WO2006059383A1 - Electronic mail sending method, electronic mail sending program, electronic mail approving program, electronic mail sending device, and electronic mail approving/sending system - Google Patents

Electronic mail sending method, electronic mail sending program, electronic mail approving program, electronic mail sending device, and electronic mail approving/sending system Download PDF

Info

Publication number
WO2006059383A1
WO2006059383A1 PCT/JP2004/017876 JP2004017876W WO2006059383A1 WO 2006059383 A1 WO2006059383 A1 WO 2006059383A1 JP 2004017876 W JP2004017876 W JP 2004017876W WO 2006059383 A1 WO2006059383 A1 WO 2006059383A1
Authority
WO
WIPO (PCT)
Prior art keywords
mail
approval
transmission
computer
authority
Prior art date
Application number
PCT/JP2004/017876
Other languages
French (fr)
Japanese (ja)
Inventor
Osamu Aoki
Hiroaki Kawano
Original Assignee
Intelligent Wave Inc.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Intelligent Wave Inc. filed Critical Intelligent Wave Inc.
Priority to PCT/JP2004/017876 priority Critical patent/WO2006059383A1/en
Priority to JP2006515529A priority patent/JPWO2006059383A1/en
Publication of WO2006059383A1 publication Critical patent/WO2006059383A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L51/00User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail
    • H04L51/07User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail characterised by the inclusion of specific contents
    • H04L51/08Annexed information, e.g. attachments

Definitions

  • the present invention relates to an e-mail transmission for preventing information leakage by allowing only an e-mail that has been approved by an approval authority to be transmitted for an e-mail that satisfies a predetermined condition such as including important information.
  • the present invention relates to a method, an e-mail transmission program, an e-mail approval program, an e-mail transmission apparatus, an e-mail approval apparatus, and an e-mail transmission system.
  • E-mail is the most convenient means for the internal power of companies to bring information to the outside.
  • the important information is neglected due to mistaken address designation. Is often sent to a third party.
  • an attribute or an approver of an e-mail to be transmitted is determined according to whether the sender needs to approve or not. set, the invention executes the transmission of e-mail is disclosed approval by an approver triggers (e.g., Patent Document 1, Patent Document 2.) 0
  • an approver triggers e.g., Patent Document 1, Patent Document 2.
  • the sender Must make the necessary settings for approval, When used in conjunction with a system that filters email based on a pre-set security policy, even email that has been approved by an approver cannot be sent if it violates the security policy There was a problem.
  • Patent Document 1 Japanese Patent Laid-Open No. 6-205043
  • Patent Document 2 JP 2002-63117 A
  • Patent Document 3 Japanese Patent Laid-Open No. 2002-217980
  • the terminal device power operated by the sender is sent and approved by a server or the like installed in the in-house network. It is configured to control the transmission to the external network by confirming the approval etc. by the user.
  • the e-mail system using the encryption key such as PKI mentioned above is used together, the e-mail that has been encrypted at the sending terminal will be controlled by the server.
  • the authentication process using the confirmation by the authorization authority and the hash value there is a problem that the encryption / decryption of data must be repeated! /.
  • Patent Documents 1 to 3 require a dedicated mailer or network monitoring server, so companies have introduced these technologies. In doing so, it will be necessary to construct a dedicated network system and to customize a general-purpose mailer or mail server, and so installation and maintenance costs will be appropriate.
  • the present invention has been made in order to cope with such a problem.
  • a predetermined condition such as including important information
  • E-mail transmission method to prevent information leakage by enabling transmission, especially in companies such as e-mails sent by e-mail systems using encryption keys such as PKI, and Web mail
  • e-mail transmission method that can handle e-mails sent without using a mail server that can be used, and can be easily introduced using a general-purpose mailer or mail server It is intended.
  • the present invention that solves such a problem is a method for transmitting an e-mail that enables transmission of only an e-mail that has been approved by an approval authority for an e-mail that satisfies a predetermined condition.
  • the first computer operated by the e-mail sender determines whether the e-mail for which the transmission instruction has been accepted is an e-mail that requires approval by the approval authority, and the first computer sends A step of determining whether the e-mail that has received the instruction is an e-mail that has been approved by an approval authority, and the first computer is determined to require approval by the approval authority, and the approval authority
  • the approval request mail including the contents of the e-mail is sent to the second computer operated by the approval authority, after the e-mail has been approved.
  • the approval authority Receiving a confirmation result of the content of the email by a person, and when the second computer approves the transmission of the email, the second computer receives at least one of the content of the email.
  • the first computer includes the password in the email.
  • the password is generated from a digest of at least part of the content of the email.
  • the password which is an electronic mail transmission method according to claim that you determined that the e-mail is an e-mail that was approved by the approval authority.
  • the first computer is an e-mail that has been determined not to require approval by an authorized person, or has been approved by an authorized person but has been approved by an authorized person. And e-mail determined to be sent to a destination specified in the e-mail.
  • an e-mail that is not judged by a mail server or the like after sending the e-mail to the network is determined by determining whether or not to approve the e-mail to be sent. Easily install using a general-purpose mailer or mail server by configuring the computer operated by the sender to acquire and determine the e-mail that has been accepted by the mailer.
  • An e-mail transmission method that can be used.
  • the e-mail transferred to the approval authority is given the password created by the e-mail body, etc. if approved, and given by the approver when re-sending after approval. E-mail can be sent to the specified destination only when the password and the text of the e-mail to be sent match. Therefore, it is guaranteed that an e-mail that needs to be approved can be sent only by an e-mail that has been approved by the approval authority and has the same contents as that confirmed by the approval authority.
  • the password used here is derived from at least part of the digest of the email content. The power of the e-mail subject to the digest is included in the e-mail body, attachments, e-mail recipients, and other mail headers such as sender and title May be included.
  • the first computer transmits an e-mail when a new e-mail is detected in the transmission tray of the e-mail transmission / reception program or when an e-mail transmission process is executed in the Web browser. Detecting instructions and determining whether the e-mail is an e-mail that requires approval by an approval authority or determining whether the e-mail is an e-mail approved by an approval authority This is characterized by the fact that
  • a Web browser is used on a computer operated by a sender who transmits e-mail.
  • a sender who transmits e-mail.
  • the present invention provides an e-mail transmission program stored in a computer operated by an e-mail sender, which is necessary for carrying out the e-mail transmission method according to the present invention.
  • the e-mail transmission program provides an e-mail sender for enabling transmission of only e-mail that has been approved by an approval authority for e-mail that satisfies a predetermined condition.
  • the e-mail is sent to the second computer indicating that the e-mail has been approved by the approval authority.
  • the e-mail transmission program determines that the e-mail is an e-mail that has been approved by an approval authority if it matches a password generated from a part of the digest.
  • the first computer is determined not to require approval by the approval authority, or it is determined that approval by the approval authority is required but is approved by the approval authority.
  • the step of transmitting the e-mail to the destination specified in the e-mail may be executed.
  • the first computer detects an e-mail transmission instruction when a new e-mail is detected in the transmission tray of the e-mail transmission / reception program or when an e-mail transmission process is executed in the Web browser. Determining whether the e-mail is an e-mail that requires approval by an approval authority, or determining whether the e-mail is an e-mail that has been approved by an approval authority. May be a feature.
  • the e-mail approval program according to the present invention is operated by the e-mail approval authority to enable transmission of only e-mails that have been approved by the approval authority for e-mails satisfying predetermined conditions.
  • An e-mail approval program stored on the computer of the first computer, and the second computer requires approval by the approval authority from the first computer operated by the e-mail sender.
  • Receiving an approval request mail including the content of the email determined to be a step of receiving a confirmation result of the content of the email by the approval authority, and the confirmation result approves the transmission of the email If it is, the email Generating a password indicating that approval by the approval authority has been obtained from at least a part of the digest of the content of the content, and sending a transmission approval mail including the password for notifying the transmission approval of the email.
  • the first computer that has received the transmission approval mail receives an instruction to send an e-mail that requires approval by the authorized person, the password is added to the e-mail.
  • the email is approved by the authorizing authority. It is determined that the e-mail is mail, and the e-mail is transmitted to the destination specified in the e-mail. E-mail approval program.
  • the present invention provides an e-mail transmission device operated by an e-mail sender and e-mail approval operated by an e-mail approval authority necessary for implementing the e-mail transmission method according to the present invention. It can also be understood as a first computer operated by the device or the e-mail sender and a second computer-powered e-mail transmission system operated by the e-mail approval authority.
  • the e-mail transmission apparatus is an e-mail transmission apparatus for enabling transmission of only an e-mail that has been approved by an approval authority for an e-mail that satisfies a predetermined condition.
  • the first determination means for determining whether the e-mail that has received the transmission instruction is an e-mail that requires approval by the approval authority, and the e-mail that has received the transmission instruction has been approved by the approval authority.
  • the second determination means for determining whether it is an email and the first determination means determine that approval by an approval authority is required, and the second determination means has received approval by the approval authority.
  • sending means for sending an approval request mail including the contents of the e-mail to a computer operated by the approval authority. !
  • the second determination means is generated from a digest of at least part of the contents of the e-mail in the computer indicating that the e-mail has been approved by the approval authority.
  • the password matches a password generated from a digest of at least part of the email content.
  • the electronic mail transmitting apparatus determines that the electronic mail has been approved by an approval authority. An e-mail that is determined not to require approval by an approval authority or an e-mail that is determined to require approval by an approval authority but is approved by the approval authority A second transmission means for transmitting to the destination specified in the e-mail may be provided.
  • the e-mail transmission instruction accepted by the first determination means or the second determination means is that a new e-mail is detected in the transmission tray of the e-mail transmission / reception program or the e-mail transmission is performed in the web browser.
  • An electronic mail transmission instruction may be detected when the process is executed.
  • An e-mail approval device is an e-mail approval device for enabling transmission of only an e-mail that has been approved by an approval authority for an e-mail corresponding to a predetermined condition.
  • Generating means for generating a password indicating approval by an authorized person, and the password for notifying the approval of transmission of the e-mail A transmission means for transmitting a transmission approval mail to the computer, and the computer that has received the transmission approval mail receives the e-mail transmission instruction that requires approval by the approval authority, and then receives the e-mail. If the password contains the password and the password matches a password generated from a digest of at least a portion of the content of the email, the email has been approved by an authorized person
  • An e-mail approving apparatus characterized in that it is determined to be an e-mail, and the e-mail is transmitted to a destination specified in the e-mail.
  • An e-mail transmission system provides an e-mail sender for enabling transmission of only e-mails that have been approved by an approval authority for e-mails satisfying predetermined conditions.
  • First computer to operate and authorized person to approve the e-mail
  • the first judging means, the second judging means for judging whether the e-mail that has received the transmission instruction is an e-mail approved by the authorizing authority, and the approval by the authorizing authority by the first judging means.
  • the contents of the e-mail are transferred to the second computer operated by the approval authority.
  • Accepting means for receiving the confirmation result of the content of the e-mail, and if the confirmation result approves the transmission of the e-mail, the approval is received from at least a part of the digest of the e-mail content.
  • the second determination means provided includes the password when the email includes the password, and the password matches a password generated from a digest of at least a part of the content of the email.
  • An e-mail transmission system characterized by determining that the e-mail is an e-mail that has been approved by an approval authority. It is.
  • the first computer is determined to be approved by the approval authority although it has been determined that the approval is not required by the approval authority, or the approval authority is required.
  • a second transmission means for transmitting the electronic mail to the destination specified in the electronic mail may be provided.
  • the e-mail transmission instruction accepted by the first determination means or the second determination means provided in the first computer is that a new e-mail is detected in the e-mail transmission / reception program transmission tray.
  • an e-mail transmission instruction may be detected when an e-mail transmission process is executed in a Web browser.
  • the present invention approves emails that meet certain conditions, including important information. By making it possible to send only e-mails approved by the authorized person, it is possible to contribute to prevention of information leakage.
  • e-mails sent by e-mail systems using encryption keys such as PKI and Web mails are used without sending mail servers such as POP mails. Since it is possible to respond to e-mails that are received, a wide range of e-mails can be approved.
  • FIG. 1 is a block diagram showing a configuration of an e-mail transmission system according to the present invention.
  • FIGS. 2 to 8 are first to seventh diagrams showing the processing procedure of the e-mail transmission method according to the present invention.
  • FIG. 9 and FIG. 10 are flowcharts showing the first and second processing flows of the e-mail transmission program stored in the computer operated by the sender in the present invention, respectively.
  • FIG. 11 is a flowchart showing a processing flow of the e-mail approval program stored in the computer operated by the approval authority in the present invention.
  • the sender terminal 10 has a mail control program 143 and a judgment rule table 144 in addition to the mailer 241.
  • Each email approval program 242 is installed.
  • the sender terminal 10 includes a CPU 11, a RAM 12, and a ROM 13, and in order to execute predetermined processing by an application program stored in the HDD 14, input control, output control, etc. stored in the ROM 13 are performed.
  • Basics for hardware control The CPU 11 performs arithmetic processing while starting the program and causing the RAM 12 to function as a work area for the application program.
  • various basic programs for hardware control such as input control and output control stored in the ROM 23 are stored.
  • the CPU 21 performs arithmetic processing while starting up and making the RAM 22 function as a work area for application programs.
  • the mailer 141 When an e-mail sender transmits an e-mail from the sender terminal 10, the mailer 141 is read from the HDD 14 and activated to create an e-mail to be transmitted. In a state where the mailer 141 is activated and an e-mail can be sent, the mail control program 143 is read from the HDD 14 and the transmission of the e-mail from the mailer 141 is monitored.
  • the mail control program 143 may be activated at all times while the mailer 141 is operating, or may be constantly monitored regardless of whether the mailer 141 is activated while the sender terminal 10 is operating. As well as to do.
  • the monitoring of the email transmission from the mailer 141 executed by the mail control program 143 is to accept the transmission instruction of the email created by the mailer 141, specifically, to be placed in the transmission tray of the mailer 141.
  • the mail control program 144 determines whether the approval authority needs to approve the mail file for transmission placed in the transmission tray.
  • the e-mail body and the attached file can be used for the determination of the file before being encrypted by PKI or the like.
  • E-mail transmission from the sender terminal 10 is not performed by POP mail using the mailer 141, but the HDD 14 is also activated by reading the browser 142 and accessing a site that can send Web mail. An e-mail may be sent.
  • the mail control program 143 that has also read the HDD 14 power hooks the operation of the browser 142 and monitors the transmission of the e-mail. In this case as well, the mail control program 143 continues to monitor at least as long as the browser 144 is operating. If the browser 142 operates to detect the transmission of an email, the mail control program 143 Acquire the file and execute the judgment of approval necessity by the approval authority.
  • the mail control program 143 determines whether or not the approval by the approval authority is necessary for the transmission mail file acquired by the transmission tray or the like. Whether or not approval is required is determined in the determination rule table 144 of the HDD 14, and the determination is made based on whether or not the rule is applicable.
  • the content of the judgment rule is not particularly limited. It is possible to make a judgment using the text strength key of the outgoing mail, etc., and the mail with the destination address strength of the mail header specified. It's also possible to judge against the address. These rules are not based on a single rule, but may be determined by combining multiple rules.
  • determining whether approval is required different rules may be applied depending on whether the transmission e-mail is addressed outside the company. For example, it is possible to use only important emails for approval within the company, and all emails for approval outside the company. Whether the mail address is internal or external can be determined by the type of mailer if the mailer used is different, and if the same mailer is used, it can be determined by the domain name of the specified mail address. ,.
  • the determination rule table 144 is provided in the sender terminal 10.
  • the storage location of the powerful table is not limited to the sender terminal 10.
  • It can be stored in another computer such as an information leakage monitoring server connected via a network, and the judgment rules for terminals in the network can be centrally managed based on the security policy! .
  • the processing procedure up to the e-mail transmission will be described more specifically with reference to FIGS.
  • the outline of the e-mail transmission processing procedure is as shown in FIG.
  • Sender (A) The approval request email is forwarded to the approver (B) who has the authority to approve the transmission (1).
  • the sender (A) sends an approval notification with a password (2), and the sender (A) sends an email to the recipient (X) using the password ( 3). If approval is not required, mail is sent directly to the recipient (X) ( ⁇ ).
  • the mail file for sending is returned to the outbox, Sent as normal mail.
  • Sent as normal mail.
  • an e-mail of a sender ( ⁇ ) who specified the recipient (X) as a destination is transmitted to the recipient (X) ( ⁇ ).
  • the transmitted e-mail passes through the gateway 40 from the mail server 30 and is transmitted to the destination mail server via the Internet.
  • the e-mail control program 143 designates the destination of the approval authority as the destination address, and the e-mail described in the e-mail file for transmission
  • An approval request e-mail with the main text created is sent from the main text, attached file, destination and title described in the e-mail header.
  • the designation of the approval authority's address for example, a pop-up window that asks which approval authority should be examined on the screen pops up, and the mail control program 143 can specify the approver by selecting the sender. You can also set it! /
  • the destination of the authorization authority is not limited to one address, and different addresses may be designated depending on the judgment result. Multiple authorization authorities may be designated by designating multiple addresses for one email. The person may give approval. The address specified as the destination can also be acquired from Active Directory. Similar to the above-described determination rule, it may be configured to acquire another computer connected via the network.
  • FIG. 4 shows an example of an approval request email that is forwarded to an approver (B) who has authorization to send an email when approval is required for the email sent by the sender (A).
  • Sent as an approval request email (1) is transmitted to the approver terminal 20 via the route of the internal network for internal mail transmission. Internal mail can be transmitted using the same mail server 30 as external mail via the Internet.
  • the HDD 24 also reads and activates the mailer 241 and receives an email from the POP server of the mail server 30.
  • the approval request email is also received at the approver terminal 20 in the same way as a normal email, and the approval authority confirms the address and contents of the email that he / she tried to open and send the received approval request email, and decides whether to approve it. To decide.
  • the transmission approval process in the approver terminal 20 is executed by the mail approval program 242 read from the HDD 24.
  • a button for selecting permission or disapproval by the mail approval program 242 is displayed.
  • the sender terminal 10 is not permitted to transmit.
  • a notification email is sent.
  • the display of the selection button to be used automatically is, for example, if an approval request mail is recorded with a unique identifier in the mail header or the like, and if this identifier is detected by the mail approval program 242, the selection button will pop up automatically. Display can be made.
  • the specific operation added to the general-purpose mailer may be processed by a program different from the general-purpose mailer, or may be added to the general-purpose mailer as add-in software.
  • add-in software for example, a selection button for selecting approval is added as one of the menu buttons of the general mailer.
  • FIG. 5 shows an example in which the approver (B) having the authorization authority does not approve the email sent by the sender (A).
  • the e-mail to notify the unauthorized disapproval is addressed to the sender (A), and the body text contains a standard comment that the transmission of the e-mail is not approved, and the address of the e-mail to be sent included in the approval request e-mail , Title, text, etc.
  • comments about the reasons for disapproval may be attached in the text or attached file.
  • the e-mail notifying permission is sent from the approver (B) to the sender (A) (2).
  • an approval notification mail for notifying the sender terminal 10 that the transmission is approved is transmitted.
  • Create an email notification for approval This is executed by Gram 242 but specifies the destination address from the sender address included in the email header and body of the approval request email, and the digest (optional) A long word is reduced to a fixed-size, small-size data.)
  • the generated password may be described in the body of the approval notification email, or it may be attached to the approval notification email as an attached file.
  • FIG. 6 shows an example in which an approver (B) having approval authority approves an electronic mail transmitted by the sender (A) and transmits an approval notification mail.
  • Approval notification emails are addressed to the sender (A), and the body text contains a standard comment to approve the transmission of the email, the destination email address, title, body text, etc. included in the approval request email
  • the password generated from the digest of the approval request email is described as part of the text or attached as an attached file.
  • the approval notification mail is sent from the approver (B) to the sender (A) (2).
  • the sender terminal 10 When the sender terminal 10 receives the approval notification mail, the sender terminal 10 creates a mail for transmission approved by the approval authority using the password included in the approval notification mail.
  • the password written as part of the body of the approval notification email or the password attached to the approval notification email is cut out and attached to the email for sending or for sending Used as part of the email text.
  • the content of the text described in the outgoing mail and the destination to be sent are required to be the same as those approved by the approver, but the content of the main text and the address of the destination to be used are extracted. It is also possible to cut the sent filer of the approval request email sent to the approval authority for approval! /.
  • FIG. 7 shows an example of the approved transmission mail created by the sender (A) using the approval notification mail received by the approver (B).
  • the received approval notification email includes the recipient (X) that is the destination of the approved sending email and the contents described in the text, and further indicates that the approval has been approved by the approval authority.
  • a nose word generated from the digest of the trusted email is attached.
  • An approved outgoing e-mail is specified with the same address as the one that has been approved, the body of the same content is described, and a nose word generated from the digest is attached.
  • the mailer 141 activates an email transmission process.
  • the power of the approved sending mail that received the sending instruction is placed in the sending tray of the mailer 141. Since the sending tray is monitored in the same manner as the first sending process described above, it is sent to the specified destination. Before being sent, a determination is made as to whether approval by the approval authority is necessary.
  • the method for determining whether a password indicating approval by an approval authority is attached to the email to be sent is particularly limited, for example, by recording a predetermined identifier indicating the presence of the password in the email header.
  • the password is generated from the body of the outgoing e-mail using the same function that is used for generating the password at the approver terminal 20. It is done by comparing with the attached password.
  • the mail approval program 242 of the approver terminal 20 includes a function for generating a password from a digest such as a mail text and an attached file, but the sender terminal 1
  • the mail control program 143 of 0 includes a similar function, so that a password is generated by the function from the body of the transmission mail and the like, and the comparison with the attached password is executed. If the sender's approved e-mail address, title, text, etc. are tampered with and sent, the original data of the digest is included in the e-mail approved by the approver terminal 20 Therefore, it is possible to verify that the e-mail for sending has been altered in the approved content. Therefore, if the passwords do not match, the transmission mail is not transmitted, and an error screen is displayed on the display of the sender terminal 10, for example, in order to notify the sender.
  • FIG. 8 shows an example in which the approved transmission mail created by the sender (A) is transmitted.
  • Approved outgoing mail has the recipient (X) specified as the recipient, the password attached to the approval notification mail, the password is attached, and the password is valid If it is confirmed, it has been approved by the approval authority and it has been determined that the content has not been tampered with since the approval, and the password is deleted and sent to the recipient (X). (3).
  • the determination of the transmission mail in the sender terminal 10 is performed by monitoring the transmission file placed in the transmission tray of the mailer 141, and after the determination, the transmission file is returned to the transmission file.
  • the e-mail is transmitted to a predetermined destination.
  • the mail control program 143 determines the outgoing mail by the mailer 141. It can be executed as an additional process to the normal e-mail transmission / reception process.
  • the general applicator terminal 20 only needs to have a function for generating a password from the mail text and the attached file. Even an email system using a mail server can be installed simply by installing a special program on the client terminal.
  • a powerful mail control program and mail approval program may be added to the general-purpose mailer as add-in software.
  • buttons for executing an application for approval and replying the approval result are displayed on the toolbar of the general-purpose mailer. Processing can be executed.
  • the e-mail transmission program stored in the computer operated by the sender is used to determine whether the e-mail to be sent has been approved by the approval authority.
  • the flowchart in FIG. 9 is a first processing flow in which it is first determined whether or not approval has been received from the approval authority.
  • the flowchart in Fig. 10 is a second processing flow in which it is first determined whether approval by an approval authority is required.
  • the password is valid, it is determined that the e-mail can be sent, the password is deleted from the sending file (S04), and the e-mail is sent to the designated destination. (S05), the process ends. On the other hand, if the password is not valid, it is determined that the e-mail cannot be sent, an error is displayed on the terminal (S06), and the process is terminated.
  • the password is not attached to the transmission file, it is not an approved email, so the keywords such as the specified destination and the body of the email do not meet the predetermined rules, or the transmission instruction is It is determined whether or not approval by the approval authority is required for transmission based on whether or not the unique behavior of the terminal is applicable (S07).
  • the electronic mail is transmitted to a designated destination (S05), and the process ends. If approval is required, an approver selected by the sender or an approver designated in advance in the program is selected (S08), and an approval request e-mail addressed to the selected approver is sent. (S09), and the process ends.
  • the password is valid, it is determined that the email can be sent, The password is deleted from the transmission file (S15), an e-mail is sent to the designated destination (S16), and the process is terminated. On the other hand, if the password is not valid, it is determined that the e-mail cannot be sent, an error is displayed on the terminal (S17), and the process is terminated.
  • the approver specified by the sender or selected in advance by the sender is selected to receive approval by the approval authority (S18).
  • An approval request e-mail addressed to the approver is sent (S19), and the process ends.
  • the processing flow for e-mail approval in the computer operated by the approval authority is as shown in the flowchart of FIG.
  • the approval request mail transferred from the sender is received (S21).
  • a button for selecting approval / disapproval is displayed on the display (S22), and it is detected that the selection of any button has been accepted (S23).
  • the selected button approves the transmission, a word is generated from the digest of the destination, title, text, etc. of the mail approved for transmission (S24). It also creates an approval notification email to be sent to the sender who requested the approval, and attaches the generated password as a part of the body text or an attached file (S25). The approval notification mail with the password attached is transmitted to the sender who requested the approval (S26). If the selected button does not approve the transmission, a notification mail indicating that the transmission has been disallowed is created and transmitted to the sender who requested the approval (S27).
  • FIG. 1 is a block diagram showing a configuration of an e-mail transmission system according to the present invention.
  • FIG. 2 is a first diagram showing a processing procedure of an e-mail transmission method according to the present invention.
  • FIG. 3 is a second diagram showing a processing procedure of the e-mail transmission method according to the present invention.
  • FIG. 4 is a third diagram showing a processing procedure of the e-mail transmission method according to the present invention.
  • FIG. 5 is a fourth diagram showing the processing procedure of the e-mail transmission method according to the present invention.
  • FIG. 6 is a fifth diagram showing the processing procedure of the e-mail transmission method according to the present invention.
  • FIG. 7 is a sixth diagram showing the processing procedure of the e-mail transmission method according to the present invention.
  • FIG. 8 is a seventh diagram showing a processing procedure of the e-mail transmission method according to the present invention.
  • 9 In the present invention, it is a flowchart showing a first processing flow of an e-mail transmission program stored in a computer operated by a sender.
  • FIG. 10 is a flowchart showing a second processing flow of the e-mail transmission program stored in the computer operated by the sender in the present invention.
  • FIG. 11 is a flowchart showing a processing flow of an e-mail approval program stored in a computer operated by an approval authority in the present invention.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Information Transfer Between Computers (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

