WO2008004064A1 - Proxy server - Google Patents

Proxy server Download PDF

Info

Publication number
WO2008004064A1
WO2008004064A1 PCT/IB2007/001785 IB2007001785W WO2008004064A1 WO 2008004064 A1 WO2008004064 A1 WO 2008004064A1 IB 2007001785 W IB2007001785 W IB 2007001785W WO 2008004064 A1 WO2008004064 A1 WO 2008004064A1
Authority
WO
WIPO (PCT)
Prior art keywords
proxy
client
data
server
external
Prior art date
Application number
PCT/IB2007/001785
Other languages
French (fr)
Inventor
Mark Crispin Webb-Johnson
Original Assignee
Network Box Corporation Limited
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from AU2006903548A external-priority patent/AU2006903548A0/en
Application filed by Network Box Corporation Limited filed Critical Network Box Corporation Limited
Priority to CN200780024502.6A priority Critical patent/CN101529399B/en
Priority to AU2007270872A priority patent/AU2007270872B2/en
Priority to EP07766595A priority patent/EP2035939A4/en
Publication of WO2008004064A1 publication Critical patent/WO2008004064A1/en
Priority to US12/341,837 priority patent/US8365270B2/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L51/00User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail
    • H04L51/42Mailbox-related aspects, e.g. synchronisation of mailboxes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L51/00User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail
    • H04L51/21Monitoring or handling of messages
    • H04L51/212Monitoring or handling of messages using filtering or selective blocking

