an administrator set as a destination of the e-mail among managers of the plurality of specified groups when there are a plurality of groups specified by the group specifying unit Means,
An extraction means for extracting an email managed as an email to be audited by the administrator when the administrator has requested an audit processing of the email ;
An input accepting means for inputting audit information against the electronic mail extracted by the extraction means to the administrator performing the audit process request for the e-mail,
An electronic mail auditing apparatus characterized by comprising: A context determination means for determining whether or not there is a contextual email in the email,
The e-mail management means further includes:
The administrator that audits an email having a context with the email is managed as an email to be audited when the context determining unit determines that an email with the context exists. The electronic mail auditing apparatus according to 1. The e-mail management means further includes:
If the number of groups specified by the group specifying means is larger than the email in the context, the email is audited by an administrator who audits the email in the context The electronic mail auditing apparatus according to claim 2, wherein the electronic mail inspection apparatus is managed as an electronic mail to be sent. The e-mail management means further includes:
The front and rear transmission destination is not set in the electronic mail having a relationship or source, if it is set to the destination or source of the electronic mail, the electronic mail, has been set as the destination or source 4. The electronic mail audit apparatus according to claim 1, wherein the electronic mail is managed as an electronic mail to be audited by an administrator associated with the mail address. The group information further includes
Including information indicating a period during which the administrator has authority to manage the group;
The storage means further includes
Storing a history of the group information;
The extraction means further includes:
5. The method according to claim 1, further comprising: extracting e-mails transmitted and received during a period in which the administrator who has requested the audit processing has management authority, according to information indicating a period in which the group has authority to manage the group. The electronic mail auditing apparatus according to item 1.   The electronic mail auditing apparatus according to claim 1, further comprising an update unit that updates the group information stored in the storage unit.   The electronic mail auditing apparatus according to claim 6, wherein the updating unit updates the group information based on information acquired from an external apparatus.   8. The electronic mail auditing apparatus according to claim 7, wherein the updating unit updates the group information based on directory information acquired from an external apparatus that manages directory information. An information processing method in an e-mail auditing apparatus that stores group information in which one or more e-mail addresses belonging to a group and an administrator of the group are associated with each other,
A group specifying step of specifying a group to which a mail address set as a transmission destination or a transmission source of the e-mail belongs, using the stored group information;
When there are a plurality of groups specified by the group specifying means , the e-mail management unit of the e-mail auditing apparatus has a management set as a destination of the e-mail among managers of the specified groups E-mail management process to manage as e-mail audited by the person ,
An extraction step of extracting an email managed as an email to be audited by the manager when the email audit process is requested by the manager;
Input receiving means of said electronic mail inspection apparatus, an input receiving step for inputting the audit information against the electronic mail extracted by the extraction means to the administrator performing the audit process request for the e-mail,
An information processing method characterized by comprising: A program executable in an electronic mail auditing apparatus that stores group information in which one or more mail addresses belonging to a group and an administrator of the group are associated with each other,
The e-mail audit device;
The group destination or e-mail address set as the source of the email belongs, and a group specifying means for specifying with a pre-crisis憶by group information,
E-mail management that is managed as an e-mail to be audited by an administrator set as a destination of the e-mail among managers of the plurality of specified groups when there are a plurality of groups specified by the group specifying unit Means,
An extraction means for extracting an email managed as an email to be audited by the administrator when the administrator has requested an audit processing of the email ;
Program for causing to function as an input receiving means for inputting audit information against the electronic mail extracted by the extraction means to the administrator performing the audit process request of the electronic mail.

Images