[PROBLEMS] Only an electronic mail containing important information and approved by an approval authorized person can be sent so as to prevent information leakage. Especially, an electronic mail system which is adapted to electronic mails such as electronic mails using encryption and Web mails and can be easily introduced by using a general-purpose mailer and a mail server is provided. [MEANS FOR SOLVING PROBLEMS] It is judged whether an electronic mail sent by a sender must be approved or not. If it must be approved, a mail for approval request is transferred to an approver having a sending approval authority. If the approver approves the sending, an approval notification with a password created by the digest such as the mail text is sent to the sender, the sender sends the mail with the password. When the mail is sent, a password is created form the mail text. If the password agrees with the attached password, the mail is judged to be not falsely altered, and the mail can be sent.

Description

電子メール送信方法、電子メール送信プログラム及び電子メール承認プ ログラム、電子メール送信装置及び電子メール承認装置、並びに電子メール送 信システム 技術分野  Technical field of e-mail transmission method, e-mail transmission program and e-mail approval program, e-mail transmission apparatus and e-mail approval apparatus, and e-mail transmission system
[0001] 本発明は、重要情報を含むなど所定の条件に該当する電子メールについて、承認 権限者による承認を受けた電子メールのみを送信可能とすることによって情報漏洩を 防止するための電子メール送信方法、電子メール送信プログラム及び電子メール承 認プログラム、電子メール送信装置及び電子メール承認装置、並びに電子メール送 信システムに関するものである。  [0001] The present invention relates to an e-mail transmission for preventing information leakage by allowing only an e-mail that has been approved by an approval authority to be transmitted for an e-mail that satisfies a predetermined condition such as including important information. The present invention relates to a method, an e-mail transmission program, an e-mail approval program, an e-mail transmission apparatus, an e-mail approval apparatus, and an e-mail transmission system.
背景技術  Background art
[0002] 企業力 顧客情報等の重要情報の流出が深刻な社会問題となっており、企業にと つて情報漏洩対策が重要な課題となって 、る。情報漏洩は外部力 の不正アクセス によって発生する場合と、企業内部力 の不正行為によって情報が漏洩する場合が あるが、前者についてはコンピュータシステムへの侵入を防止するためのファイアゥォ ール等の様々なセキュリティシステムが提供されるようになっているのに対し、後者へ の対策も重要な課題となって 、る。  [0002] Corporate power The leakage of important information such as customer information has become a serious social problem, and information leakage countermeasures are an important issue for companies. Information leakage may occur due to unauthorized access by external force, or information may be leaked due to unauthorized activity by corporate internal force. For the former, there are various types of firewalls to prevent entry into computer systems. While security systems are being provided, countermeasures against the latter are also important issues.
[0003] 企業内部力 の情報漏洩においては、特に電子メールの使用によって漏洩が生じ ることが多い。電子メールは、企業内部力も外部に情報を持ち出すために最も利便 性の高い手段であり、故意に重要情報を添付して電子メールを送信するケースの他 に、宛先の指定間違いによって過失で重要情報を第三者に送信してしまうケースも 少なくない。 [0003] With regard to information leakage due to internal corporate strength, leakage is often caused by the use of e-mail. E-mail is the most convenient means for the internal power of companies to bring information to the outside. In addition to the case where an e-mail is intentionally attached with important information attached, the important information is neglected due to mistaken address designation. Is often sent to a third party.
[0004] このように、故意や過失によって生じる電子メールの誤発信を防止するための手段 として、送信する電子メールにつ 、て送信者が承認の要否にっ 、ての属性や承認者 を設定し、承認者による承認をトリガとして電子メールの送信を実行する発明が開示 されている(例えば、特許文献 1、特許文献 2参照。 )0しかしながら、これらの発明に ぉ 、ては、送信者が承認の要否にっ 、ての設定を行わなければならな 、とともに、 予め設定されたセキュリティポリシーに基づいて電子メールのフィルタリングを行うシ ステムと併用する場合に、承認者の承認を受けた電子メールであっても、セキュリティ ポリシーに違反した場合には送信できな 、と 、う問題点が生じて 、た。 [0004] As described above, as a means for preventing an erroneous transmission of an e-mail intentionally or negligently, an attribute or an approver of an e-mail to be transmitted is determined according to whether the sender needs to approve or not. set, the invention executes the transmission of e-mail is disclosed approval by an approver triggers (e.g., Patent Document 1, Patent Document 2.) 0 However, per cent Te, these inventions, the sender Must make the necessary settings for approval, When used in conjunction with a system that filters email based on a pre-set security policy, even email that has been approved by an approver cannot be sent if it violates the security policy There was a problem.
[0005] 上記の問題点に対して、電子メール本文力 生成したハッシュ値による認証によつ て、セキュリティポリシーに違反する場合であっても承認者の承認を受けた電子メー ルについては送信することが可能な、データ送信システムに関する発明が開示され ている(例えば、特許文献 3参照。 )0 [0005] In response to the above problems, e-mail body force is sent by authenticating with the approver's approval even if it violates the security policy by authenticating with the generated hash value. capable discloses an invention relates to a data transmission system (e.g., see Patent Document 3.) 0
[0006] 特許文献 1:特開平 6— 205043号公報  [0006] Patent Document 1: Japanese Patent Laid-Open No. 6-205043
特許文献 2:特開 2002— 63117号公報  Patent Document 2: JP 2002-63117 A
特許文献 3 :特開 2002— 217980号公報  Patent Document 3: Japanese Patent Laid-Open No. 2002-217980
発明の開示  Disclosure of the invention
発明が解決しょうとする課題  Problems to be solved by the invention
[0007] 前記特許文献 1乃至 3に開示された発明を利用することによって、前述の故意や過 失によって生じる電子メールの誤発信を防止し、情報漏洩対策を施すことが可能に なる。その一方で、重要情報を電子メールで送信する場合には第三者が不正に電子 メールを取得して重要情報が漏洩することを防止しなければならな 、と 、う課題があ り、力かる課題への対策として、 PKI等による暗号ィ匕を用いた電子メールの送信方法 の普及が進んでいる。力かる暗号ィ匕を用いた送信方法においては、電子メールを送 信する送信者の端末装置で動作するメーラーによって送信ファイルの暗号化が行わ れることが通常である。 [0007] By using the inventions disclosed in Patent Documents 1 to 3, it is possible to prevent erroneous transmission of an electronic mail caused by the above-described intentional or negligence and to take measures against information leakage. On the other hand, when sending important information by e-mail, there is a problem that a third party must acquire e-mail illegally to prevent leakage of important information. As a countermeasure to this problem, the transmission method of e-mail using encryption key such as PKI is spreading. In a transmission method using a powerful encryption key, the transmission file is usually encrypted by a mailer operating on the terminal device of the sender who sends the e-mail.
[0008] 前記特許文献 1乃至 3に開示された発明では、いずれの発明においても送信者の 操作する端末装置力 電子メールが発信され、社内ネットワーク内に設置されたサー バ等にぉ ヽて承認者による承認等の確認を行って、社外ネットワークへの発信を制 御するよう構成されている。し力しながら、前述のような PKI等による暗号ィ匕を用いた 電子メールシステムを併用すると、送信端末にお!ヽて暗号ィ匕が行われた電子メール をサーバにおいて制御することになるため、承認権限者による確認やハッシュ値を用 V、た認証プロセスにお 、て、データの暗号ィ匕ゃ復号ィ匕を繰返さなければならな!/、と いう問題が生じてしまう。 [0009] また、送信者が企業において使用しているメールサーバを用いた POPメール等に よらずに電子メールを送信する場合、例えば Webメール等で独自に開設したァカウ ントから電子メールを送信するケース等に対処するためには、通常使用するメーラー やメールサーバ以外の系統についても、何らかの対応策を施すことが必要になる。 [0008] In the inventions disclosed in Patent Documents 1 to 3, in any invention, the terminal device power operated by the sender is sent and approved by a server or the like installed in the in-house network. It is configured to control the transmission to the external network by confirming the approval etc. by the user. However, if the e-mail system using the encryption key such as PKI mentioned above is used together, the e-mail that has been encrypted at the sending terminal will be controlled by the server. In the authentication process using the confirmation by the authorization authority and the hash value, there is a problem that the encryption / decryption of data must be repeated! /. [0009] In addition, when an e-mail is sent without a POP mail using a mail server used in a company by the sender, for example, an e-mail is sent from an account originally established by a web mail or the like. To deal with cases, it is necessary to take some countermeasures for systems other than the mailers and mail servers that are normally used.
[0010] 上記のようなケースを含めて、前記特許文献 1乃至 3に開示された発明は、専用の メーラーやネットワークの監視サーバを必要とするものであるため、企業がこれらの技 術を導入する際には、専用のネットワークシステムの構築や、汎用のメーラーゃメー ルサーバのカスタマイズが必要になるなど、導入や維持管理には相応のコストを要す るものと考えられる。  [0010] Including the cases as described above, the inventions disclosed in Patent Documents 1 to 3 require a dedicated mailer or network monitoring server, so companies have introduced these technologies. In doing so, it will be necessary to construct a dedicated network system and to customize a general-purpose mailer or mail server, and so installation and maintenance costs will be appropriate.
[0011] 本発明は、このような課題に対応するためになされたものであり、重要情報を含む など所定の条件に該当する電子メールについて、承認権限者による承認を受けた電 子メールのみを送信可能とすることによって情報漏洩を防止するための電子メール 送信方法等であって、特に PKI等による暗号ィ匕を用いた電子メールシステムで送信 される電子メールや、 Webメール等の企業において使用しているメールサーバを用 いずに送信される電子メールへの対応が可能であり、かつ汎用のメーラーやメール サーバを用いて容易に導入することが可能な電子メール送信方法等を提供すること を目的とするものである。  [0011] The present invention has been made in order to cope with such a problem. For an e-mail that satisfies a predetermined condition such as including important information, only an e-mail that has been approved by an approval authority is received. E-mail transmission method to prevent information leakage by enabling transmission, especially in companies such as e-mails sent by e-mail systems using encryption keys such as PKI, and Web mail To provide an e-mail transmission method that can handle e-mails sent without using a mail server that can be used, and can be easily introduced using a general-purpose mailer or mail server It is intended.
課題を解決するための手段  Means for solving the problem
[0012] このような課題を解決する本発明は、所定の条件に該当する電子メールについて 承認権限者による承認を受けた電子メールのみの送信を可能にするための電子メー ルの送信方法であって、電子メールの送信者が操作する第 1のコンピュータが、送信 指示を受け付けた電子メールが承認権限者による承認を要する電子メールであるか を判定するステップと、前記第 1のコンピュータが、送信指示を受け付けた電子メール が承認権限者による承認を受けた電子メールであるかを判定するステップと、前記第 1のコンピュータが、承認権限者による承認を要すると判定され、かつ承認権限者に よる承認を受けて 、な 、と判定された電子メールを、前記承認権限者が操作する第 2 のコンピュータに、前記電子メールの内容を含む承認要求メールとして送信するステ ップと、前記第 2のコンピュータ力 前記承認要求メールを受信して、前記承認権限 者による前記電子メールの内容の確認結果を受け付けるステップと、前記第 2のコン ピュータが、前記確認結果が前記電子メールの送信を承認するものである場合には 、前記電子メールの内容の少なくとも一部のダイジェストから前記承認権限者による 承認を受けたことを示すパスワードを生成するステップと、前記第 2のコンピュータが 、前記パスワードを含む送信承認メールを前記第 1のコンピュータに送信するステツ プと、を有していて、前記第 1のコンピュータは、送信指示を受け付けた電子メールが 承認権限者による承認を受けた電子メールであるかを判定するステップにおいては、 前記電子メールに前記パスワードが含まれて ヽて、かつ前記パスワードが前記電子 メールの内容の少なくとも一部のダイジェストから生成されるパスワードと一致する場 合に、前記電子メールが承認権限者による承認を受けた電子メールであると判定す ることを特徴とする電子メール送信方法である。また、前記第 1のコンピュータが、承 認権限者による承認を要しな ヽと判定された電子メール、又は承認権限者による承 認を要すると判定されたが承認権限者による承認を受けていると判定された電子メー ルを、前記電子メールに指定された宛先に送信するステップを有することを特徴とす ることちでさる。 [0012] The present invention that solves such a problem is a method for transmitting an e-mail that enables transmission of only an e-mail that has been approved by an approval authority for an e-mail that satisfies a predetermined condition. The first computer operated by the e-mail sender determines whether the e-mail for which the transmission instruction has been accepted is an e-mail that requires approval by the approval authority, and the first computer sends A step of determining whether the e-mail that has received the instruction is an e-mail that has been approved by an approval authority, and the first computer is determined to require approval by the approval authority, and the approval authority The approval request mail including the contents of the e-mail is sent to the second computer operated by the approval authority, after the e-mail has been approved. And stearyl-up to send as, for receiving the second computer force the approval request e-mail, the approval authority Receiving a confirmation result of the content of the email by a person, and when the second computer approves the transmission of the email, the second computer receives at least one of the content of the email. A step of generating a password indicating that the approval by the approval authority is received from a digest of the department, and a step in which the second computer transmits a transmission approval mail including the password to the first computer; In the step of determining whether the first computer has received the transmission instruction, the first computer includes the password in the email. And the password is generated from a digest of at least part of the content of the email. In if you want to match the password, which is an electronic mail transmission method according to claim that you determined that the e-mail is an e-mail that was approved by the approval authority. In addition, the first computer is an e-mail that has been determined not to require approval by an authorized person, or has been approved by an authorized person but has been approved by an authorized person. And e-mail determined to be sent to a destination specified in the e-mail.
[0013] この発明にお 、ては、送信する電子メールの承認の要否の判定にっ 、て、電子メ ールをネットワークに送出した後にメールサーバ等で判定するのではなぐ電子メー ルを送信する送信者が操作するコンピュータにお 、て、メーラー等で送信指示を受 け付けた電子メールを取得して判定するよう構成することによって、汎用のメーラーや メールサーバを用いながら容易に導入することが可能な電子メール送信方法を実現 する。  [0013] According to the present invention, an e-mail that is not judged by a mail server or the like after sending the e-mail to the network is determined by determining whether or not to approve the e-mail to be sent. Easily install using a general-purpose mailer or mail server by configuring the computer operated by the sender to acquire and determine the e-mail that has been accepted by the mailer. An e-mail transmission method that can be used.
[0014] 承認権限者に転送された電子メールは、承認された場合には電子メールの本文等 カゝら作成されたパスワードが付与されて、承認後の再送信時には承認者から付与さ れたパスワードと送信する電子メールの本文等力 作成されたパスワードが一致する 場合にのみ、指定した宛先に電子メールを送信することができる。従って、承認が必 要な電子メールについては、承認権限者による承認を受け、かつ承認権限者が確認 したものと同一の内容の電子メールでないと送信できないことが保証される。尚、ここ で用いられるパスワードは、電子メールの内容の少なくとも一部のダイジェストから生 成されるものであることが必要である力 ダイジェストの対象となる電子メールの内容 は電子メール本文の他に、添付ファイル、電子メールの宛先、送信者やタイトルなど のメールヘッダ等に含まれるその他の情報を含むものであってもよい。 [0014] The e-mail transferred to the approval authority is given the password created by the e-mail body, etc. if approved, and given by the approver when re-sending after approval. E-mail can be sent to the specified destination only when the password and the text of the e-mail to be sent match. Therefore, it is guaranteed that an e-mail that needs to be approved can be sent only by an e-mail that has been approved by the approval authority and has the same contents as that confirmed by the approval authority. Note that the password used here is derived from at least part of the digest of the email content. The power of the e-mail subject to the digest is included in the e-mail body, attachments, e-mail recipients, and other mail headers such as sender and title May be included.