Definitions

  • the present invention relates to a proxy server for downloading one or more data files from an external server.
  • a user may have a computer which connects via a local network (e.g. a LAN or WAN) and a local network server to the Internet.
  • the local network server may provide only a connection to the Internet without other services such as email or firewalls.
  • email files e.g. using the POP3 protocol
  • Web documents e.g. using RSS feeds.
  • the user may also wish to access the external server via an alternate Internet connection; for example, the local network server may provide Internet access in the user's workplace, while an Internet Service Provider (ISP) may provide Internet access in the user's home.
  • ISP Internet Service Provider
  • a problem associated with the above-described situation is that, when the local server (e.g. in the workplace) has a slow Internet connection, it may take a long time for a user to access files on the external server.
  • a second problem is that the local server (e.g. in the workplace) may cause further time delays when filtering incoming data for 'malware': e.g. SPAM, computer viruses, Trojan horses and worms.
  • the email protocol 'POP3' is an example of a protocol used by a client to access content data on the external server for instant or subsequent use by the user, when the content data has been delivered to the server asynchronously from the user's access to the server.
  • This type of asynchronous content delivery is different from other transport protocols.
  • POP3 is not used for email transport from server to server; POP3 is used after the mail transport system has delivered a message to a user's mailbox (on the external server), asynchronously from the client's access to the mailbox.
  • POP3 is used by a user's mail client, or 'Mail User Agent 1 (MUA). Examples of such clients to retrieve email from a server-resident mailbox include Outlook by Microsoft Corporation and Mail by Apple Computer, Inc.
  • POP3 may access their mailboxes using POP3 in a LAN at their workplace, they may also do so outside that environment.
  • Users who use POP3 both via a local network and via an alternate Internet provider may include sales staff on the road, executives accessing corporate mailboxes from home, and staff in a small company using email mailboxes on an external server. The access delay problems apply to both situations.
  • a proxy server for downloading a data file for a client, including: a download module for downloading the data file for the client from an external server over a network, based on profile data associated with said client and stored on the proxy server; a memory module for storing said profile data and said data file; and a transfer module for transferring the data file to said client when requested by said client.
  • the present invention also provides a proxy process, including: storing profile data associated with a client; downloading a data file for the client from an external server over a network, using the stored profile data; storing said data file; and transferring the data file to said client when requested by said client
  • Figure 1 is an arrangement of components, including a proxy server configured according to a preferred embodiment of the present invention
  • FIG 2 is a schematic diagram of the proxy server in Figure 1;
  • Figure 3 is a flow chart of a data file downloading process performed by the proxy server;
  • Figure 4 is a flow chart of a data file deletion process performed by the proxy server
  • Figure 5 is a flow chart of a data file transfer process between a client and the proxy server
  • Figure 6 is a flow chart of an authentication and deletion process between the client and the proxy server
  • Figure 7 is a flow chart of a process for receiving and validating profile data performed by the proxy server
  • Figure 8 is an arrangement of components including the proxy server, a router and a firewall
  • Figure 9 is an arrangement of components including the proxy server and a router
  • Figure 10 is an arrangement of components showing the proxy server connected to a local network server
  • Figure 11 is an arrangement of components showing the proxy server between two firewalls
  • Figure 12 is an arrangement of components showing a client connected to a network, not through the proxy server.
  • a proxy server 102 downloads data files from an external server 104 via a communications network 106, such as the Internet.
  • the proxy server 102 stores the data files then transfers them to a client 108 when requested.
  • the data files are content files, such as emails, MP3s, etc, that are delivered to the server asynchronously from the user's access to the server.
  • POP Post Office Protocol
  • POP3 Post Office Protocol version 3
  • it can also be used for other protocols that involve similar asynchronous delivery of content, such as RSS feed documents specified in an XML format and obtained using an aggregator or feed reader, such as that incorporated into the web browsers Firefox and Safari.
  • example data files include email messages, downloaded using the POP3 protocol; an example network 106 is the Internet; and an example client 108 is a Mail User Agent (MUA) running on a standard personal computer device, such as a PC, PDA or Apple Macbook.
  • MUA Mail User Agent
  • the proxy server 102 in the form of a local server on a LAN or WAN is able to download desirable files from the external server 104 via the network 106 and store them, ready for transfer to a client 108 (e.g. a Mail User Agent, MUA) when requested.
  • a client 108 e.g. a Mail User Agent, MUA
  • This is a process of 'pre-downloading 1 , which advantageously allows for files to be downloaded from the external server 104 over a slow Internet connection and stored on the local proxy server 102 before the client 108 requests the files.
  • the stored files may also be 'pre-scanned': i.e. scanned for unwanted content, e.g. computer viruses, while residing on the proxy server 102 and before the files are requested by the client.
  • the proxy server 102 retrieves email from an electronic mailbox on an external server 104 during the night, using the POP3 protocol, scans the email for viruses/SPAM/etc, and then transmits them to a user's MUA when next requested by the MUA.
  • the proxy server 102 includes:
  • a transfer module for transferring to a client in the form of an internal proxy 208 and a local network connector 210.
  • the proxy server 102 can be implemented using a number of different hardware and/or software components.
  • the server 102 may include a standard computer server, such as produced by IBM Corporation or Apple, Inc., with network cards to provide the network connectors 202 and 210, and computer program code, written in a language such as C++ or Perl that runs on an operating system (such as Unix, Linux or Mac OS X), to define and provide the external proxy 202 and the internal proxy 208.
  • a database server (such as MySQL) can be used to maintain and provide the data stores 206 and 212.
  • the components may be separated, for example by providing separate data stores 206 and 212, and the external proxy 202 and the internal proxy 206 may be provided by separate hardware machines.
  • dedicated hardware circuits such as ASICs or FPGAs, can be employed to replace at least part of the computer code and perform the same processes as the code at faster processing speeds.
  • the proxy server 102 is advantageously a transparent proxy, i.e. the external proxy 204 acts as a client to the external server 104, and the internal proxy 208 acts as a server for the client 108.
  • the external server 104 and the client 108 communicate with the proxy server 102 in a similar manner (e.g. using the same protocols and identification data) as if the proxy server 102 were not there (i.e. as if the client 108 were communicating directly with the external server 104 via the network 106).
  • the authentication data store 212 stores profile data for the client 108.
  • the profile data includes a username, password and an address of the external server 104 on the network 106.