[0015] 前記第 1のコンピュータは、電子メール送受信プログラムの送信トレイに新たな電子 メールが検出されたこと、又は Webブラウザにお 、て電子メールの送信処理が実行 されたことによって電子メールの送信指示を検出し、前記電子メールが承認権限者 による承認を要する電子メールであるかを判定するステップ、又は前記電子メールが 承認権限者による承認を受けた電子メールであるかを判定するステップを実行するこ とを特徴とすることちでさる。  [0015] The first computer transmits an e-mail when a new e-mail is detected in the transmission tray of the e-mail transmission / reception program or when an e-mail transmission process is executed in the Web browser. Detecting instructions and determining whether the e-mail is an e-mail that requires approval by an approval authority or determining whether the e-mail is an e-mail approved by an approval authority This is characterized by the fact that
[0016] この方法によると、電子メールを送信する送信者が操作するコンピュータにおいて、 承認が必要な電子メールについては、通常の送信方法によってメールサーバに送信 される前の状態を監視して承認権限者が操作するコンピュータに転送することによつ て、 PKI等による暗号ィ匕を用いた電子メールシステムにおいても暗号ィ匕の前段階で 承認操作を進めることが可能になる。  [0016] According to this method, in a computer operated by a sender who sends an e-mail, for an e-mail that needs to be approved, the state before being sent to the mail server by a normal sending method is monitored and the authorization authority is given. By transferring it to the computer operated by the user, it becomes possible to proceed with the approval operation even before the encryption key even in the e-mail system using the encryption key such as PKI.
[0017] また、企業で通常電子メールの送受信に用いているメールサーバ等において承認 の可否を判定するのではなく、電子メールを送信する送信者が操作するコンピュータ にお 、て Webブラウザを用いて送信される電子メールも承認の可否を判定する対象 とすることにより、通常使用しているメーラーやメールサーバを用いる POPメール等以 外によつて発信される情報についても監視することが可能になる。  [0017] Further, instead of determining whether or not the approval is permitted in a mail server or the like normally used for transmission / reception of e-mail in a company, a Web browser is used on a computer operated by a sender who transmits e-mail. By setting the sent e-mail to be subject to approval / rejection, it is possible to monitor information sent by other than the mailer or POP mail that uses the mail server. .
[0018] また、本発明は、本発明にかかる電子メール送信方法を実施するために必要な、 電子メールの送信者が操作するコンピュータに格納される電子メール送信プログラム [0018] Further, the present invention provides an e-mail transmission program stored in a computer operated by an e-mail sender, which is necessary for carrying out the e-mail transmission method according to the present invention.
、又は電子メールの承認権限者が操作するコンピュータに格納される電子メール承 認プログラムとして把握することもできる。 Alternatively, it can be understood as an e-mail approval program stored in a computer operated by an e-mail approval authority.
[0019] つまり、本発明に力かる電子メール送信プログラムは、所定の条件に該当する電子 メールについて承認権限者による承認を受けた電子メールのみの送信を可能にする ための電子メールの送信者が操作する第 1のコンピュータに格納される電子メールの 送信プログラムであって、前記第 1のコンピュータに、送信指示を受け付けた電子メ ールが承認権限者による承認を要する電子メールであるかを判定するステップと、送 信指示を受け付けた電子メールが承認権限者による承認を受けた電子メールである かを判定するステップと、承認権限者による承認を要すると判定され、かつ承認権限 者による承認を受けて 、な 、と判定された電子メールにつ 、て、前記承認権限者が 操作する第 2のコンピュータに前記電子メールの内容を含む承認要求メールを送信 するステップと、を実行させ、送信指示を受け付けた電子メールが承認権限者による 承認を受けた電子メールであるかを判定するステップにお 、ては、前記電子メール に前記承認権限者による承認を受けたことを示す前記第 2のコンピュータにおいて前 記電子メールの内容の少なくとも一部のダイジェストから生成されたパスワードが含ま れていて、かつ前記パスワードが前記電子メールの内容の少なくとも一部のダイジヱ ストから生成されるパスワードと一致する場合には前記電子メールが承認権限者によ る承認を受けた電子メールであると判定することを特徴とする電子メール送信プログ ラムである。前記第 1のコンピュータに、承認権限者による承認を要しないと判定され た電子メール、又は承認権限者による承認を要すると判定されたが承認権限者によ る承認を受けて 、ると判定された電子メールを、前記電子メールに指定された宛先に 送信するステップを実行させることを特徴とすることもできる。前記第 1のコンピュータ に、電子メール送受信プログラムの送信トレイに新たな電子メールが検出されたこと、 又は Webブラウザにおいて電子メールの送信処理が実行されたことによって電子メ ールの送信指示を検出し、前記電子メールが承認権限者による承認を要する電子メ ールであるかを判定するステップ、又は前記電子メールが承認権限者による承認を 受けた電子メールであるかを判定するステップを実行させることを特徴としてもよい。 本発明に力かる電子メール承認プログラムは、所定の条件に該当する電子メール について承認権限者による承認を受けた電子メールのみの送信を可能にするため の電子メールの承認権限者が操作する第 2のコンピュータに格納される電子メール の承認プログラムであって、前記第 2のコンピュータに、電子メールの送信者が操作 する第 1のコンピュータより、前記第 1のコンピュータで承認権限者による承認を要す ると判定された電子メールの内容を含む承認要求メールを受信するステップと、前記 承認権限者による前記電子メールの内容の確認結果を受け付けるステップと、前記 確認結果が前記電子メールの送信を承認するものである場合には、前記電子メール の内容の少なくとも一部のダイジェストから前記承認権限者による承認を受けたことを 示すパスワードを生成するステップと、前記電子メールの送信承認を通知するための 前記パスワードを含む送信承認メールを前記第 1のコンピュータに送信するステップ と、を実行させ、前記送信承認メールを受信した前記第 1のコンピュータは、前記承 認権限者の承認を要する電子メールの送信指示を受け付けると、前記電子メールに 前記パスワードが含まれていて、かつ前記パスワードが前記電子メールの内容の少 なくとも一部のダイジェストから生成されるノ スワードと一致する場合には前記電子メ ールが承認権限者による承認を受けた電子メールであると判定し、前記電子メール に指定された宛先に前記電子メールを送信することを特徴とする電子メール承認プ ログラムである。 In other words, the e-mail transmission program according to the present invention provides an e-mail sender for enabling transmission of only e-mail that has been approved by an approval authority for e-mail that satisfies a predetermined condition. An e-mail transmission program stored in the first computer to be operated, wherein the first computer determines whether the e-mail that has received a transmission instruction is an e-mail that requires approval by an approval authority Step and send A step of determining whether the email that received the communication instruction is an email that has been approved by the approval authority, it is determined that approval by the approval authority is required, and approval by the approval authority is received. And sending an approval request mail including the contents of the e-mail to a second computer operated by the approval authority. In the step of determining whether the e-mail is approved by the approval authority, the e-mail is sent to the second computer indicating that the e-mail has been approved by the approval authority. Contains a password generated from a digest of at least part of the content of the email, and the password is less of the content of the email In both cases, the e-mail transmission program determines that the e-mail is an e-mail that has been approved by an approval authority if it matches a password generated from a part of the digest. . The first computer is determined not to require approval by the approval authority, or it is determined that approval by the approval authority is required but is approved by the approval authority. The step of transmitting the e-mail to the destination specified in the e-mail may be executed. The first computer detects an e-mail transmission instruction when a new e-mail is detected in the transmission tray of the e-mail transmission / reception program or when an e-mail transmission process is executed in the Web browser. Determining whether the e-mail is an e-mail that requires approval by an approval authority, or determining whether the e-mail is an e-mail that has been approved by an approval authority. May be a feature. The e-mail approval program according to the present invention is operated by the e-mail approval authority to enable transmission of only e-mails that have been approved by the approval authority for e-mails satisfying predetermined conditions. An e-mail approval program stored on the computer of the first computer, and the second computer requires approval by the approval authority from the first computer operated by the e-mail sender. Receiving an approval request mail including the content of the email determined to be, a step of receiving a confirmation result of the content of the email by the approval authority, and the confirmation result approves the transmission of the email If it is, the email Generating a password indicating that approval by the approval authority has been obtained from at least a part of the digest of the content of the content, and sending a transmission approval mail including the password for notifying the transmission approval of the email. When the first computer that has received the transmission approval mail receives an instruction to send an e-mail that requires approval by the authorized person, the password is added to the e-mail. And if the password matches a password generated from at least some of the content of the email, the email is approved by the authorizing authority. It is determined that the e-mail is mail, and the e-mail is transmitted to the destination specified in the e-mail. E-mail approval program.
[0021] さらに、本発明は、本発明にかかる電子メール送信方法を実施するために必要な、 電子メールの送信者が操作する電子メール送信装置、電子メールの承認権限者が 操作する電子メール承認装置、又は電子メールの送信者が操作する第 1のコンビュ ータと電子メールの承認権限者が操作する第 2のコンピュータ力 なる電子メール送 信システムとして把握することもできる。  [0021] Further, the present invention provides an e-mail transmission device operated by an e-mail sender and e-mail approval operated by an e-mail approval authority necessary for implementing the e-mail transmission method according to the present invention. It can also be understood as a first computer operated by the device or the e-mail sender and a second computer-powered e-mail transmission system operated by the e-mail approval authority.
[0022] つまり、本発明にかかる電子メール送信装置は、所定の条件に該当する電子メー ルについて承認権限者による承認を受けた電子メールのみの送信を可能にするた めの電子メール送信装置であって、送信指示を受け付けた電子メールが承認権限 者による承認を要する電子メールであるかを判定する第 1の判定手段と、送信指示を 受け付けた電子メールが承認権限者による承認を受けた電子メールであるかを判定 する第 2の判定手段と、前記第 1の判定手段によって承認権限者による承認を要す ると判定され、かつ前記第 2の判定手段によって承認権限者による承認を受けていな V、と判定された電子メールにつ 、て、前記承認権限者が操作するコンピュータに前 記電子メールの内容を含む承認要求メールを送信する送信手段と、を備えて!/ヽて、 前記第 2の判定手段にお 、ては、前記電子メールに前記承認権限者による承認を 受けたことを示す前記コンピュータにおいて前記電子メールの内容の少なくとも一部 のダイジェストから生成されたパスワードが含まれて 、て、かつ前記パスワードが前記 電子メールの内容の少なくとも一部のダイジェストから生成されるパスワードと一致す る場合には、前記電子メールが承認権限者による承認を受けた電子メールであると 判定することを特徴とする電子メール送信装置である。承認権限者による承認を要し な 、と判定された電子メール、又は承認権限者による承認を要すると判定されたが承 認権限者による承認を受けて ヽると判定された電子メールを、前記電子メールに指 定された宛先に送信する第 2の送信手段を備えることを特徴とすることもできる。前記 第 1の判定手段、又は前記第 2の判定手段において受け付ける電子メールの送信指 示は、電子メール送受信プログラムの送信トレイに新たな電子メールが検出されたこ と、又は Webブラウザにおいて電子メールの送信処理が実行されたことによって電子 メールの送信指示を検出することを特徴としてもよい。 That is, the e-mail transmission apparatus according to the present invention is an e-mail transmission apparatus for enabling transmission of only an e-mail that has been approved by an approval authority for an e-mail that satisfies a predetermined condition. The first determination means for determining whether the e-mail that has received the transmission instruction is an e-mail that requires approval by the approval authority, and the e-mail that has received the transmission instruction has been approved by the approval authority. The second determination means for determining whether it is an email and the first determination means determine that approval by an approval authority is required, and the second determination means has received approval by the approval authority. And sending means for sending an approval request mail including the contents of the e-mail to a computer operated by the approval authority. ! / The second determination means is generated from a digest of at least part of the contents of the e-mail in the computer indicating that the e-mail has been approved by the approval authority. And the password matches a password generated from a digest of at least part of the email content. The electronic mail transmitting apparatus determines that the electronic mail has been approved by an approval authority. An e-mail that is determined not to require approval by an approval authority or an e-mail that is determined to require approval by an approval authority but is approved by the approval authority A second transmission means for transmitting to the destination specified in the e-mail may be provided. The e-mail transmission instruction accepted by the first determination means or the second determination means is that a new e-mail is detected in the transmission tray of the e-mail transmission / reception program or the e-mail transmission is performed in the web browser. An electronic mail transmission instruction may be detected when the process is executed.
[0023] 本発明に力かる電子メール承認装置は、所定の条件に該当する電子メールについ て承認権限者による承認を受けた電子メールのみの送信を可能にするための電子メ ール承認装置であって、電子メールの送信者が操作するコンピュータより、前記コン ピュータで承認権限者による承認を要すると判定された電子メールの内容を含む承 認要求メールを受信する受信手段と、前記承認権限者による前記電子メールの内容 の確認結果を受け付ける受付手段と、前記確認結果が前記電子メールの送信を承 認するものである場合には、前記電子メールの内容の少なくとも一部のダイジェストか ら前記承認権限者による承認を受けたことを示すパスワードを生成する生成手段と、 前記電子メールの送信承認を通知するための前記ノ スワードを含む送信承認メール を前記コンピュータに送信する送信手段と、を備えていて、前記送信承認メールを受 信した前記コンピュータは、前記承認権限者の承認を要する電子メールの送信指示 を受け付けると、前記電子メールに前記パスワードが含まれていて、かつ前記パスヮ ードが前記電子メールの内容の少なくとも一部のダイジェストから生成されるパスヮー ドと一致する場合には前記電子メールが承認権限者による承認を受けた電子メール であると判定し、前記電子メールに指定された宛先に前記電子メールを送信すること を特徴とする電子メール承認装置である。  [0023] An e-mail approval device according to the present invention is an e-mail approval device for enabling transmission of only an e-mail that has been approved by an approval authority for an e-mail corresponding to a predetermined condition. Receiving means for receiving an approval request mail including the contents of the e-mail that is determined to require approval by the approval authority from the computer operated by the sender of the e-mail; and the approval authority Receiving means for receiving the confirmation result of the content of the e-mail, and if the confirmation result is to approve transmission of the e-mail, the approval is obtained from at least a part of the digest of the e-mail content. Generating means for generating a password indicating approval by an authorized person, and the password for notifying the approval of transmission of the e-mail A transmission means for transmitting a transmission approval mail to the computer, and the computer that has received the transmission approval mail receives the e-mail transmission instruction that requires approval by the approval authority, and then receives the e-mail. If the password contains the password and the password matches a password generated from a digest of at least a portion of the content of the email, the email has been approved by an authorized person An e-mail approving apparatus characterized in that it is determined to be an e-mail, and the e-mail is transmitted to a destination specified in the e-mail.