  • the authentication data store 212 may store the Internet address of an external server 104 in the form of an email server connected to the Internet, plus the username and password to allow email messages to be downloaded from the email server by the external proxy 204; in this way, the external proxy 204 is able to act as a mail client from the perspective of external server 104.
  • the external proxy 204 downloads data from the external server 104 and deposits it in the intermediate data store 206 using a download process as shown in Figure 3.
  • the external proxy 204 commences, at step 302, by establishing a connection to the external server 104, via external network connector 202 and network 106. Once a connection is established, at step 304 the external proxy 204 sends profile data in the form of authentication data to the external server 104. The external server 104 then sends at least a portion of a data file to the external proxy 204; the portion of the data file sent is selected by the external server 104 based on information, including the profile data of one client 108, provided by the external proxy 204. At step 306 the external proxy 204 receives at least the header details of a data file.
  • the external proxy 204 then commences downloading of the data file at step 308 and performs security filtering on the file at step 310; if the data file is not found to be acceptable by the security filtering (e.g. if the data file contains computer viruses or SPAM), as tested at step 312, the data file is quarantined, modified or deleted at step 314. If the data file is acceptable at step 312, it is stored in the intermediate data store 206 at step 316.
  • the external proxy checks to see if there are any remaining data files corresponding to the profile data of the client 108 still to be downloaded from external server 104. If further data files remain to be downloaded, the header of the next data file to be downloaded is received by the external proxy 204 at a repetition of step 306. If no remaining data files are to be downloaded, as tested at step 318, the external proxy 204 disconnects from the external server 104 at step 320.
  • the external proxy 204 provides security-related filtering to quarantine, modify or remove data files that are unwanted, e.g. infected with computer viruses or likely to be SPAM files. Since the client 108 accesses only the intermediate data store 206, artefacts created by the security filtering are not visible to the client 108, thus there is no need for the substitution of 'place-holder' data files for unwanted data files when they are removed.
  • the external proxy 204 operates asynchronously from the internal proxy 208, preferably accessing the external server 104 and updating the intermediate data store 206 even when the client 108 is not present.
  • the external proxy 204 may download and scan files periodically (e.g. hourly), or when other conditions arise (e.g. when traffic congestion on the network 106 is low). The download is performed based on timing data stored on the proxy server by the memory module that defines or provides a basis for the asynchronous download.
  • the timing data can be client specific and stored as part of the client profile data.
  • the external proxy 204 deletes data files in the intermediate data store 206 that have been marked for deletion by the internal proxy 208, but only after the corresponding data files have been deleted from the external server 104.
  • the external proxy 204 connects to external server 104 and accesses data files that correspond to profile data in a form of authentication data stored in proxy server 102 (steps 402 and 404).
  • the external proxy 204 requests, at step 406, deletion of all messages on the external server 104 that have been copied to the intermediate data store 206 in the file downloading process described above with reference to Figure 3.
  • the external proxy 204 subsequently disconnects from external server 104 at step 408.
  • the external proxy 204 deletes all messages in the intermediate data store 206 that have been flagged for deletion by the internal proxy 208, due to communication with the client 108 (described further below), at step 410.
  • the internal proxy 208 performs a data file transfer process, as shown in Figure 5, which commences when the client 108 connects to the internal proxy 208 at step 502.
  • the client 108 at step 504, directs the internal proxy 208 to download one or more files from the intermediate data store 206 that have already been pre-downloaded, and pre-scanned, by the external proxy 204.
  • the internal proxy 208 also performs a file deletion as shown in Figure 6.
  • the client 108 connects to internal proxy 208 at step 602, and the client is authenticated against profile data stored in authentication data store 212 by internal proxy 208 at step 604. Once authenticated, the client may flag data files stored in the intermediate data store 206 for deletion at step 606, and disconnect at step 608. Once flagged for deletion, the data files in intermediate data store 206 remain to be deleted by the external proxy 204 using the data file deletion process described above with reference to Figure 4.
  • the proxy server 102 When a client 108 requests transfer of a data file, the proxy server 102 performs a process for validating the profile data as shown in Figure 7.
  • the client 108 presents profile data to the internal proxy 208 at step 702, including for example a username, password and/or an external server address.
  • the internal proxy 208 receives user profile data in the form of authentication data from the client 108.
  • the internal proxy sends this user profile data to the external proxy 204 at step 704.
  • the external proxy 204 then connects to external server 104 at step 706, sends the profile data at step 708 and tests whether the profile data is valid at step 710.
  • the proxy server 102 performs an error handling procedure at step 712; which may result in the client 108 receiving a message that the intermediate data store 206 contains no new data files. If, on the on the other hand, the profile data is found to be valid, the external proxy 204 stores the profile data in the authentication data store 212 at step 714, and disconnects from external server 104 at step 716.
  • the local network including the proxy server 102 may be configured as shown in Figures 1, 8, 9, 10 and 11.
  • Figure 8 shows the proxy server 102 may be connected to network 106 through a router 802, and connected to one or more clients 108 through a network firewall 804.
  • the proxy server 102 may be connected directly to one or more clients 108 without the use of a firewall; or as shown in Figure 11, the proxy server 102 may be between a first firewall 804 and a second firewall 1102.
  • the one or more clients 108 may be connected to the network 106 via a local network server 1002, and the proxy server 102 may communicate with the client 108 and the external server 104 through the local network server 1002.
  • Other arrangements will also be apparent to those skilled in the art.
  • the client 108 may also access the external server 104 directly via the network 106, as shown in Figure 12, e.g. by connecting a laptop computer through a private ISP in the user's home.
  • the proxy server 102 is unaware of data files being downloaded from external server 104 to client 108, or of changes in the client profile data (e.g. the user's password).
  • a client 108 changes its profile data on external server 104 between sessions with the internal proxy 102 (e.g. by accessing the external server 104 directly), the external proxy 204 will subsequently be unable to access the external server 104 as the profile data stored on the proxy server 102 will not change; the profile data on the proxy server 102 will only be updated when the client 108 next establishes a session with the internal proxy 208 and provides the new profile data.
  • the profile data is updated, any data files on the external server 104 corresponding to the updated profile data (e.g.
  • the client 108 may also delete data files on the external server 104 when accessing it directly; for example, a client 108 may delete email messages from an external server 104 in the form of an email server.