[0024] 本発明に力かる電子メール送信システムは、所定の条件に該当する電子メールに ついて承認権限者による承認を受けた電子メールのみの送信を可能にするための、 電子メールの送信者が操作する第 1のコンピュータと前記電子メールの承認権限者 が操作する第 2のコンピュータ力 なる電子メール送信システムであって、前記第 1の コンピュータは、送信指示を受け付けた電子メールが承認権限者による承認を要す る電子メールであるかを判定する第 1の判定手段と、送信指示を受け付けた電子メー ルが承認権限者による承認を受けた電子メールであるかを判定する第 2の判定手段 と、前記第 1の判定手段によって承認権限者による承認を要すると判定され、かつ前 記第 2の判定手段によって承認権限者による承認を受けていないと判定された電子 メールについて、前記承認権限者が操作する第 2のコンピュータに前記電子メール の内容を含む承認要求メールを送信する送信手段と、を備えていて、前記第 2のコン ピュータは、前記承認要求メールを受信する受信手段と、前記承認権限者による前 記電子メールの内容の確認結果を受け付ける受付手段と、前記確認結果が前記電 子メールの送信を承認するものである場合には、前記電子メールの内容の少なくとも 一部のダイジェストから前記承認権限者による承認を受けたことを示すパスワードを 生成する生成手段と、前記パスワードを含む送信承認メールを前記第 1のコンビユー タに送信する送信手段と、を備えていて、前記第 1のコンピュータに備えられた第 2の 判定手段は、前記電子メールに前記パスワードが含まれていて、かつ前記パスヮー ドが前記電子メールの内容の少なくとも一部のダイジェストから生成されるパスワード と一致する場合には前記電子メールが承認権限者による承認を受けた電子メールで あると判定することを特徴とする電子メール送信システムである。前記第 1のコンビュ ータは、承認権限者による承認を要しないと判定された電子メール、又は承認権限 者による承認を要すると判定されたが承認権限者による承認を受けていると判定され た電子メールを、前記電子メールに指定された宛先に送信する第 2の送信手段を備 えることを特徴とすることもできる。前記第 1のコンピュータに備えられた前記第 1の判 定手段、又は前記第 2の判定手段において受け付ける電子メールの送信指示は、電 子メール送受信プログラムの送信トレイに新たな電子メールが検出されたこと、又は Webブラウザにおいて電子メールの送信処理が実行されたことによって電子メール の送信指示を検出することを特徴としてもよい。 [0024] An e-mail transmission system according to the present invention provides an e-mail sender for enabling transmission of only e-mails that have been approved by an approval authority for e-mails satisfying predetermined conditions. First computer to operate and authorized person to approve the e-mail A second computer-powered e-mail transmission system operated by the first computer, wherein the first computer determines whether an e-mail that has received a transmission instruction is an e-mail that requires approval by an approval authority. The first judging means, the second judging means for judging whether the e-mail that has received the transmission instruction is an e-mail approved by the authorizing authority, and the approval by the authorizing authority by the first judging means. For the e-mail that is determined to be required by the approval authority and is determined not to be approved by the approval authority, the contents of the e-mail are transferred to the second computer operated by the approval authority. A transmission means for transmitting an approval request mail including the receiving means, the second computer receiving the approval request mail, and the approval authority. Accepting means for receiving the confirmation result of the content of the e-mail, and if the confirmation result approves the transmission of the e-mail, the approval is received from at least a part of the digest of the e-mail content. A generating means for generating a password indicating approval by an authorized person; and a transmitting means for transmitting a transmission approval mail including the password to the first computer. The second determination means provided includes the password when the email includes the password, and the password matches a password generated from a digest of at least a part of the content of the email. An e-mail transmission system characterized by determining that the e-mail is an e-mail that has been approved by an approval authority. It is. The first computer is determined to be approved by the approval authority although it has been determined that the approval is not required by the approval authority, or the approval authority is required. A second transmission means for transmitting the electronic mail to the destination specified in the electronic mail may be provided. The e-mail transmission instruction accepted by the first determination means or the second determination means provided in the first computer is that a new e-mail is detected in the e-mail transmission / reception program transmission tray. In addition, an e-mail transmission instruction may be detected when an e-mail transmission process is executed in a Web browser.
発明の効果 The invention's effect
本発明は、重要情報を含むなど所定の条件に該当する電子メールについて、承認 権限者による承認を受けた電子メールのみを送信可能とすることによって、情報漏洩 の防止に寄与することができる。 The present invention approves emails that meet certain conditions, including important information. By making it possible to send only e-mails approved by the authorized person, it is possible to contribute to prevention of information leakage.
[0026] 特に PKI等による暗号ィ匕を用いた電子メールシステムで送信される電子メールや、 Webメール等の企業にお!、て使用して 、る POPメール等のメールサーバを用いず に送信される電子メールへの対応が可能であるため、幅広 、範囲の電子メールを承 認の対象にすることができる。また、汎用のメーラーやメールサーバを用いた電子メ ールシステムに対して、送信者の端末に承認用のプログラムをインストールするのみ で容易に導入することができるため、導入に必要なコストを抑制することもできる。 発明を実施するための最良の形態  [0026] In particular, e-mails sent by e-mail systems using encryption keys such as PKI and Web mails are used without sending mail servers such as POP mails. Since it is possible to respond to e-mails that are received, a wide range of e-mails can be approved. In addition, it is possible to easily install an e-mail system using a general-purpose mailer or mail server simply by installing an approval program on the sender's terminal, thus reducing the cost required for the installation. You can also. BEST MODE FOR CARRYING OUT THE INVENTION
[0027] 本発明を実施するための最良の形態について、図面を用いて以下に詳細に説明 する。尚、以下の説明では、社内ネットワークに接続された送信者端末、確認者端末 、メールサーバを用いた実施例について説明するが、以下の説明は本発明の実施 形態の一例であって、本発明は力かる実施形態に限定されるものではない。  [0027] The best mode for carrying out the present invention will be described below in detail with reference to the drawings. In the following description, an example using a sender terminal, a confirmer terminal, and a mail server connected to an in-house network will be described. However, the following description is an example of an embodiment of the present invention. Is not limited to a powerful embodiment.
[0028] 図 1は、本発明にカゝかる電子メール送信システムの構成を示すブロック図である。  FIG. 1 is a block diagram showing a configuration of an e-mail transmission system according to the present invention.
図 2—図 8は、本発明にかかる電子メール送信方法の処理手順を示す第 1一第 7の 図である。図 9、図 10は、本発明において、送信者の操作するコンピュータに格納さ れる電子メール送信プログラムのそれぞれ第 1、第 2の処理フローを示すフローチヤ ートである。図 11は、本発明において、承認権限者の操作するコンピュータに格納さ れる電子メール承認プログラムの処理フローを示すフローチャートである。  FIGS. 2 to 8 are first to seventh diagrams showing the processing procedure of the e-mail transmission method according to the present invention. FIG. 9 and FIG. 10 are flowcharts showing the first and second processing flows of the e-mail transmission program stored in the computer operated by the sender in the present invention, respectively. FIG. 11 is a flowchart showing a processing flow of the e-mail approval program stored in the computer operated by the approval authority in the present invention.
[0029] 図 1にお 、て、本発明に力かる電子メール送信システムは、電子メールの送信者が 操作する送信者端末 10と電子メールの承認権限者が操作する承認者端末 20より構 成されて!/、る。承認権限者による承認が必要な電子メールの送信制御を行うために 、送信者端末 10にはメーラー 141の他にメール制御プログラム 143及び判定ルール テーブル 144力 承認者端末 20にはメーラー 241の他にメール承認プログラム 242 がそれぞれインストールされて 、る。  In FIG. 1, an e-mail transmission system that is effective in the present invention comprises a sender terminal 10 operated by an e-mail sender and an approver terminal 20 operated by an e-mail approval authority. Being! / In addition to the mailer 141, the sender terminal 10 has a mail control program 143 and a judgment rule table 144 in addition to the mailer 241. Each email approval program 242 is installed.
[0030] 送信者端末 10は、 CPU11、 RAM 12, ROM13を備えており、 HDD14に格納さ れたアプリケーションプログラムによって所定の処理を実行するためには、 ROM13 に記憶された入力制御や出力制御などのハードウ ア制御のための基本的な各種 プログラムを起動し、 RAM12をアプリケーションプログラムのワークエリアとして機能 させながら、 CPU 11が演算処理を行う。承認端末 20も同様に、 HDD24に格納され たアプリケーションプログラムによって所定の処理を実行するためには、 ROM23に 記憶された入力制御や出力制御などのハードウ ア制御のための基本的な各種プロ グラムを起動し、 RAM22をアプリケーションプログラムのワークエリアとして機能させ ながら、 CPU21が演算処理を行う。 [0030] The sender terminal 10 includes a CPU 11, a RAM 12, and a ROM 13, and in order to execute predetermined processing by an application program stored in the HDD 14, input control, output control, etc. stored in the ROM 13 are performed. Basics for hardware control The CPU 11 performs arithmetic processing while starting the program and causing the RAM 12 to function as a work area for the application program. Similarly, in order for the approval terminal 20 to execute a predetermined process by the application program stored in the HDD 24, various basic programs for hardware control such as input control and output control stored in the ROM 23 are stored. The CPU 21 performs arithmetic processing while starting up and making the RAM 22 function as a work area for application programs.
[0031] 電子メールの送信者が送信者端末 10から電子メールを送信する場合には、 HDD 14からメーラー 141を読み出して起動し、送信する電子メールを作成する。メーラー 141が起動されて電子メールが送信可能な状態においては、 HDD14からメール制 御プログラム 143が読み出され、メーラー 141からの電子メールの送信を監視してい る。メール制御プログラム 143の起動は、メーラー 141が動作している間に常時監視 を行うこととしてもよ 、し、送信者端末 10が動作して 、る間はメーラー 141の起動に 関わらず常時監視を行うこととしてもょ 、。  [0031] When an e-mail sender transmits an e-mail from the sender terminal 10, the mailer 141 is read from the HDD 14 and activated to create an e-mail to be transmitted. In a state where the mailer 141 is activated and an e-mail can be sent, the mail control program 143 is read from the HDD 14 and the transmission of the e-mail from the mailer 141 is monitored. The mail control program 143 may be activated at all times while the mailer 141 is operating, or may be constantly monitored regardless of whether the mailer 141 is activated while the sender terminal 10 is operating. As well as to do.
[0032] メール制御プログラム 143が実行するメーラー 141からの電子メール送信の監視は 、メーラー 141において作成された電子メールの送信指示を受け付けること、具体的 にはメーラー 141の送信トレイに置かれることを監視しており、メール制御プログラム 1 43は送信トレイに置かれた送信用メールのファイルについて、承認権限者による承 認の要否の判定を実行する。送信トレイにおいてメールサーバ 30に送信される前の 状況を監視するため、電子メール本文や添付ファイルは、 PKI等によって暗号ィ匕され る前の状態のファイルを判定に用いることができる。  [0032] The monitoring of the email transmission from the mailer 141 executed by the mail control program 143 is to accept the transmission instruction of the email created by the mailer 141, specifically, to be placed in the transmission tray of the mailer 141. The mail control program 144 determines whether the approval authority needs to approve the mail file for transmission placed in the transmission tray. In order to monitor the situation before being sent to the mail server 30 in the sending tray, the e-mail body and the attached file can be used for the determination of the file before being encrypted by PKI or the like.
[0033] 送信者端末 10からの電子メールの送信は、メーラー 141を用いた POPメールによ らずに、 HDD14力もブラウザ 142を読み出して起動し、 Webメールの送信可能なサ イトにアクセスして電子メールが送信される場合もある。この場合、 HDD 14力も読み 出されたメール制御プログラム 143は、ブラウザ 142の動作をフックして、電子メール の送信を監視している。この場合も、メール制御プログラム 143は少なくともブラウザ 1 42が動作している間は常時監視を継続しており、ブラウザ 142の動作によって電子メ ールの送信を検出した場合には、送信用メールのファイルを取得して、承認権限者 による承認の要否の判定を実行する。 [0034] 送信トレィ等カも取得した送信用メールのファイルは、メール制御プログラム 143に よって承認権限者による承認の要否が判定される。承認の要否については、 HDD1 4の判定ルールテーブル 144に判定ルールが記憶されており、かかるルールに該当 するか否かによって判定が行われる。 [0033] E-mail transmission from the sender terminal 10 is not performed by POP mail using the mailer 141, but the HDD 14 is also activated by reading the browser 142 and accessing a site that can send Web mail. An e-mail may be sent. In this case, the mail control program 143 that has also read the HDD 14 power hooks the operation of the browser 142 and monitors the transmission of the e-mail. In this case as well, the mail control program 143 continues to monitor at least as long as the browser 144 is operating. If the browser 142 operates to detect the transmission of an email, the mail control program 143 Acquire the file and execute the judgment of approval necessity by the approval authority. The mail control program 143 determines whether or not the approval by the approval authority is necessary for the transmission mail file acquired by the transmission tray or the like. Whether or not approval is required is determined in the determination rule table 144 of the HDD 14, and the determination is made based on whether or not the rule is applicable.
[0035] 判定ルールの内容は特に限定されるものではなぐ送信用メールの本文力 キーヮ 一ド等を用いて判定することとしてもょ 、し、メールヘッダの送信先アドレス等力も指 定されたメールアドレスと対照させて判定することとしてもよ 、。これらのルールは単 独のルールによるのではなく、複数のルールを組み合わせて判定を行うこととしても よい。  [0035] The content of the judgment rule is not particularly limited. It is possible to make a judgment using the text strength key of the outgoing mail, etc., and the mail with the destination address strength of the mail header specified. It's also possible to judge against the address. These rules are not based on a single rule, but may be determined by combining multiple rules.
[0036] また、承認の要否を判定する判定ルールにつ!、ては、上記のように必ずしも予め登 録されたルールに基づくものではなぐ送信者の行動パターン力 特異挙動や不正 挙動を判定するために、送信者の過去の送信記録から生成されたプロファイル等を 用いて、通常とは異なるパターンの送信について承認を必要と判定することとしても よい。このようなプロファイルを用いた特異挙動等の判定方法を、上記のルールを組 み合わせて判定を行うこととしてもよ!、。  [0036] In addition, regarding the determination rule for determining the necessity of approval! As described above, it is not necessarily based on the rule registered in advance as described above. Therefore, it is possible to determine that approval is required for transmission of a pattern different from normal using a profile generated from the transmission record of the sender in the past. A method for determining singular behavior using such a profile may be determined by combining the above rules!
[0037] また、承認の要否の判定は、当該送信用メールが社内宛である力社外宛であるか によって異なるルールを適用することとしてもよい。例えば、社内宛は重要なメールの みを承認の対象とし、社外宛は全てのメールを承認の対象にする、といった運用が 考えられる。社内宛力社外宛かの判定は、使用するメーラーが異なる場合はメーラー の種別により判定可能であり、同一のメーラーを用いる場合には指定されたメールァ ドレスのドメイン名によって判定することとすればょ 、。  [0037] In addition, in determining whether approval is required, different rules may be applied depending on whether the transmission e-mail is addressed outside the company. For example, it is possible to use only important emails for approval within the company, and all emails for approval outside the company. Whether the mail address is internal or external can be determined by the type of mailer if the mailer used is different, and if the same mailer is used, it can be determined by the domain name of the specified mail address. ,.
[0038] 尚、図 1の例では判定ルールテーブル 144を送信者端末 10に設けることとしている 力 力かるテーブルの格納場所は送信者端末 10に限定されるものではない。例えば It should be noted that in the example of FIG. 1, the determination rule table 144 is provided in the sender terminal 10. The storage location of the powerful table is not limited to the sender terminal 10. For example
、ネットワークで接続された情報漏洩監視サーバなど他のコンピュータに格納して、ネ ットワーク内の端末の判定ルールをセキュリティポリシーに基づ!/、て集中的に管理す るよう構成することちでさる。 It can be stored in another computer such as an information leakage monitoring server connected via a network, and the judgment rules for terminals in the network can be centrally managed based on the security policy! .
[0039] 電子メール送信までの処理手順については、図 2—図 8を用いてさらに具体的に説 明する。電子メール送信の処理手順の概略は、図 2に示したとおりである。送信者 (A )が送信した電子メールについて承認の要否についての判定を行い、承認が必要と された場合には、送信の承認権限を有する承認者 (B)に承認依頼のメールが転送さ れる(1)。承認者が送信を承認すると、送信者 (A)にノ スワードを付した承認通知が 送信され (2)、送信者 (A)は当該パスワードを用いて受信者 (X)にメールを送信する (3)。承認が不要とされた場合には、直接受信者 (X)にメールが送信される(Γ)。 [0039] The processing procedure up to the e-mail transmission will be described more specifically with reference to FIGS. The outline of the e-mail transmission processing procedure is as shown in FIG. Sender (A The approval request email is forwarded to the approver (B) who has the authority to approve the transmission (1). . When the approver approves the transmission, the sender (A) sends an approval notification with a password (2), and the sender (A) sends an email to the recipient (X) using the password ( 3). If approval is not required, mail is sent directly to the recipient (X) (Γ).
[0040] 前述のように承認の要否についての判定が行われた結果、承認が不要とされた重 要度の低い社内メール等については、送信用メールのファイルは送信トレイに戻され て、通常のメールとして送信される。つまり、図 3の例に示したように、受信者 (X)を宛 先に指定した送信者 (Α)力もの電子メールが、受信者 (X)に対して送信される(Γ) 。図 1の構成では、送信した電子メールはメールサーバ 30よりゲートウェイ 40を通過 、インターネットを介して宛先のメールサーバに送信される。  [0040] As a result of the determination as to whether or not approval is required as described above, for in-house mail and the like that are not required to be approved, the mail file for sending is returned to the outbox, Sent as normal mail. In other words, as shown in the example of FIG. 3, an e-mail of a sender (Α) who specified the recipient (X) as a destination is transmitted to the recipient (X) (Γ). In the configuration of FIG. 1, the transmitted e-mail passes through the gateway 40 from the mail server 30 and is transmitted to the destination mail server via the Internet.