  • the external proxy 204 will discover that a data file has been deleted from the external server 104 when it performs the next downloading procedure (described above with reference to Figure 3); if a data file has been deleted from the external server 104 but still remains in the intermediate data store 206, the external proxy 204 will delete the data file in the intermediate data store 206.
  • the client 108 is not able to access the intermediate data store 206 until changed profile data (e.g. authentication data) has been verified by access to the external server 104; access to the external server
  • the internal proxy 208 has a similar Transaction State to a normal POP3 server, but has different processing for the Authorization State and the Update State, described in RPC 1939 and in the Appendix.
  • the internal proxy 208 tests profile data, in the form of client- provided authentication tokens, against the external server 104, and — if correct — stores them for later use in the authentication data store 212, before the proxy 102 disconnects from the external server 104 and the internal proxy 208 resumes normal operation as a POP3 server (i.e. serving data from the intermediate data store 206).
  • a POP3 server i.e. serving data from the intermediate data store 206.
  • the internal proxy 208 simply does not implement parts of the Update State processing of a POP3 server: although it marks messages for deletion, it never actually carries out this deletion. Deletion is carried out by the external proxy 204.
  • the address of the external server 104 may be fixed as far as the network 106 is concerned, but in a number of instances, the network address, particularly the IP address may change, for example if the external server is part of a farm of servers of an Internet service provider.
  • the proxy server 102 may perform an identification or classification process as described in the patent specification of the International (PCT) patent application entitled "A system for classifying an Internet protocol address” filed by the Applicant on the same day as this application (and which is herein incorporated by reference).
  • the POP3 protocol supports a number of commands and a number of states.
  • the server host starts the POP3 service by listening on TCP port 110.
  • a client wishes to open a session, it communicates with the server on TCP port 110.
  • the POP3 server sends a greeting.
  • the client and POP3 server then exchange commands and responses (respectively) until the connection is closed or aborted.
  • Commands in POP3 consist of the following case-insensitive keywords, followed in some cases by one or more arguments:
  • the server replies with a status indicator and a keyword, possibly followed by additional information.
  • the possible status indicators are "+OK” or "-ERR”, which must be sent in upper case.
  • any text following "+OK” or "-ERR” may be ignored by the client.
  • a P0P3 session may be in a number of states during its lifetime. It begins in the AUTHORIZATION state. The client identifies itself to the P0P3 server. Once the client has successfully done this, the server attempts to acquire resources associated with the client's mailbox (typically to lock it), and if this is successful, the session enters the TRANSACTION state.
  • the client requests actions on the part of the POP3 server.
  • the session enters the UPDATE state.
  • the P0P3 server releases any resources acquired during the TRANSACTION state and says goodbye. The connection is then closed.
  • the server When the TCP connection is initially opened by a P0P3 client, the server issues a one line greeting. This can be any positive response. An example might be a banner greeting such as:
  • the P0P3 session is now in the AUTHORIZATION state.
  • the client must now identify and authenticate itself to the POP3 server. There are two possible mechanisms for doing this:
  • the APOP command is an optional command: it is not required of P0P3 servers and is not supported by the present invention.
  • the P0P3 session enters the TRANSACTION state. If authorization or mailbox locking fails, the server responds with a negative status indicator, and at that point either the server or the client may close the connection. If the server does not do so, the client may choose to attempt authentication again.
  • the server When the server opens the mailbox, it assigns a message-number (starting with 1) to each message, and notes the size of each message in octets. These message numbers are later used by the client. Note also that at this point no messages are marked as deleted.
  • the client may issue any of the commands that are valid for that state, repeatedly. After each command, the server issues a response. Eventually, the client issues the QUIT command and the POP3 session enters the UPDATE state.
  • the P0P3 server issues a positive response consisting of "+OK" followed by a single space, the total number of messages in the mailbox, a single space, and the total size of the mailbox in octets. Messages marked as deleted are not counted in either total.
  • the client sends the LIST command with or without a message number. If given, the message number must refer to an undeleted message.
  • the server response with a line for each undeleted message in the mailbox.
  • the server responds with the details for that message or with a negative response if that message is invalid.
  • the client sends the RETR command followed by a message number, which must identify a non-deleted message.
  • the POP3 server either issues a negative response or a positive response consisting of "+OK" followed by a multi-line response containing the text of the email message referred to by the message number.
  • the client sends the DELE command followed by a message number, which must identify a non-deleted message.
  • the P0P3 server either issues a negative response or marks the message as deleted, and issues a positive response consisting of "+OK". Note that the P0P3 server does not actually delete the message until the P0P3 session enters the UPDATE state.
  • the client sends the NOOP command without arguments; the server replies with a positive response.
  • the client sends the RSET command without arguments.
  • the server which must identify a non-deleted message.
  • the P0P3 server either issues a negative response or a positive response consisting of "+OK" followed by a single space, the total number of messages in the mailbox, a single space, and the total size of the mailbox in octets. Messages marked as deleted are not counted in either total.
  • the P0P3 session enters the UPDATE state.
  • the P0P3 server removes all messages marked as deleted from the mailbox and replies as to the status of this operation. If there is an error, such as a resource shortage, encountered while removing messages, this may result in the mailbox having some or all of the messages marked as deleted not removed. The server must never remove any messages not marked as deleted. Whether the removal was successful or not, the server then releases any exclusive-access lock on the mailbox and closes the TCP connection.
  • the client sends the TOP command with two arguments: a message number and n, a number of lines.
  • the server replies with a negative response or with a positive response and the first n lines of the message. If there are fewer than n lines in the message this is not an error, and the entire message is sent.
  • the client sends the UIDL command with an optional argument: a message number that must not refer to a deleted message.
  • the server replies with a negative response in the case of an error.
  • the server responds with a unique ID string for the corresponding message. If an argument is not given, the server responds with a multi-line response including a line for each message that has not been marked as deleted, each line containing the message number and the unique ID string for the message.
  • the unique-id of a message is an arbitrary server-determined string, consisting of one to 70 characters in the range 0x21 to 0x7E, which uniquely identifies a message within a mailbox and which persists across sessions. This persistence is required even if a session ends without entering the UPDATE state.
  • the server should never reuse an unique-id in a given mailbox, for as long as the entity using the unique-id exists.

Abstract

A proxy server (102) for downloading a data file for a client (108), such as an email client or web browser, includes: an external proxy (204) for downloading the data file for the client (108) from an external server (104) over a network (106), based on the profile data associated with the client (108) stored on the proxy server (102); a memory module for storing the data file; and an internal proxy (208) for transferring the data file to the client (108) when requested by the client (108). The external proxy (204) operates asynchronously with the internal proxy (208), and the proxy server (102) operate transparently with respect to the client (108).

Description

PROXY SERVER
FIELD
The present invention relates to a proxy server for downloading one or more data files from an external server.
BACKGROUND
In a networked computing environment, a user may have a computer which connects via a local network (e.g. a LAN or WAN) and a local network server to the Internet. In some environments, the local network server may provide only a connection to the Internet without other services such as email or firewalls. For example, when a user first establishes a local network and wishes to connect to the Internet, only the most basic connection will be required. The user may then access an external server, via the Internet, and send and retrieve files, including email files (e.g. using the POP3 protocol), or Web documents (e.g. using RSS feeds). The user may also wish to access the external server via an alternate Internet connection; for example, the local network server may provide Internet access in the user's workplace, while an Internet Service Provider (ISP) may provide Internet access in the user's home.
One problem associated with the above-described situation is that, when the local server (e.g. in the workplace) has a slow Internet connection, it may take a long time for a user to access files on the external server. A second problem is that the local server (e.g. in the workplace) may cause further time delays when filtering incoming data for 'malware': e.g. SPAM, computer viruses, Trojan horses and worms.
The email protocol 'POP3' is an example of a protocol used by a client to access content data on the external server for instant or subsequent use by the user, when the content data has been delivered to the server asynchronously from the user's access to the server. This type of asynchronous content delivery is different from other transport protocols. POP3 is not used for email transport from server to server; POP3 is used after the mail transport system has delivered a message to a user's mailbox (on the external server), asynchronously from the client's access to the mailbox. POP3 is used by a user's mail client, or 'Mail User Agent1 (MUA). Examples of such clients to retrieve email from a server-resident mailbox include Outlook by Microsoft Corporation and Mail by Apple Computer, Inc.
Although users may access their mailboxes using POP3 in a LAN at their workplace, they may also do so outside that environment. Users who use POP3 both via a local network and via an alternate Internet provider may include sales staff on the road, executives accessing corporate mailboxes from home, and staff in a small company using email mailboxes on an external server. The access delay problems apply to both situations.
It is desired to address the above, or at least provide a useful alternative.
SUMMARY
In accordance with the present invention, there is provided a proxy server for downloading a data file for a client, including: a download module for downloading the data file for the client from an external server over a network, based on profile data associated with said client and stored on the proxy server; a memory module for storing said profile data and said data file; and a transfer module for transferring the data file to said client when requested by said client.
The present invention also provides a proxy process, including: storing profile data associated with a client; downloading a data file for the client from an external server over a network, using the stored profile data; storing said data file; and transferring the data file to said client when requested by said client
DESCRIPTION OF THE DRAWINGS
Preferred embodiments of the present invention are hereinafter described, by way of example only, with reference to the accompanying drawings in which:
Figure 1 is an arrangement of components, including a proxy server configured according to a preferred embodiment of the present invention;
Figure 2 is a schematic diagram of the proxy server in Figure 1; Figure 3 is a flow chart of a data file downloading process performed by the proxy server;
Figure 4 is a flow chart of a data file deletion process performed by the proxy server;
Figure 5 is a flow chart of a data file transfer process between a client and the proxy server;
Figure 6 is a flow chart of an authentication and deletion process between the client and the proxy server;
Figure 7 is a flow chart of a process for receiving and validating profile data performed by the proxy server; Figure 8 is an arrangement of components including the proxy server, a router and a firewall;
Figure 9 is an arrangement of components including the proxy server and a router; Figure 10 is an arrangement of components showing the proxy server connected to a local network server; and Figure 11 is an arrangement of components showing the proxy server between two firewalls;
Figure 12 is an arrangement of components showing a client connected to a network, not through the proxy server. DETAILED DESCRIPTION OF PREFERRED EMBODIMENTS
A proxy server 102, as shown in Figure 1, downloads data files from an external server 104 via a communications network 106, such as the Internet. The proxy server 102 stores the data files then transfers them to a client 108 when requested. The data files are content files, such as emails, MP3s, etc, that are delivered to the server asynchronously from the user's access to the server. The following describes the proxy server 102 with reference to accelerating the Post Office Protocol (POP) version 3 (POP3), but it can also be used for other protocols that involve similar asynchronous delivery of content, such as RSS feed documents specified in an XML format and obtained using an aggregator or feed reader, such as that incorporated into the web browsers Firefox and Safari. For the purposes of this description, example data files include email messages, downloaded using the POP3 protocol; an example network 106 is the Internet; and an example client 108 is a Mail User Agent (MUA) running on a standard personal computer device, such as a PC, PDA or Apple Macbook. The POP3 protocol is discussed in RFC 1939
(http://www.ietf.org/rfc/rfcl939.txf) and is outlined in the accompanying Appendix.
The proxy server 102, in the form of a local server on a LAN or WAN is able to download desirable files from the external server 104 via the network 106 and store them, ready for transfer to a client 108 (e.g. a Mail User Agent, MUA) when requested. This is a process of 'pre-downloading1, which advantageously allows for files to be downloaded from the external server 104 over a slow Internet connection and stored on the local proxy server 102 before the client 108 requests the files. The stored files may also be 'pre-scanned': i.e. scanned for unwanted content, e.g. computer viruses, while residing on the proxy server 102 and before the files are requested by the client. Finally, the files may transferred rapidly over the local network when requested by the client 108. In one example application, the proxy server 102 retrieves email from an electronic mailbox on an external server 104 during the night, using the POP3 protocol, scans the email for viruses/SPAM/etc, and then transmits them to a user's MUA when next requested by the MUA. The proxy server 102, as shown in Figure 2, includes:
(a) a download module in the form of an external network connector 202 and an external proxy 202;
(b) a memory module in the form of an intermediate data store 206 and an authentication data store 212; and
(c) a transfer module for transferring to a client in the form of an internal proxy 208 and a local network connector 210.
The proxy server 102 can be implemented using a number of different hardware and/or software components. The server 102 may include a standard computer server, such as produced by IBM Corporation or Apple, Inc., with network cards to provide the network connectors 202 and 210, and computer program code, written in a language such as C++ or Perl that runs on an operating system (such as Unix, Linux or Mac OS X), to define and provide the external proxy 202 and the internal proxy 208. A database server (such as MySQL) can be used to maintain and provide the data stores 206 and 212. Alternatively, the components may be separated, for example by providing separate data stores 206 and 212, and the external proxy 202 and the internal proxy 206 may be provided by separate hardware machines. Also, dedicated hardware circuits, such as ASICs or FPGAs, can be employed to replace at least part of the computer code and perform the same processes as the code at faster processing speeds.
The proxy server 102 is advantageously a transparent proxy, i.e. the external proxy 204 acts as a client to the external server 104, and the internal proxy 208 acts as a server for the client 108. The external server 104 and the client 108 communicate with the proxy server 102 in a similar manner (e.g. using the same protocols and identification data) as if the proxy server 102 were not there (i.e. as if the client 108 were communicating directly with the external server 104 via the network 106).