[0041] 一方、承認を要すると判定された電子メールについては、メール制御プログラム 14 3によって、承認権限者の宛先が送信先のアドレスに指定され、送信用メールのファ ィルに記述されたメール本文や添付ファイル、メールヘッダに記述された宛先やタイ トル等から本文が作成された承認依頼用メールが送信される。承認権限者の宛先の 指定については、例えば画面上にどの承認権限者に審査を求めるかを問い合わせ る画面をポップアップさせ、送信者の選択によって承認者を指定できるように、メール 制御プログラム 143にお 、て設定することとしてもよ!/、。  [0041] On the other hand, for an e-mail that is determined to require approval, the e-mail control program 143 designates the destination of the approval authority as the destination address, and the e-mail described in the e-mail file for transmission An approval request e-mail with the main text created is sent from the main text, attached file, destination and title described in the e-mail header. Regarding the designation of the approval authority's address, for example, a pop-up window that asks which approval authority should be examined on the screen pops up, and the mail control program 143 can specify the approver by selecting the sender. You can also set it! /
[0042] 尚、承認権限者の宛先は 1のアドレスに限られず、判定結果によって異なるアドレス を指定することとしてもよいし、 1の電子メールについて複数のアドレスを指定して、複 数の承認権限者が承認を行うこととしてもよい。宛先として指定されるアドレスは、 Act iveDirectoryから取得することも可能である力 前述の判定ルールと同様に、ネット ワークで接続された他のコンピュータ力も取得するよう構成してもよい。  [0042] The destination of the authorization authority is not limited to one address, and different addresses may be designated depending on the judgment result. Multiple authorization authorities may be designated by designating multiple addresses for one email. The person may give approval. The address specified as the destination can also be acquired from Active Directory. Similar to the above-described determination rule, it may be configured to acquire another computer connected via the network.
[0043] 図 4は、送信者 (A)が送信した電子メールにつ 、て承認が必要とされた場合に、送 信の承認権限を有する承認者 (B)に転送される承認依頼メールの例を示したもので あるが、受信者 (X)を宛先と指定した送信者 (A)力ゝらの送信用メールのファイルから 、送信者 (A)や宛先である受信者 (X)に関する情報、送信用メール本文及び添付フ アイルカゝら作成されたメール本文及び添付ファイルが、宛先を承認者 (B)と指定した 承認依頼メールとして送信される(1)。図 1の構成では、承認依頼メールは社内メー ル送信用の社内ネットワークのルートを介して、承認者端末 20に送信される。社内メ ールの送信は、インターネットを通じた社外メールと同様のメールサーバ 30を用いる こととしてちよい。 [0043] Figure 4 shows an example of an approval request email that is forwarded to an approver (B) who has authorization to send an email when approval is required for the email sent by the sender (A). For example, the sender (A) who specified the recipient (X) as the destination (A) From the file of the e-mail for sending, the sender (A) and the recipient (X) Information, mail text for sending, and attached mail body The mail text and attached file specified as the approver (B). Sent as an approval request email (1). In the configuration of FIG. 1, the approval request mail is transmitted to the approver terminal 20 via the route of the internal network for internal mail transmission. Internal mail can be transmitted using the same mail server 30 as external mail via the Internet.
[0044] 承認者端末 20では、 HDD24力もメーラー 241を読み出して起動し、メールサーバ 30の POPサーバより電子メールを受信する。承認依頼メールも通常の電子メールと 同様に承認者端末 20で受信され、承認権限者は受信した承認依頼メールを開封し て送信しょうとした電子メールの宛先や内容を確認し、承認するか否かを決定する。  In the approver terminal 20, the HDD 24 also reads and activates the mailer 241 and receives an email from the POP server of the mail server 30. The approval request email is also received at the approver terminal 20 in the same way as a normal email, and the approval authority confirms the address and contents of the email that he / she tried to open and send the received approval request email, and decides whether to approve it. To decide.
[0045] 承認者端末 20における送信承認の処理は、 HDD24から読み出されたメール承認 プログラム 242によって実行される。承認者端末 20の画面には、メール承認プロダラ ム 242によって許可か不許可かを選択するボタンが表示され、不許可のボタンが選 択されると、送信者端末 10に送信を許可しないことを通知するメールが送信される。  The transmission approval process in the approver terminal 20 is executed by the mail approval program 242 read from the HDD 24. On the screen of the approver terminal 20, a button for selecting permission or disapproval by the mail approval program 242 is displayed. When the disapproval button is selected, the sender terminal 10 is not permitted to transmit. A notification email is sent.
[0046] 力かる選択ボタンの表示は、例えば承認依頼メールにはメールヘッダ等に固有の 識別子が記録され、メール承認プログラム 242でこの識別子を検出すると選択ボタン がポップアップするように設定すれば、自動表示を行うことができる。このように、汎用 のメーラーに付加される固有の動作は、汎用メーラーとは別のプログラムによって処 理することとしてもよいし、汎用メーラーにアドインソフトとして追加されるものであって もよい。アドインソフトとして追加される場合には、例えば承認を選択する選択ボタン 等は、汎用メーラーのメニューボタンの一つとして追加される。  [0046] The display of the selection button to be used automatically is, for example, if an approval request mail is recorded with a unique identifier in the mail header or the like, and if this identifier is detected by the mail approval program 242, the selection button will pop up automatically. Display can be made. As described above, the specific operation added to the general-purpose mailer may be processed by a program different from the general-purpose mailer, or may be added to the general-purpose mailer as add-in software. When added as add-in software, for example, a selection button for selecting approval is added as one of the menu buttons of the general mailer.
[0047] 図 5は、承認権限を有する承認者 (B)が、送信者 (A)が送信した電子メールを承認 しない場合の例を示したものである。力かる不許可を通知するメールは、宛先が送信 者 (A)と指定され、本文には当該メールの送信を承認しない旨の定型コメントや、承 認依頼メールに含まれた送信用メールの宛先、タイトル、本文等を含むことができる。 定型コメントの他に、不許可の理由についてのコメントを本文や添付ファイルで付カロ することとしてもよい。不許可を通知するメールは、承認者 (B)より送信者 (A)に送信 される(2)。  FIG. 5 shows an example in which the approver (B) having the authorization authority does not approve the email sent by the sender (A). The e-mail to notify the unauthorized disapproval is addressed to the sender (A), and the body text contains a standard comment that the transmission of the e-mail is not approved, and the address of the e-mail to be sent included in the approval request e-mail , Title, text, etc. In addition to the standard comments, comments about the reasons for disapproval may be attached in the text or attached file. The e-mail notifying permission is sent from the approver (B) to the sender (A) (2).
[0048] 一方、許可のボタンが選択された場合には、送信者端末 10に送信を承認すること を通知する承認通知メールが送信される。承認通知メールの作成はメール承認プロ グラム 242によって実行されるが、承認依頼メールのメールヘッダや本文等に含まれ る送信者のアドレスカゝら送信先のアドレスを指定するとともに、承認依頼メールの本文 や添付ファイル等のダイジェスト (任意長のデータを、ある固定長の小さなサイズのデ ータに縮約したもの。)から生成したノ スワードが添付される。生成されたノ スワード は承認通知メール本文に記述されてもょ 、し、添付ファイルとして承認通知メールに 添付されてもよい。 On the other hand, when the permission button is selected, an approval notification mail for notifying the sender terminal 10 that the transmission is approved is transmitted. Create an email notification for approval This is executed by Gram 242 but specifies the destination address from the sender address included in the email header and body of the approval request email, and the digest (optional) A long word is reduced to a fixed-size, small-size data.) The generated password may be described in the body of the approval notification email, or it may be attached to the approval notification email as an attached file.
[0049] 図 6は、承認権限を有する承認者 (B)が、送信者 (A)が送信した電子メールを承認 して、承認通知メールを送信する場合の例を示したものである。承認通知メールは、 宛先が送信者 (A)と指定され、本文には当該メールの送信を承認する旨の定型コメ ントや、承認依頼メールに含まれた送信用メールの宛先、タイトル、本文等を含むこと ができる力 承認依頼メールのダイジェストから生成されたパスワードが本文の一部と して記述され、又は添付ファイルとして添付される。定型コメントの他に、承認の理由 につ 、てのコメントを本文や添付ファイルで付加することとしてもよ 、。承認通知メー ルは、承認者 (B)より送信者 (A)に送信される(2)。  FIG. 6 shows an example in which an approver (B) having approval authority approves an electronic mail transmitted by the sender (A) and transmits an approval notification mail. Approval notification emails are addressed to the sender (A), and the body text contains a standard comment to approve the transmission of the email, the destination email address, title, body text, etc. included in the approval request email The password generated from the digest of the approval request email is described as part of the text or attached as an attached file. In addition to the standard comment, it is also possible to add the previous comment in the text or attached file for the reason for approval. The approval notification mail is sent from the approver (B) to the sender (A) (2).
[0050] 送信者端末 10で承認通知メールを受信すると、承認通知メールに含まれるパスヮ ードを用いて、承認権限者による承認済の送信用メールを作成する。かかる送信用メ ールには、承認通知メール本文の一部として記述されたパスワードや承認通知メー ルに添付されたパスワードが記述された添付ファイルを切り出して、送信用メールの 添付ファイルや送信用メール本文の一部として用いられる。送信用メールに記述され る本文の内容や送信する宛先は、承認者が承認したものと同一であることが要求さ れるが、力かる本文の内容や送信先のアドレスは、承認通知メール力 切り出すこと としてもよ ヽし、承認のために承認権限者に送信された承認依頼メールの送信済ファ ィルカも切り出すこととしてもよ!/、。  [0050] When the sender terminal 10 receives the approval notification mail, the sender terminal 10 creates a mail for transmission approved by the approval authority using the password included in the approval notification mail. In such a mail for sending, the password written as part of the body of the approval notification email or the password attached to the approval notification email is cut out and attached to the email for sending or for sending Used as part of the email text. The content of the text described in the outgoing mail and the destination to be sent are required to be the same as those approved by the approver, but the content of the main text and the address of the destination to be used are extracted. It is also possible to cut the sent filer of the approval request email sent to the approval authority for approval! /.
[0051] 尚、このような承認済の送信用メールの作成は、送信者が送信者端末 10を操作し て手動で作成することとしてもよいし、メール制御プログラム 143によって自動的に処 理が実行されることとしてもよい。また、承認済の送信用メールの作成は新たな送信 ファイルを作成するものであってもよ 、し、承認通知メールの転送ファイルとして作成 されるものであってもよ ヽ。 [0052] 図 7は、承認者 (B)カゝら受信した承認通知メールを用いて送信者 (A)が作成した、 承認済の送信用メールの例を示したものである。受信した承認通知メールには、承 認した送信用メールの宛先である受信者 (X)や本文に記述された内容が含まれてお り、さらに承認権限者による承認済であることを示す送信用メールのダイジェストから 生成されたノ スワードが添付されている。承認済の送信用メールには、承認を受けた ものと同じ宛先が指定され、同じ内容の本文が記述されると共に、ダイジェストから生 成されたノ スワードが添付される。 [0051] It should be noted that such an approved transmission mail may be created manually by the sender by operating the sender terminal 10, or automatically processed by the mail control program 143. It may be executed. In addition, the approved transmission mail may be created as a new transmission file or as a transfer file for the approval notification mail. FIG. 7 shows an example of the approved transmission mail created by the sender (A) using the approval notification mail received by the approver (B). The received approval notification email includes the recipient (X) that is the destination of the approved sending email and the contents described in the text, and further indicates that the approval has been approved by the approval authority. A nose word generated from the digest of the trusted email is attached. An approved outgoing e-mail is specified with the same address as the one that has been approved, the body of the same content is described, and a nose word generated from the digest is attached.
[0053] 承認済の送信用メールが作成され、送信者が送信者端末 10で送信指示の操作を 行うと、メーラー 141によって電子メールの送信処理が起動される。ここで、送信指示 を受けた承認済の送信用メールはメーラー 141の送信トレイに置かれる力 前述の最 初の送信時の処理と同様に送信トレイが監視されているため、指定された宛先に送 信される前に、承認権限者による承認が必要か否かの判定が行われることになる。  [0053] When an approved transmission mail is created and the sender performs a transmission instruction operation on the sender terminal 10, the mailer 141 activates an email transmission process. Here, the power of the approved sending mail that received the sending instruction is placed in the sending tray of the mailer 141. Since the sending tray is monitored in the same manner as the first sending process described above, it is sent to the specified destination. Before being sent, a determination is made as to whether approval by the approval authority is necessary.
[0054] し力しながら、上記のケースでは送信するメールに承認権限者による承認済である ことを示すパスワードが添付されているために、パスワードが正当なものであると確認 された場合には、宛先や本文のキーワード等からは承認が必要であると判定されるメ ールであっても、そのまま送信して問題ない。従って、メール制御プログラム 143によ る承認権限者による承認が必要力否かの判定処理では、宛先や本文のキーワード、 特異挙動に当たらないか、などの基準で承認の要否を判定する前段階において、送 信するメールに承認権限者による承認済であることを示すパスワードが添付されてい る力、添付されたパスワードは正当なものであるかについての判定を行う。  [0054] However, in the above case, if the password is confirmed to be valid because the password indicating that it has been approved by the approval authority is attached to the email to be sent, Even if it is determined that approval is required from the address or the keyword in the text, it can be sent as it is. Therefore, in the process of determining whether approval by the approval authority by the mail control program 143 is necessary or not, it is a pre-stage for determining the necessity of approval based on criteria such as destination, body keyword, and unique behavior In the above, it is judged whether or not the password indicating that the approval authority has approved is attached to the mail to be sent and whether the attached password is valid.
[0055] 送信するメールに承認権限者による承認済であることを示すパスワードが添付され ているかの判定方法については、例えばメールヘッダにパスワードの存在を示す所 定の識別子を記録するなど特に限定されるものではな ヽが、添付されたパスワードは 正当なものであるかの判定方法については、承認者端末 20でノ スワード生成に用い られるのと同じ関数によって送信用メールの本文等からパスワードを生成し、添付さ れたパスワードと対比することにより行われる。  [0055] The method for determining whether a password indicating approval by an approval authority is attached to the email to be sent is particularly limited, for example, by recording a predetermined identifier indicating the presence of the password in the email header. However, for the method of determining whether the attached password is legitimate, the password is generated from the body of the outgoing e-mail using the same function that is used for generating the password at the approver terminal 20. It is done by comparing with the attached password.
[0056] つまり、承認者端末 20のメール承認プログラム 242には、メール本文及び添付ファ ィル等のダイジェストからパスワードを生成する関数が含まれているが、送信者端末 1 0のメール制御プログラム 143にも同様の関数が含まれて 、て、送信用メールの本文 等から当該関数によってノ スワードを生成し、添付されたパスワードとの対比を実行 する。送信者が承認を受けた電子メールの宛先、タイトル、本文等の一部を改ざんし て送信しょうとした場合には、ダイジェストの元データが承認者端末 20で承認された 電子メールに含まれるデータと異なるために各々から生成されるノ スワードは一致せ ず、送信用メールは承認を受けた内容力も改ざんされたことを検証することができる。 従って、ノ スワードが一致しない場合には当該送信用メールは送信されず、送信者 にその旨を通知するために、例えば送信者端末 10のディスプレイにエラー画面が表 示される。 That is, the mail approval program 242 of the approver terminal 20 includes a function for generating a password from a digest such as a mail text and an attached file, but the sender terminal 1 The mail control program 143 of 0 includes a similar function, so that a password is generated by the function from the body of the transmission mail and the like, and the comparison with the attached password is executed. If the sender's approved e-mail address, title, text, etc. are tampered with and sent, the original data of the digest is included in the e-mail approved by the approver terminal 20 Therefore, it is possible to verify that the e-mail for sending has been altered in the approved content. Therefore, if the passwords do not match, the transmission mail is not transmitted, and an error screen is displayed on the display of the sender terminal 10, for example, in order to notify the sender.