The authentication data store 212 stores profile data for the client 108. The profile data includes a username, password and an address of the external server 104 on the network 106. For example, the authentication data store 212 may store the Internet address of an external server 104 in the form of an email server connected to the Internet, plus the username and password to allow email messages to be downloaded from the email server by the external proxy 204; in this way, the external proxy 204 is able to act as a mail client from the perspective of external server 104.
The external proxy 204 downloads data from the external server 104 and deposits it in the intermediate data store 206 using a download process as shown in Figure 3. The external proxy 204 commences, at step 302, by establishing a connection to the external server 104, via external network connector 202 and network 106. Once a connection is established, at step 304 the external proxy 204 sends profile data in the form of authentication data to the external server 104. The external server 104 then sends at least a portion of a data file to the external proxy 204; the portion of the data file sent is selected by the external server 104 based on information, including the profile data of one client 108, provided by the external proxy 204. At step 306 the external proxy 204 receives at least the header details of a data file. The external proxy 204 then commences downloading of the data file at step 308 and performs security filtering on the file at step 310; if the data file is not found to be acceptable by the security filtering (e.g. if the data file contains computer viruses or SPAM), as tested at step 312, the data file is quarantined, modified or deleted at step 314. If the data file is acceptable at step 312, it is stored in the intermediate data store 206 at step 316. At step 318, the external proxy checks to see if there are any remaining data files corresponding to the profile data of the client 108 still to be downloaded from external server 104. If further data files remain to be downloaded, the header of the next data file to be downloaded is received by the external proxy 204 at a repetition of step 306. If no remaining data files are to be downloaded, as tested at step 318, the external proxy 204 disconnects from the external server 104 at step 320.
At step 312, the external proxy 204 provides security-related filtering to quarantine, modify or remove data files that are unwanted, e.g. infected with computer viruses or likely to be SPAM files. Since the client 108 accesses only the intermediate data store 206, artefacts created by the security filtering are not visible to the client 108, thus there is no need for the substitution of 'place-holder' data files for unwanted data files when they are removed. The external proxy 204 operates asynchronously from the internal proxy 208, preferably accessing the external server 104 and updating the intermediate data store 206 even when the client 108 is not present. The external proxy 204 may download and scan files periodically (e.g. hourly), or when other conditions arise (e.g. when traffic congestion on the network 106 is low). The download is performed based on timing data stored on the proxy server by the memory module that defines or provides a basis for the asynchronous download. The timing data can be client specific and stored as part of the client profile data.
The external proxy 204 deletes data files in the intermediate data store 206 that have been marked for deletion by the internal proxy 208, but only after the corresponding data files have been deleted from the external server 104. In a file deletion process, shown in Figure 4, the external proxy 204 connects to external server 104 and accesses data files that correspond to profile data in a form of authentication data stored in proxy server 102 (steps 402 and 404). After authentication, the external proxy 204 requests, at step 406, deletion of all messages on the external server 104 that have been copied to the intermediate data store 206 in the file downloading process described above with reference to Figure 3. The external proxy 204 subsequently disconnects from external server 104 at step 408. Finally, the external proxy 204 deletes all messages in the intermediate data store 206 that have been flagged for deletion by the internal proxy 208, due to communication with the client 108 (described further below), at step 410.
The internal proxy 208 performs a data file transfer process, as shown in Figure 5, which commences when the client 108 connects to the internal proxy 208 at step 502. The client 108, at step 504, directs the internal proxy 208 to download one or more files from the intermediate data store 206 that have already been pre-downloaded, and pre-scanned, by the external proxy 204.
The internal proxy 208 also performs a file deletion as shown in Figure 6. The client 108 connects to internal proxy 208 at step 602, and the client is authenticated against profile data stored in authentication data store 212 by internal proxy 208 at step 604. Once authenticated, the client may flag data files stored in the intermediate data store 206 for deletion at step 606, and disconnect at step 608. Once flagged for deletion, the data files in intermediate data store 206 remain to be deleted by the external proxy 204 using the data file deletion process described above with reference to Figure 4.
When a client 108 requests transfer of a data file, the proxy server 102 performs a process for validating the profile data as shown in Figure 7. The client 108 presents profile data to the internal proxy 208 at step 702, including for example a username, password and/or an external server address. At step 702, the internal proxy 208 receives user profile data in the form of authentication data from the client 108. The internal proxy sends this user profile data to the external proxy 204 at step 704. To confirm that the user profile data is correct, the external proxy 204 then connects to external server 104 at step 706, sends the profile data at step 708 and tests whether the profile data is valid at step 710. If the profile data is not valid, the proxy server 102 performs an error handling procedure at step 712; which may result in the client 108 receiving a message that the intermediate data store 206 contains no new data files. If, on the on the other hand, the profile data is found to be valid, the external proxy 204 stores the profile data in the authentication data store 212 at step 714, and disconnects from external server 104 at step 716.
The local network including the proxy server 102 may be configured as shown in Figures 1, 8, 9, 10 and 11. Figure 8 shows the proxy server 102 may be connected to network 106 through a router 802, and connected to one or more clients 108 through a network firewall 804. Alternatively, as shown in Figure 9, the proxy server 102 may be connected directly to one or more clients 108 without the use of a firewall; or as shown in Figure 11, the proxy server 102 may be between a first firewall 804 and a second firewall 1102. In a further alternative arrangement, shown in Figure 10, the one or more clients 108 may be connected to the network 106 via a local network server 1002, and the proxy server 102 may communicate with the client 108 and the external server 104 through the local network server 1002. Other arrangements will also be apparent to those skilled in the art. The client 108 may also access the external server 104 directly via the network 106, as shown in Figure 12, e.g. by connecting a laptop computer through a private ISP in the user's home. In this case, the proxy server 102 is unaware of data files being downloaded from external server 104 to client 108, or of changes in the client profile data (e.g. the user's password).
If a client 108 changes its profile data on external server 104 between sessions with the internal proxy 102 (e.g. by accessing the external server 104 directly), the external proxy 204 will subsequently be unable to access the external server 104 as the profile data stored on the proxy server 102 will not change; the profile data on the proxy server 102 will only be updated when the client 108 next establishes a session with the internal proxy 208 and provides the new profile data. When the profile data is updated, any data files on the external server 104 corresponding to the updated profile data (e.g. belonging to a user's username/password combination) will be downloaded (to the intermediate data store 206) when the external proxy 204 performs the next scheduled access of the external server 104; advantageously, an access may be automatically performed when profile data stored on the proxy server 102 is updated.
The client 108 may also delete data files on the external server 104 when accessing it directly; for example, a client 108 may delete email messages from an external server 104 in the form of an email server. The external proxy 204 will discover that a data file has been deleted from the external server 104 when it performs the next downloading procedure (described above with reference to Figure 3); if a data file has been deleted from the external server 104 but still remains in the intermediate data store 206, the external proxy 204 will delete the data file in the intermediate data store 206. The client 108 is not able to access the intermediate data store 206 until changed profile data (e.g. authentication data) has been verified by access to the external server 104; access to the external server
104 will then result in the identification of data files that have been deleted from the external server 104 and thus their deletion from the intermediate data store 206. For accelerating POP3, the internal proxy 208, has a similar Transaction State to a normal POP3 server, but has different processing for the Authorization State and the Update State, described in RPC 1939 and in the Appendix.
In the Authorisation State, the internal proxy 208 tests profile data, in the form of client- provided authentication tokens, against the external server 104, and — if correct — stores them for later use in the authentication data store 212, before the proxy 102 disconnects from the external server 104 and the internal proxy 208 resumes normal operation as a POP3 server (i.e. serving data from the intermediate data store 206).
The internal proxy 208 simply does not implement parts of the Update State processing of a POP3 server: although it marks messages for deletion, it never actually carries out this deletion. Deletion is carried out by the external proxy 204.
The address of the external server 104 may be fixed as far as the network 106 is concerned, but in a number of instances, the network address, particularly the IP address may change, for example if the external server is part of a farm of servers of an Internet service provider. In order to properly identify the external server 104, the proxy server 102 may perform an identification or classification process as described in the patent specification of the International (PCT) patent application entitled "A system for classifying an Internet protocol address" filed by the Applicant on the same day as this application (and which is herein incorporated by reference).
Many modifications will be apparent to those skilled in the art without departing from the scope of the present invention as herein described with reference to the accompanying drawings. APPENDIX: POP3 PROTOCOL DETAILS
The following is a simplified explanation of the POP3 protocol.
The POP3 protocol supports a number of commands and a number of states.
The server host starts the POP3 service by listening on TCP port 110. When a client wishes to open a session, it communicates with the server on TCP port 110. When the connection is established, the POP3 server sends a greeting. The client and POP3 server then exchange commands and responses (respectively) until the connection is closed or aborted.
Commands in POP3 consist of the following case-insensitive keywords, followed in some cases by one or more arguments:
Figure imgf000013_0001
In each case the server replies with a status indicator and a keyword, possibly followed by additional information. The possible status indicators are "+OK" or "-ERR", which must be sent in upper case. With the exception of the STAT, LIST, and UIDL commands, any text following "+OK" or "-ERR" may be ignored by the client.
Responses to certain commands are multi-line. In these cases, after the first line of the response, any additional lines are sent, followed by a single terminating period (".") alone on a line.
As can be seen from the above table, a P0P3 session may be in a number of states during its lifetime. It begins in the AUTHORIZATION state. The client identifies itself to the P0P3 server. Once the client has successfully done this, the server attempts to acquire resources associated with the client's mailbox (typically to lock it), and if this is successful, the session enters the TRANSACTION state.
In this state, the client requests actions on the part of the POP3 server. When the client has issued the QUIT command, the session enters the UPDATE state. In this state, the P0P3 server releases any resources acquired during the TRANSACTION state and says goodbye. The connection is then closed.
The AUTHORIZATION State
When the TCP connection is initially opened by a P0P3 client, the server issues a one line greeting. This can be any positive response. An example might be a banner greeting such as:
+OK POP3 server on Jeeves is ready
The P0P3 session is now in the AUTHORIZATION state. The client must now identify and authenticate itself to the POP3 server. There are two possible mechanisms for doing this:
1. The USER and PASS commands.
Figure imgf000014_0001
Figure imgf000015_0001
Other possible negative replies:
Figure imgf000015_0002
Figure imgf000015_0003
2. The APOP command.
The APOP command is an optional command: it is not required of P0P3 servers and is not supported by the present invention.
If authorization is successfully completed, and the mailbox is locked, the P0P3 session enters the TRANSACTION state. If authorization or mailbox locking fails, the server responds with a negative status indicator, and at that point either the server or the client may close the connection. If the server does not do so, the client may choose to attempt authentication again.
When the server opens the mailbox, it assigns a message-number (starting with 1) to each message, and notes the size of each message in octets. These message numbers are later used by the client. Note also that at this point no messages are marked as deleted. The TRANSACTION State
Once in the TRANSACTION state, the client may issue any of the commands that are valid for that state, repeatedly. After each command, the server issues a response. Eventually, the client issues the QUIT command and the POP3 session enters the UPDATE state.
Each of the commands that is valid in the TRANSACTION state is discussed in turn.
1. The STAT command.
The P0P3 server issues a positive response consisting of "+OK" followed by a single space, the total number of messages in the mailbox, a single space, and the total size of the mailbox in octets. Messages marked as deleted are not counted in either total.
Figure imgf000016_0001
2. The LIST command.
The client sends the LIST command with or without a message number. If given, the message number must refer to an undeleted message.
If no message number is given, the server response with a line for each undeleted message in the mailbox.
Figure imgf000016_0002
Figure imgf000017_0001
If a message number is given, the server responds with the details for that message or with a negative response if that message is invalid.
Figure imgf000017_0002
3. The RETR command.
The client sends the RETR command followed by a message number, which must identify a non-deleted message. The POP3 server either issues a negative response or a positive response consisting of "+OK" followed by a multi-line response containing the text of the email message referred to by the message number.
Figure imgf000017_0003
Figure imgf000017_0004
Figure imgf000018_0001
Figure imgf000018_0002
4. The DELE command.
The client sends the DELE command followed by a message number, which must identify a non-deleted message. The P0P3 server either issues a negative response or marks the message as deleted, and issues a positive response consisting of "+OK". Note that the P0P3 server does not actually delete the message until the P0P3 session enters the UPDATE state.
Figure imgf000018_0003
Source Command/Response Comments
Client RETR 2
Server -ERR message deleted Message 2 has already been deleted.
Figure imgf000018_0004
5. The NOOP command.
The client sends the NOOP command without arguments; the server replies with a positive response.
Figure imgf000019_0001
6. The RSET command.
The client sends the RSET command without arguments. The server , which must identify a non-deleted message. The P0P3 server either issues a negative response or a positive response consisting of "+OK" followed by a single space, the total number of messages in the mailbox, a single space, and the total size of the mailbox in octets. Messages marked as deleted are not counted in either total.
Figure imgf000019_0002
The UPDATE State
When (and only when) the client issues the QUIT command from the TRANSACTION state, the P0P3 session enters the UPDATE state.
The P0P3 server removes all messages marked as deleted from the mailbox and replies as to the status of this operation. If there is an error, such as a resource shortage, encountered while removing messages, this may result in the mailbox having some or all of the messages marked as deleted not removed. The server must never remove any messages not marked as deleted. Whether the removal was successful or not, the server then releases any exclusive-access lock on the mailbox and closes the TCP connection.
Figure imgf000020_0001
Optional POP3 Commands
There are three optional P0P3 commands.
1. The TOP command
The client sends the TOP command with two arguments: a message number and n, a number of lines. The server replies with a negative response or with a positive response and the first n lines of the message. If there are fewer than n lines in the message this is not an error, and the entire message is sent.
Figure imgf000020_0002
Figure imgf000021_0001
2. The UIDL command
The client sends the UIDL command with an optional argument: a message number that must not refer to a deleted message. The server replies with a negative response in the case of an error.
Otherwise, if an argument is given, the server responds with a unique ID string for the corresponding message. If an argument is not given, the server responds with a multi-line response including a line for each message that has not been marked as deleted, each line containing the message number and the unique ID string for the message.
Figure imgf000021_0002
Figure imgf000021_0003
Figure imgf000022_0001
The unique-id of a message is an arbitrary server-determined string, consisting of one to 70 characters in the range 0x21 to 0x7E, which uniquely identifies a message within a mailbox and which persists across sessions. This persistence is required even if a session ends without entering the UPDATE state. The server should never reuse an unique-id in a given mailbox, for as long as the entity using the unique-id exists.
3. The APOP command (addressed previously).
Example POP3 Session
Figure imgf000022_0002
Figure imgf000023_0001