[0057] 一方、パスワードが一致する場合には、送信用メールが承認を受けた内容力 改ざ んされていないことが確認される。承認権限者による承認が行われ、かつ承認時と内 容が改ざんされて!/、な!/、ことが確認された送信用メールにつ!、ては、送信者端末 10 のメール制御プログラム 143によってノ スワードを削除した送信用メールが送信トレィ に戻されて、メーラー 141の動作により指定された宛先に送信される。  [0057] On the other hand, if the passwords match, it is confirmed that the content to be sent has not been tampered with. Approval by the authorized person has been made, and the contents at the time of approval have been altered! / Wow! / Confirmed e-mail for sending! Then, the e-mail for transmission from which the password is deleted by the e-mail control program 143 of the sender terminal 10 is returned to the transmission tray and transmitted to the destination specified by the operation of the mailer 141.
[0058] 図 8は、送信者 (A)が作成した承認済の送信用メールが送信される例を示したもの である。承認済の送信用メールには、宛先に受信者 (X)が指定され、承認通知メー ルに添付されたパスワードが添付されている力 パスワードが添付されていること、か つパスワードが正当であることが確認されると、承認権限者による承認を受けたもの であり、かつ承認時から内容が改ざんされていないと判断されて、パスワードを削除し た上で受信者 (X)に送信される (3)。  FIG. 8 shows an example in which the approved transmission mail created by the sender (A) is transmitted. Approved outgoing mail has the recipient (X) specified as the recipient, the password attached to the approval notification mail, the password is attached, and the password is valid If it is confirmed, it has been approved by the approval authority and it has been determined that the content has not been tampered with since the approval, and the password is deleted and sent to the recipient (X). (3).
[0059] 一方、パスワードが添付されて 、るものの、送信用メール本文及び添付ファイル等 力 生成したパスワードと一致しない場合は、送信用メールは承認時の内容力も改ざ んされている恐れがあるため、受信者 (X)には送信されない。送信者 (A)には、エラ 一表示等によって当該送信用メールが送信されな力つたことが通知される。  [0059] On the other hand, if the password is attached but the sent mail text and attached file, etc. are not the same as the generated password, the sent mail may have been altered in content at the time of approval. Therefore, it is not sent to the recipient (X). The sender (A) is informed that the transmission mail has not been transmitted by an error display or the like.
[0060] これまで説明したように、送信者端末 10における送信用メールの判定は、メーラー 141の送信トレイに置かれる送信用ファイルを監視することにより行われ、判定後に は送信用ファイルに戻すことによって所定の宛先に電子メールが送信される。このよ うに、メール制御プログラム 143による送信用メールの判定処理は、メーラー 141によ る通常の電子メールの送受信処理に対する付加的な処理として実行することが可能 である。同様に、承認者端末 20における送信用メールの承認も、承認者端末 20にメ ール本文及び添付ファイル等からパスワードを生成する関数を備えればよぐ本発明 にお 、ては汎用のメーラーとメールサーバを用いた電子メールシステムにお 、ても、 クライアント端末に付カ卩的なプログラムをインストールするのみで導入することが可能 である。 [0060] As described above, the determination of the transmission mail in the sender terminal 10 is performed by monitoring the transmission file placed in the transmission tray of the mailer 141, and after the determination, the transmission file is returned to the transmission file. The e-mail is transmitted to a predetermined destination. As described above, the mail control program 143 determines the outgoing mail by the mailer 141. It can be executed as an additional process to the normal e-mail transmission / reception process. Similarly, for the approval of the outgoing mail in the approver terminal 20, the general applicator terminal 20 only needs to have a function for generating a password from the mail text and the attached file. Even an email system using a mail server can be installed simply by installing a special program on the client terminal.
[0061] あるいは、力かるメール制御プログラム及びメール承認プログラムを、汎用メーラー にアドインソフトとして追加することとしてもよい。この場合、汎用メーラーを起動した際 には、汎用メーラーのツールバーに承認の申請や承認結果の返信を実行するため のボタンが表示され、送信者又は承認者は当該ボタンをクリックすることで各々の処 理を実行することが可能になる。  [0061] Alternatively, a powerful mail control program and mail approval program may be added to the general-purpose mailer as add-in software. In this case, when the general-purpose mailer is activated, buttons for executing an application for approval and replying the approval result are displayed on the toolbar of the general-purpose mailer. Processing can be executed.
[0062] また、電子メール送受信専用の汎用メーラーを用いな 、場合、例えば Webメール によって電子メールを送信する場合であっても、 Webブラウザの動作をフックして監 視を行 、、電子メールの送信処理が実行されるとそのメールを取得することによって 、同様の動作を実現することが可能である。  [0062] In addition, when a general-purpose mailer dedicated to e-mail transmission / reception is not used, for example, even when e-mail is transmitted by Web mail, monitoring is performed by hooking the operation of the Web browser. When the transmission process is executed, the same operation can be realized by acquiring the mail.
[0063] 続いて、図 9、図 10のフローチャートを用いて、送信者の操作するコンピュータに格 納される電子メール送信プログラムの処理フローについて、図 11のフローチャートを 用いて、承認権限者の操作するコンピュータに格納される電子メール承認プログラム の処理フローについて説明する。  Subsequently, the processing flow of the e-mail transmission program stored in the computer operated by the sender using the flowcharts of FIGS. 9 and 10 will be described with reference to the flowchart of FIG. The processing flow of the e-mail approval program stored in the computer will be described.
[0064] 送信者の操作するコンピュータに格納される電子メール送信プログラムは、送信す るメールが承認権限者による承認を要するものである力 承認権限者による承認を受 けたものであるかの判定の前後関係によって 2つの実施形態が存在し、本発明はい ずれの実施形態によるものであってもよい。図 9のフローチャートは、承認権限者によ る承認を受けたものであるかの判定を先に実行する第 1の処理フローである。図 10の フローチャートは、承認権限者による承認を要するものであるかの判定を先に実行す る第 2の処理フローである。  [0064] The e-mail transmission program stored in the computer operated by the sender is used to determine whether the e-mail to be sent has been approved by the approval authority. There are two embodiments depending on the context, and the present invention may be based on any embodiment. The flowchart in FIG. 9 is a first processing flow in which it is first determined whether or not approval has been received from the approval authority. The flowchart in Fig. 10 is a second processing flow in which it is first determined whether approval by an approval authority is required.
[0065] 第 1の処理フローにおいては、メーラーや Webブラウザにおいて電子メールの送信 指示を検出すると(S01)、当該電子メールの送信用ファイルを取得して、メール本文 等のダイジェストから生成されたパスワードが添付されているかを確認する(S02)。パ スワードが添付されている場合には、添付されたパスワードを当該電子メールの本文 等のダイジェストから生成されたパスワードと対比して、パスワードが正当なものである 力どうかの判定を行う(S03)。 [0065] In the first processing flow, when an email transmission instruction is detected in a mailer or a web browser (S01), a file for transmission of the email is acquired, and the email body is acquired. It is confirmed whether a password generated from a digest such as is attached (S02). If a password is attached, the password is compared with the password generated from the digest such as the body of the e-mail to determine whether the password is valid (S03). .
[0066] ノ スワードが正当なものである場合には、当該電子メールは送信可能と判断され、 送信用ファイルからパスワードを削除して(S04)、指定された宛先に電子メールを送 信して(S05)、処理を終了する。一方、パスワードが正当なものでない場合には、当 該電子メールは送信不可と判断され、端末にエラー表示がされて(S06)、処理を終 了する。 [0066] If the password is valid, it is determined that the e-mail can be sent, the password is deleted from the sending file (S04), and the e-mail is sent to the designated destination. (S05), the process ends. On the other hand, if the password is not valid, it is determined that the e-mail cannot be sent, an error is displayed on the terminal (S06), and the process is terminated.
[0067] 送信用ファイルにパスワードが添付されていない場合は、承認済の電子メールでは ないため、指定された宛先やメール本文等のキーワードが所定のルールに該当しな いか、送信指示が当該ユーザや端末の特異挙動に該当しないかなどを基準にして、 送信に承認権限者の承認を要するか否かの判定を行う (S07)。  [0067] If the password is not attached to the transmission file, it is not an approved email, so the keywords such as the specified destination and the body of the email do not meet the predetermined rules, or the transmission instruction is It is determined whether or not approval by the approval authority is required for transmission based on whether or not the unique behavior of the terminal is applicable (S07).
[0068] 承認が必要とされない電子メールについては、指定された宛先に電子メールを送 信して (S05)、処理を終了する。承認が必要とされた場合には、送信者による選択に より、又は予めプログラムで指定された承認者が選択され (S08)、選択された承認者 を宛先とする承認依頼の電子メールが送信されて(S09)、処理を終了する。  [0068] For an electronic mail that does not require approval, the electronic mail is transmitted to a designated destination (S05), and the process ends. If approval is required, an approver selected by the sender or an approver designated in advance in the program is selected (S08), and an approval request e-mail addressed to the selected approver is sent. (S09), and the process ends.
[0069] 第 2の処理フローにおいては、メーラーや Webブラウザにおいて電子メールの送信 指示を検出すると(Sl l)、当該電子メールの送信用ファイルを取得して、指定された 宛先やメール本文等のキーワードが所定のルールに該当しないか、送信指示が当 該ユーザや端末の特異挙動に該当しないかなどを基準にして、送信に承認権限者 の承認を要するか否かを判定する(S 12)。承認が必要とされな!/、電子メールにつ ヽ ては、指定された宛先に電子メールを送信して(S 16)、処理を終了する。  [0069] In the second processing flow, when an email transmission instruction is detected by a mailer or a web browser (Sl l), a file for sending the email is acquired, and the specified destination, email text, etc. are acquired. Based on whether the keyword does not correspond to a predetermined rule or whether the transmission instruction does not correspond to the specific behavior of the user or terminal, it is determined whether or not the approval of the approval authority is required for transmission (S 12). . Approval is not required! / For e-mail, the e-mail is sent to the designated destination (S16), and the process is terminated.
[0070] 承認が必要とされた場合には、メール本文等のダイジェストから生成されたパスヮー ドが添付されているかを確認する(S 13)。パスワードが添付されている場合には、添 付されたノ スワードを当該電子メールの本文等のダイジェストから生成されたノ スヮ ードと対比して、パスワードが正当なものであるかどうかの判定を行う(S14)。  [0070] If approval is required, it is confirmed whether or not a password generated from a digest such as a mail text is attached (S13). If the password is attached, the attached password is compared with the password generated from the digest such as the body of the email to determine whether the password is valid. (S14).
[0071] ノ スワードが正当なものである場合には、当該電子メールは送信可能と判断され、 送信用ファイルからパスワードを削除して(S15)、指定された宛先に電子メールを送 信して(S 16)、処理を終了する。一方、パスワードが正当なものでない場合には、当 該電子メールは送信不可と判断され、端末にエラー表示がされて (S17)、処理を終 了する。 [0071] If the password is valid, it is determined that the email can be sent, The password is deleted from the transmission file (S15), an e-mail is sent to the designated destination (S16), and the process is terminated. On the other hand, if the password is not valid, it is determined that the e-mail cannot be sent, an error is displayed on the terminal (S17), and the process is terminated.
[0072] 送信用ファイルにパスワードが添付されていない場合は、承認権限者による承認を 受けるために、送信者による選択により、又は予めプログラムで指定された承認者が 選択され (S18)、選択された承認者を宛先とする承認依頼の電子メールが送信され て(S19)、処理を終了する。  [0072] If the password is not attached to the file for transmission, the approver specified by the sender or selected in advance by the sender is selected to receive approval by the approval authority (S18). An approval request e-mail addressed to the approver is sent (S19), and the process ends.
[0073] 承認権限者の操作するコンピュータにおける電子メール承認の処理フローは、図 1 1のフローチャートのとおりである。メーラーや Webブラウザにおいて、送信者から転 送された承認依頼メールを受信する(S21)。承認依頼メールが開封されると、デイス プレイに承認の有無を選択するボタンが表示され(S 22)、いずれかのボタンの選択 を受け付けたことを検出する (S23)。  The processing flow for e-mail approval in the computer operated by the approval authority is as shown in the flowchart of FIG. In the mailer or Web browser, the approval request mail transferred from the sender is received (S21). When the approval request mail is opened, a button for selecting approval / disapproval is displayed on the display (S22), and it is detected that the selection of any button has been accepted (S23).
[0074] 選択されたボタンが送信を承認するものであれば、送信を承認したメールの宛先、 タイトル、本文等のダイジェストからノ スワードを生成する(S24)。また、承認を依頼し た送信者に送信する承認通知メールを作成して、生成したパスワードを本文等の一 部や添付ファイルとして添付する(S25)。パスワードが添付された承認通知メールは 、承認を依頼した送信者を宛先として送信される(S26)。選択されたボタンが送信を 承認しな ヽものである場合は、送信が不許可となったことの通知メールが作成されて 、承認を依頼した送信者を宛先として送信される(S27)。  [0074] If the selected button approves the transmission, a word is generated from the digest of the destination, title, text, etc. of the mail approved for transmission (S24). It also creates an approval notification email to be sent to the sender who requested the approval, and attaches the generated password as a part of the body text or an attached file (S25). The approval notification mail with the password attached is transmitted to the sender who requested the approval (S26). If the selected button does not approve the transmission, a notification mail indicating that the transmission has been disallowed is created and transmitted to the sender who requested the approval (S27).
図面の簡単な説明  Brief Description of Drawings
[0075] [図 1]本発明にカゝかる電子メール送信システムの構成を示すブロック図である。 FIG. 1 is a block diagram showing a configuration of an e-mail transmission system according to the present invention.
[図 2]本発明にかかる電子メール送信方法の処理手順を示す第 1の図である。  FIG. 2 is a first diagram showing a processing procedure of an e-mail transmission method according to the present invention.
[図 3]本発明にかかる電子メール送信方法の処理手順を示す第 2の図である。  FIG. 3 is a second diagram showing a processing procedure of the e-mail transmission method according to the present invention.
[図 4]本発明にかかる電子メール送信方法の処理手順を示す第 3の図である。  FIG. 4 is a third diagram showing a processing procedure of the e-mail transmission method according to the present invention.
[図 5]本発明にかかる電子メール送信方法の処理手順を示す第 4の図である。  FIG. 5 is a fourth diagram showing the processing procedure of the e-mail transmission method according to the present invention.
[図 6]本発明にかかる電子メール送信方法の処理手順を示す第 5の図である。  FIG. 6 is a fifth diagram showing the processing procedure of the e-mail transmission method according to the present invention.
[図 7]本発明にかかる電子メール送信方法の処理手順を示す第 6の図である。 圆 8]本発明にかかる電子メール送信方法の処理手順を示す第 7の図である。 圆 9]本発明において、送信者の操作するコンピュータに格納される電子メール送信 プログラムの第 1の処理フローを示すフローチャートである。 FIG. 7 is a sixth diagram showing the processing procedure of the e-mail transmission method according to the present invention. [8] FIG. 8 is a seventh diagram showing a processing procedure of the e-mail transmission method according to the present invention.圆 9] In the present invention, it is a flowchart showing a first processing flow of an e-mail transmission program stored in a computer operated by a sender.
[図 10]本発明において、送信者の操作するコンピュータに格納される電子メール送 信プログラムの第 2の処理フローを示すフローチャートである。  FIG. 10 is a flowchart showing a second processing flow of the e-mail transmission program stored in the computer operated by the sender in the present invention.
[図 11]本発明において、承認権限者の操作するコンピュータに格納される電子メー ル承認プログラムの処理フローを示すフローチャートである。  FIG. 11 is a flowchart showing a processing flow of an e-mail approval program stored in a computer operated by an approval authority in the present invention.
符号の説明 Explanation of symbols
10 送信者端末  10 Sender terminal
11 CPU  11 CPU
12 RAM  12 RAM
13 ROM  13 ROM
14 HDD  14 HDD
141 メーラー  141 Mailer
142 ブラウザ  142 Browser
143 メール制御プログラム  143 Mail control program
144 判定ノレールテープノレ  144 Judgment Norail Tape Nore
20 承認者端末  20 Approver terminal
21 CPU  21 CPU
22 RAM  22 RAM
23 ROM  23 ROM
24 HDD  24 HDD
241 メーラー  241 Mailer
242 メール承認プログラム  242 email approval program
30 メーノレサーノ  30 Menoresano
40 ゲートウェイ  40 gateway

Claims

請求の範囲 The scope of the claims
[1] 所定の条件に該当する電子メールについて承認権限者による承認を受けた電子メ ールのみの送信を可能にするための電子メールの送信方法であって、  [1] An email transmission method for enabling transmission of only emails that have been approved by an approval authority for emails that meet a predetermined condition,
電子メールの送信者が操作する第 1のコンピュータが、送信指示を受け付けた電子メ ールが承認権限者による承認を要する電子メールであるかを判定するステップと、 前記第 1のコンピュータが、送信指示を受け付けた電子メールが承認権限者による 承認を受けた電子メールであるかを判定するステップと、  The first computer operated by the sender of the e-mail determines whether the e-mail that has received the transmission instruction is an e-mail that requires approval by the approval authority, and the first computer sends Determining whether the email that has received the instructions is an email that has been approved by an authorized person;
前記第 1のコンピュータが、承認権限者による承認を要すると判定され、かつ承認権 限者による承認を受けて ヽな ヽと判定された電子メールを、前記承認権限者が操作 する第 2のコンピュータに、前記電子メールの内容を含む承認要求メールとして送信 するステップと、  The second computer that operates the e-mail that the first computer is determined to require approval by the approval authority and is determined to be obscene by the approval by the approval authority. Sending an approval request email containing the contents of the email,
前記第 2のコンピュータが、前記承認要求メールを受信して、前記承認権限者による 前記電子メールの内容の確認結果を受け付けるステップと、  The second computer receiving the approval request mail and receiving a confirmation result of the content of the e-mail by the approval authority; and
前記第 2のコンピュータが、前記確認結果が前記電子メールの送信を承認するもの である場合には、前記電子メールの内容の少なくとも一部のダイジェストから前記承 認権限者による承認を受けたことを示すパスワードを生成するステップと、 前記第 2のコンピュータが、前記パスワードを含む送信承認メールを前記第 1のコン ピュータに送信するステップと、を有していて、  If the confirmation result approves the transmission of the e-mail, the second computer has received approval from the approval authority from at least a part of the content of the e-mail. Generating a password indicating, and the second computer transmitting a transmission approval mail including the password to the first computer, and
前記第 1のコンピュータは、送信指示を受け付けた電子メールが承認権限者による 承認を受けた電子メールであるかを判定するステップにお 、ては、前記電子メール に前記パスワードが含まれて 、て、かつ前記ノ スワードが前記電子メールの内容の 少なくとも一部のダイジェストから生成されるノ スワードと一致する場合に、前記電子 メールが承認権限者による承認を受けた電子メールであると判定すること を特徴とする電子メール送信方法。  In the step of determining whether the e-mail that has received the transmission instruction is an e-mail that has been approved by an approval authority, the first computer includes the password in the e-mail. And determining that the e-mail is an e-mail that has been approved by an approval authority if the nose matches a no-word generated from a digest of at least a portion of the e-mail content. E-mail transmission method characterized.
[2] 前記第 1のコンピュータが、承認権限者による承認を要しないと判定された電子メー ル、又は承認権限者による承認を要すると判定されたが承認権限者による承認を受 けて 、ると判定された電子メールを、前記電子メールに指定された宛先に送信するス テツプを有すること を特徴とする請求項 1記載の電子メール送信方法。 [2] The first computer is determined to require no approval by the approval authority, or is determined to require approval by the approval authority but is approved by the approval authority. A step of sending the e-mail determined to be sent to the destination specified in the e-mail. The e-mail transmission method according to claim 1.
[3] 前記第 1のコンピュータは、電子メール送受信プログラムの送信トレイに新たな電子 メールが検出されたこと、又は Webブラウザにお 、て電子メールの送信処理が実行 されたことによって電子メールの送信指示を検出し、前記電子メールが承認権限者 による承認を要する電子メールであるかを判定するステップ、又は前記電子メールが 承認権限者による承認を受けた電子メールであるかを判定するステップを実行するこ と [3] The first computer transmits an e-mail when a new e-mail is detected in the transmission tray of the e-mail transmission / reception program or when an e-mail transmission process is executed in the web browser. Detecting instructions and determining whether the e-mail is an e-mail that requires approval by an approval authority or determining whether the e-mail is an e-mail approved by an approval authority To do
を特徴とする請求項 1又は 2記載の電子メール送信方法。  The e-mail transmission method according to claim 1 or 2.
[4] 所定の条件に該当する電子メールにつ 、て承認権限者による承認を受けた電子メ ールのみの送信を可能にするための電子メールの送信者が操作する第 1のコンビュ ータに格納される電子メールの送信プログラムであって、前記第 1のコンピュータに、 送信指示を受け付けた電子メールが承認権限者による承認を要する電子メールであ るかを判定するステップと、 [4] The first computer operated by the sender of the e-mail to enable the sending of only the e-mail that has been approved by the approval authority for the e-mail that meets the prescribed conditions. An e-mail transmission program stored in the first computer, wherein the first computer determines whether the e-mail that has received a transmission instruction is an e-mail that requires approval by an approval authority; and
送信指示を受け付けた電子メールが承認権限者による承認を受けた電子メールであ るかを判定するステップと、  Determining whether the e-mail accepted for transmission is an e-mail approved by an approval authority;
承認権限者による承認を要すると判定され、かつ承認権限者による承認を受けて ヽ ないと判定された電子メールについて、前記承認権限者が操作する第 2のコンビユー タに前記電子メールの内容を含む承認要求メールを送信するステップと、を実行させ 送信指示を受け付けた電子メールが承認権限者による承認を受けた電子メールであ るかを判定するステップにお ヽては、前記電子メールに前記承認権限者による承認 を受けたことを示す前記第 2のコンピュータにおいて前記電子メールの内容の少なく とも一部のダイジェストから生成されたパスワードが含まれて!/、て、かつ前記パスヮー ドが前記電子メールの内容の少なくとも一部のダイジェストから生成されるパスワード と一致する場合には前記電子メールが承認権限者による承認を受けた電子メールで あると判定すること  For e-mails that are determined to require approval by the approval authority and that are not approved by the approval authority, the contents of the e-mail are included in the second computer operated by the approval authority. Transmitting an approval request mail, and determining whether the e-mail that has been sent and accepted the transmission instruction is an e-mail that has been approved by an approval authority. The second computer indicating approval by the authorized person includes a password generated from at least a part of the content of the e-mail! /, And the password is the e-mail. The e-mail is approved by the approval authority if it matches the password generated from the digest of at least part of the contents of To determine that the email was received
を特徴とする電子メール送信プログラム。  An e-mail transmission program characterized by
[5] 前記第 1のコンピュータに、承認権限者による承認を要しないと判定された電子メー ル、又は承認権限者による承認を要すると判定されたが承認権限者による承認を受 けて 、ると判定された電子メールを、前記電子メールに指定された宛先に送信するス テツプを実行させること [5] An electronic mail that is determined not to require approval by an approval authority on the first computer. Or an e-mail that has been determined to require approval by the approval authority but is approved by the approval authority, is sent to the destination specified in the e-mail. thing
を特徴とする請求項 4記載の電子メール送信プログラム。  The e-mail transmission program according to claim 4, wherein:
[6] 前記第 1のコンピュータに、電子メール送受信プログラムの送信トレイに新たな電子 メールが検出されたこと、又は Webブラウザにお 、て電子メールの送信処理が実行 されたことによって電子メールの送信指示を検出し、前記電子メールが承認権限者 による承認を要する電子メールであるかを判定するステップ、又は前記電子メールが 承認権限者による承認を受けた電子メールであるかを判定するステップを実行させる こと [6] Sending an e-mail when a new e-mail is detected in the sending tray of the e-mail sending / receiving program in the first computer or when an e-mail sending process is executed in the Web browser Detecting instructions and determining whether the e-mail is an e-mail that requires approval by an approval authority or determining whether the e-mail is an e-mail approved by an approval authority To do
を特徴とする請求項 4又は 5記載の電子メール送信プログラム。  The e-mail transmission program according to claim 4 or 5, wherein
[7] 所定の条件に該当する電子メールについて承認権限者による承認を受けた電子メ ールのみの送信を可能にするための電子メールの承認権限者が操作する第 2のコン ピュータに格納される電子メールの承認プログラムであって、 [7] Stored in the second computer operated by the e-mail approval authority to enable sending only e-mails approved by the approval authority for e-mails that meet the specified conditions. E-mail approval program
前記第 2のコンピュータに、電子メールの送信者が操作する第 1のコンピュータより、 前記第 1のコンピュータで承認権限者による承認を要すると判定された電子メールの 内容を含む承認要求メールを受信するステップと、  The second computer receives, from the first computer operated by the e-mail sender, an approval request e-mail including the contents of the e-mail determined to require approval by the approval authority in the first computer. Steps,
前記承認権限者による前記電子メールの内容の確認結果を受け付けるステップと、 前記確認結果が前記電子メールの送信を承認するものである場合には、前記電子メ ールの内容の少なくとも一部のダイジェストから前記承認権限者による承認を受けた ことを示すパスワードを生成するステップと、  A step of accepting the confirmation result of the content of the email by the authorized person, and if the confirmation result approves the transmission of the email, a digest of at least a part of the content of the email Generating a password indicating approval from the approval authority from
前記電子メールの送信承認を通知するための前記ノ スワードを含む送信承認メール を前記第 1のコンピュータに送信するステップと、を実行させ、  Sending a transmission approval mail including the password for notifying the transmission approval of the e-mail to the first computer, and
前記送信承認メールを受信した前記第 1のコンピュータは、前記承認権限者の承認 を要する電子メールの送信指示を受け付けると、前記電子メールに前記パスワードが 含まれていて、かつ前記パスワードが前記電子メールの内容の少なくとも一部のダイ ジェストから生成されるパスワードと一致する場合には前記電子メールが承認権限者 による承認を受けた電子メールであると判定し、前記電子メールに指定された宛先に 前記電子メールを送信すること When the first computer that has received the transmission approval mail receives an e-mail transmission instruction that requires approval by the approval authority, the e-mail includes the password, and the password is the e-mail. If it matches the password generated from the digest of at least a part of the content, it is determined that the e-mail is an e-mail that has been approved by the approval authority, and the address specified in the e-mail is sent. Sending the e-mail
を特徴とする電子メール承認プログラム。  E-mail approval program characterized by
[8] 所定の条件に該当する電子メールについて承認権限者による承認を受けた電子メ ールのみの送信を可能にするための電子メール送信装置であって、 [8] An e-mail transmission device for enabling transmission of only e-mails that have been approved by an approval authority for e-mails satisfying predetermined conditions,
送信指示を受け付けた電子メールが承認権限者による承認を要する電子メールであ るかを判定する第 1の判定手段と、  A first determination means for determining whether an e-mail that has received a transmission instruction is an e-mail that requires approval by an approval authority;
送信指示を受け付けた電子メールが承認権限者による承認を受けた電子メールであ るかを判定する第 2の判定手段と、  A second determination means for determining whether the email for which the transmission instruction has been accepted is an email that has been approved by an approval authority;
前記第 1の判定手段によって承認権限者による承認を要すると判定され、かつ前記 第 2の判定手段によって承認権限者による承認を受けていないと判定された電子メ ールについて、前記承認権限者が操作するコンピュータに前記電子メールの内容を 含む承認要求メールを送信する送信手段と、を備えて!/、て、  For an electronic mail that has been determined by the first determination means to require approval by the approval authority and that has not been approved by the approval authority by the second determination means, the approval authority Transmission means for transmitting an approval request mail including the contents of the e-mail to a computer to be operated! /,
前記第 2の判定手段にお 、ては、前記電子メールに前記承認権限者による承認を 受けたことを示す前記コンピュータにおいて前記電子メールの内容の少なくとも一部 のダイジェストから生成されたパスワードが含まれて 、て、かつ前記パスワードが前記 電子メールの内容の少なくとも一部のダイジェストから生成されるパスワードと一致す る場合には、前記電子メールが承認権限者による承認を受けた電子メールであると 判定すること  The second determination means includes a password generated from a digest of at least a part of the contents of the e-mail in the computer indicating that the e-mail has been approved by the approval authority. If the password matches a password generated from a digest of at least a part of the content of the e-mail, it is determined that the e-mail is an e-mail approved by an approval authority. To do
を特徴とする電子メール送信装置。  An e-mail transmission device characterized by the above.
[9] 承認権限者による承認を要しな ヽと判定された電子メール、又は承認権限者による 承認を要すると判定されたが承認権限者による承認を受けていると判定された電子メ ールを、前記電子メールに指定された宛先に送信する第 2の送信手段を備えること を特徴とする請求項 8記載の電子メール送信装置。 [9] E-mail that is determined not to require approval by the approval authority, or e-mail that is determined to require approval by the approval authority but is approved by the approval authority 9. The e-mail transmission device according to claim 8, further comprising: a second transmission unit that transmits the e-mail to a destination specified in the e-mail.
[10] 前記第 1の判定手段、又は前記第 2の判定手段において受け付ける電子メールの 送信指示は、電子メール送受信プログラムの送信トレイに新たな電子メールが検出さ れたこと、又は Webブラウザにお 、て電子メールの送信処理が実行されたことによつ て電子メールの送信指示を検出すること [10] The e-mail transmission instruction accepted by the first determination means or the second determination means is that a new e-mail is detected in the transmission tray of the e-mail transmission / reception program or the web browser Detecting an e-mail transmission instruction when e-mail transmission processing is executed
を特徴とする請求項 8又は 9記載の電子メール送信装置。 10. The e-mail transmission device according to claim 8 or 9, wherein:
[11] 所定の条件に該当する電子メールについて承認権限者による承認を受けた電子メ ールのみの送信を可能にするための電子メール承認装置であって、 [11] An e-mail approval device for enabling transmission of only e-mail that has been approved by an approval authority for e-mail that satisfies a predetermined condition,
電子メールの送信者が操作するコンピュータより、前記コンピュータで承認権限者に よる承認を要すると判定された電子メールの内容を含む承認要求メールを受信する 受信手段と、  Receiving means for receiving from the computer operated by the sender of the e-mail an approval request e-mail including the contents of the e-mail that is determined to require approval by the approval authority by the computer;
前記承認権限者による前記電子メールの内容の確認結果を受け付ける受付手段と、 前記確認結果が前記電子メールの送信を承認するものである場合には、前記電子メ ールの内容の少なくとも一部のダイジェストから前記承認権限者による承認を受けた ことを示すパスワードを生成する生成手段と、  Accepting means for receiving the confirmation result of the content of the email by the approval authority, and when the confirmation result approves the transmission of the email, at least a part of the content of the email Generating means for generating a password indicating that the approval is received from the digest by the approval authority;
前記電子メールの送信承認を通知するための前記ノ スワードを含む送信承認メール を前記コンピュータに送信する送信手段と、を備えていて、  Transmission means for transmitting a transmission approval mail including the password for notifying the transmission approval of the e-mail to the computer,
前記送信承認メールを受信した前記コンピュータは、前記承認権限者の承認を要す る電子メールの送信指示を受け付けると、前記電子メールに前記パスワードが含まれ ていて、かつ前記パスワードが前記電子メールの内容の少なくとも一部のダイジェスト 力も生成されるノ スワードと一致する場合には前記電子メールが承認権限者による 承認を受けた電子メールであると判定し、前記電子メールに指定された宛先に前記 電子メールを送信すること  When the computer that has received the transmission approval mail receives an instruction to send an e-mail that requires the approval of the approval authority, the e-mail includes the password, and the password is the e-mail of the e-mail. If the digest power of at least part of the content also matches the generated password, it is determined that the e-mail is an e-mail approved by an approval authority, and the e-mail is sent to the destination specified in the e-mail. Sending an email
を特徴とする電子メール承認装置。  E-mail approval device characterized by.
[12] 所定の条件に該当する電子メールについて承認権限者による承認を受けた電子メ ールのみの送信を可能にするための、電子メールの送信者が操作する第 1のコンビ ユータと前記電子メールの承認権限者が操作する第 2のコンピュータ力 なる電子メ ール送信システムであって、 [12] The first computer operated by the sender of the e-mail and the e-mail to enable transmission of only the e-mail that has been approved by the approval authority for the e-mail that satisfies the predetermined condition. A second computer-powered e-mail transmission system operated by an email approval authority,
前記第 1のコンピュータは、  The first computer is
送信指示を受け付けた電子メールが承認権限者による承認を要する電子メールであ るかを判定する第 1の判定手段と、  A first determination means for determining whether an e-mail that has received a transmission instruction is an e-mail that requires approval by an approval authority;
送信指示を受け付けた電子メールが承認権限者による承認を受けた電子メールであ るかを判定する第 2の判定手段と、  A second determination means for determining whether the email for which the transmission instruction has been accepted is an email that has been approved by an approval authority;
前記第 1の判定手段によって承認権限者による承認を要すると判定され、かつ前記 第 2の判定手段によって承認権限者による承認を受けていないと判定された電子メ ールについて、前記承認権限者が操作する第 2のコンピュータに前記電子メールの 内容を含む承認要求メールを送信する送信手段と、を備えて ヽて、 It is determined by the first determination means that approval by an approval authority is required, and the Sends an approval request mail including the contents of the e-mail to the second computer operated by the approval authority for the e-mail that is determined not to be approved by the approval authority by the second determination means. A transmission means, and
前記第 2のコンピュータは、  The second computer is
前記承認要求メールを受信する受信手段と、前記承認権限者による前記電子メール の内容の確認結果を受け付ける受付手段と、  Receiving means for receiving the approval request mail; receiving means for receiving a confirmation result of the content of the e-mail by the approval authority;
前記確認結果が前記電子メールの送信を承認するものである場合には、前記電子メ ールの内容の少なくとも一部のダイジェストから前記承認権限者による承認を受けた ことを示すパスワードを生成する生成手段と、  If the confirmation result approves the transmission of the e-mail, generate a password indicating approval from the approval authority from at least a part of the content of the e-mail Means,
前記パスワードを含む送信承認メールを前記第 1のコンピュータに送信する送信手 段と、を備えていて、  A transmission means for transmitting a transmission approval mail including the password to the first computer,
前記第 1のコンピュータに備えられた第 2の判定手段は、前記電子メールに前記パス ワードが含まれていて、かつ前記パスワードが前記電子メールの内容の少なくとも一 部のダイジェストから生成されるパスワードと一致する場合には前記電子メールが承 認権限者による承認を受けた電子メールであると判定すること  The second determination means provided in the first computer includes a password that includes the password in the email and the password is generated from a digest of at least a part of the content of the email. If they match, it is determined that the email is an email that has been approved by an authorized person.
を特徴とする電子メール送信システム。  E-mail transmission system characterized by
[13] 前記第 1のコンピュータは、承認権限者による承認を要しないと判定された電子メ ール、又は承認権限者による承認を要すると判定されたが承認権限者による承認を 受けて!/ヽると判定された電子メールを、前記電子メールに指定された宛先に送信す る第 2の送信手段を備えること [13] The first computer is determined not to require approval by the approval authority, or is determined to require approval by the approval authority but is approved by the approval authority! / A second sending means for sending the e-mail determined to be sent to the destination specified in the e-mail;
を特徴とする請求項 12記載の電子メール送信システム。  13. The e-mail transmission system according to claim 12.
[14] 前記第 1のコンピュータに備えられた前記第 1の判定手段、又は前記第 2の判定手 段にお!、て受け付ける電子メールの送信指示は、電子メール送受信プログラムの送 信トレイに新たな電子メールが検出されたこと、又は Webブラウザにお 、て電子メー ルの送信送信処理が実行されたことによって電子メールの送信指示を検出すること を特徴とする請求項 12又は 13記載の電子メール送信システム。 [14] An e-mail transmission instruction accepted by the first determination means or the second determination means provided in the first computer is newly added to the transmission tray of the e-mail transmission / reception program. 14. The electronic mail transmission instruction according to claim 12 or 13, wherein an electronic mail transmission instruction is detected when a simple electronic mail is detected or an e-mail transmission / transmission process is executed in a web browser. Email sending system.
PCT/JP2004/017876 2004-12-01 2004-12-01 Electronic mail sending method, electronic mail sending program, electronic mail approving program, electronic mail sending device, and electronic mail approving/sending system WO2006059383A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
PCT/JP2004/017876 WO2006059383A1 (en) 2004-12-01 2004-12-01 Electronic mail sending method, electronic mail sending program, electronic mail approving program, electronic mail sending device, and electronic mail approving/sending system
JP2006515529A JPWO2006059383A1 (en) 2004-12-01 2004-12-01 E-mail transmission method, e-mail transmission program, e-mail approval program, e-mail transmission apparatus, e-mail approval apparatus, and e-mail transmission system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/JP2004/017876 WO2006059383A1 (en) 2004-12-01 2004-12-01 Electronic mail sending method, electronic mail sending program, electronic mail approving program, electronic mail sending device, and electronic mail approving/sending system

Publications (1)

Publication Number Publication Date
WO2006059383A1 true WO2006059383A1 (en) 2006-06-08

Family

ID=36564827

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2004/017876 WO2006059383A1 (en) 2004-12-01 2004-12-01 Electronic mail sending method, electronic mail sending program, electronic mail approving program, electronic mail sending device, and electronic mail approving/sending system

Country Status (2)

Country Link
JP (1) JPWO2006059383A1 (en)
WO (1) WO2006059383A1 (en)

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2008027424A (en) * 2006-06-21 2008-02-07 Sharp Corp Data transmitter/receiver, server device, data transmission/reception system and method for controlling them, and control program and computer readable recording medium recorded with the same
JP2008242919A (en) * 2007-03-28 2008-10-09 Japan Research Institute Ltd Electronic mail erroneous transmission prevention system, electronic mail erroneous transmission prevention method and electronic mail errorneous transmission prevention program
JP2008250983A (en) * 2007-03-05 2008-10-16 Yahoo Japan Corp Transmission content monitoring device
WO2010050108A1 (en) * 2008-10-31 2010-05-06 パナソニック株式会社 Device, method, and program for providing mail function
US8224908B2 (en) 2007-12-28 2012-07-17 Canon Kabushiki Kaisha Information processing system, E-mail transmission control apparatus, information processing method and program
JP2012169778A (en) * 2011-02-10 2012-09-06 Fujitsu Broad Solution & Consulting Inc Encryption processing program, encryption processor, and encryption processing method
JP2014186666A (en) * 2013-03-25 2014-10-02 Fujitsu Ltd Mail processing program, mail processing method, and mail processing device

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2002217980A (en) * 2001-01-17 2002-08-02 Mitsubishi Electric Corp Devices and methods, for relaying data, sending data, and approving sending
JP2002288087A (en) * 2001-03-23 2002-10-04 Humming Heads Inc Information processor and method therefor, information processing system and control method thereof, and program

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2002217980A (en) * 2001-01-17 2002-08-02 Mitsubishi Electric Corp Devices and methods, for relaying data, sending data, and approving sending
JP2002288087A (en) * 2001-03-23 2002-10-04 Humming Heads Inc Information processor and method therefor, information processing system and control method thereof, and program

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2008027424A (en) * 2006-06-21 2008-02-07 Sharp Corp Data transmitter/receiver, server device, data transmission/reception system and method for controlling them, and control program and computer readable recording medium recorded with the same
JP2008250983A (en) * 2007-03-05 2008-10-16 Yahoo Japan Corp Transmission content monitoring device
JP2008242919A (en) * 2007-03-28 2008-10-09 Japan Research Institute Ltd Electronic mail erroneous transmission prevention system, electronic mail erroneous transmission prevention method and electronic mail errorneous transmission prevention program
US8224908B2 (en) 2007-12-28 2012-07-17 Canon Kabushiki Kaisha Information processing system, E-mail transmission control apparatus, information processing method and program
WO2010050108A1 (en) * 2008-10-31 2010-05-06 パナソニック株式会社 Device, method, and program for providing mail function
JP2012169778A (en) * 2011-02-10 2012-09-06 Fujitsu Broad Solution & Consulting Inc Encryption processing program, encryption processor, and encryption processing method
JP2014186666A (en) * 2013-03-25 2014-10-02 Fujitsu Ltd Mail processing program, mail processing method, and mail processing device

Also Published As

Publication number Publication date
JPWO2006059383A1 (en) 2008-06-05

Similar Documents

Publication Publication Date Title
US7487213B2 (en) Techniques for authenticating email
US7422115B2 (en) Techniques for to defeat phishing
AU2006208324B2 (en) Securing computer network interactions between entities with authorization assurances
CN102227734B (en) Client computer for protecting confidential file, server computer therefor, method therefor
US7743413B2 (en) Client apparatus, server apparatus and authority control method
JP4703333B2 (en) E-mail processing program
US20060053293A1 (en) User interface and anti-phishing functions for an anti-spam micropayments system
KR101387600B1 (en) Electronic file sending method
JP2011501578A (en) Method and system for indicating the reliability of secure communications
JP2007524878A (en) Adaptive transparent encryption
US20030237005A1 (en) Method and system for protecting digital objects distributed over a network by electronic mail
JPWO2007052342A1 (en) Information preservation program, information preservation method and information preservation system
JP2007102334A (en) System, method and computer program for preventing information leakage by e-mail
JP3749129B2 (en) E-mail system, e-mail transmission control method, and relay apparatus
JP2007133475A (en) Mail document management system and method, and program therefor
JP4471129B2 (en) Document management system, document management method, document management server, work terminal, and program
WO2006059383A1 (en) Electronic mail sending method, electronic mail sending program, electronic mail approving program, electronic mail sending device, and electronic mail approving/sending system
JP3994657B2 (en) Service provision system
CN113098899B (en) Intangible asset protection method, device and computer readable medium
CN111291366B (en) Secure middleware system
WO2003079165A2 (en) Ensuring policy enforcement before allowing usage of private key
JP2008269544A (en) Using object information management device, using object information management method, and program therefor
WO2008040996A2 (en) Personal electronic device security
JP2002207694A (en) Information transfer tracking device, personal information management system and method and recording medium having program recorded thereon
JP4164069B2 (en) E-mail device, e-mail system, and e-mail transmission method

Legal Events

Date Code Title Description
WWE Wipo information: entry into national phase

Ref document number: 2006515529

Country of ref document: JP

AK Designated states

Kind code of ref document: A1

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BW BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE EG ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NA NI NO NZ OM PG PH PL PT RO RU SC SD SE SG SK SL SY TJ TM TN TR TT TZ UA UG US UZ VC VN YU ZA ZM ZW

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): BW GH GM KE LS MW MZ NA SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IS IT LT LU MC NL PL PT RO SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 04822482

Country of ref document: EP

Kind code of ref document: A1

WWW Wipo information: withdrawn in national office

Ref document number: 4822482

Country of ref document: EP