Claims

CLAIMS:
1. A proxy server for downloading a data file for a client, including: a download module for downloading the data file for the client from an external server over a network, based on profile data associated with said client and stored on the proxy server; a memory module for storing said profile data and said data file; and a transfer module for transferring the data file to said client when requested by said client.
2. A proxy server as claimed in claim 1, wherein the download module operates asynchronously to the transfer module.
3. A proxy server as claimed in claim 2, wherein a connection between the proxy server and the client has a higher data rate than a connection between the proxy server and the external server.
4. A proxy server as claimed in any one of the preceding claims, wherein the download module scans the data file to detect unauthorised content in the data file.
5. A proxy server as claimed in claim 4, wherein when unauthorised content is detected in the data file, the file is deleted, quarantined, or the unauthorised content is removed from the data file.
6. A proxy server as claimed in claim 4 or 5, wherein said unauthorised content includes computer viruses and spam messages.
7. A proxy server as claimed in any one of the preceding claims, wherein the data file is a content file, such as an email, RSS feed document or web page.
8. A proxy server as claimed in any one of the preceding claims, wherein the proxy server obtains the profile data from the client, and validates the profile data by communication with the external server.
9. A proxy server as claimed in claim 8, wherein the profile data includes an Internet protocol address and authentication data associated with said client.
10. A proxy server as claimed in claim 9, wherein said authentication data includes a username and a password of a user of the client.
11. A proxy server as claimed in claim 9 or 10, wherein said client comprises an MUA and the profile data is obtained using the Post Office Protocol (POP).
12. A proxy server as claimed in any one of the preceding claims, wherein the proxy server communicates with the external server and with the client using the Post Office Protocol (POP).
13. A proxy server as claimed in any one of the preceding claims, wherein said download module includes an external proxy, said memory module includes an intermediate data store for said data file and an authentication data store for said profile data, and said transfer module includes an internal proxy.
14. A proxy server as claimed in claim 13, wherein the internal proxy uses Post Office Protocol (POP) commands in the Authorisation State to validate authentication data and stores the validated data in the authentication data store.
15. A proxy server as claimed in claim 14, wherein the external proxy uses POP commands to obtain data files from the external server and stores said data files in the intermediate data store, and the internal proxy uses POP commands in the Update state to mark data files in said intermediate data store for deletion by the external proxy.
16. A proxy server as claimed in any one of the preceding claims, wherein the proxy server operates transparently with respect to the client.
17. A proxy process, including: storing profile data associated with a client; downloading a data file for the client from an external server over a network, using the stored profile data; storing said data file; and transferring the data file to, said client when requested by said client.
18. A proxy process as claimed in claim 17, wherein said downloading is performed asynchronously to said transferring.
19. A proxy process as claimed in claim 18, wherein a transfer connection to the client has a higher data rate than a download connection to the external server.
20. A proxy process as claimed in any one of claims 17 to 19, including scanning the data file to detect unauthorised content in the data file.
21. A proxy process as claimed in claim 20, wherein when unauthorised content is detected in the data file, the file is deleted, quarantined, or the unauthorised content is removed from the data file.
22. A proxy process as claimed in claim 20 or 21, wherein said unauthorised content includes computer viruses and spam messages.
23. A proxy process as claimed in any one of claims 17 to 22, wherein the data file is a content file, such as an email, RSS feed document or web page.
24. A proxy process as claimed in any one of claims 17 to 23, including obtaining the profile data from the client, and validating the profile data by communication with the external server.
25. A proxy process as claimed in claim 24, wherein the profile data includes an Internet protocol address and authentication data associated with said client.
26. A proxy process as claimed in claim 25, wherein said authentication data includes a username and a password of a user of the client.
27. A proxy process as claimed in claim 25 or 26, wherein said client comprises an MUA and the profile data is obtained using the Post Office Protocol (POP).
28. A proxy process as claimed in any one of claims 17 to 27, including communicating with the external server and with the client using the Post Office Protocol (POP).
29. A proxy process as claimed in any one of claims 17 to 28, including storing said data file in an intermediate data store and storing said client profile data in an authentication data store.
30. A proxy process as claimed in claim 29, including validating authentication data using Post Office Protocol (POP) commands in the Authorisation State and storing the validated data in the authentication data store.
31. A proxy process as claimed in claim 30, including obtaining data files from the external server uses POP commands and storing said data files in the intermediate data store, and marking data files in said intermediate data store for deletion using POP commands in the Update State.
32. A proxy process as claimed in any one of claims 17 to 31, wherein said process operates transparently with respect to the client.
33. Computer program code stored on memory for use in performing a process as claimed in any one of claims 17 to 32.
PCT/IB2007/001785 2006-06-30 2007-06-29 Proxy server WO2008004064A1 (en)

Priority Applications (4)

Application Number Priority Date Filing Date Title
CN200780024502.6A CN101529399B (en) 2006-06-30 2007-06-29 Proxy server and proxy method
AU2007270872A AU2007270872B2 (en) 2006-06-30 2007-06-29 Proxy server
EP07766595A EP2035939A4 (en) 2006-06-30 2007-06-29 Proxy server
US12/341,837 US8365270B2 (en) 2006-06-30 2008-12-22 Proxy server

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
AU2006903548A AU2006903548A0 (en) 2006-06-30 Proxy server
AU2006903548 2006-06-30

Related Child Applications (1)

Application Number Title Priority Date Filing Date
US12/341,837 Continuation-In-Part US8365270B2 (en) 2006-06-30 2008-12-22 Proxy server

Publications (1)

Publication Number Publication Date
WO2008004064A1 true WO2008004064A1 (en) 2008-01-10

Family

ID=38894240

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IB2007/001785 WO2008004064A1 (en) 2006-06-30 2007-06-29 Proxy server

Country Status (5)

Country Link
US (1) US8365270B2 (en)
EP (1) EP2035939A4 (en)
CN (1) CN101529399B (en)
AU (1) AU2007270872B2 (en)
WO (1) WO2008004064A1 (en)

Families Citing this family (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8468271B1 (en) * 2009-06-02 2013-06-18 Juniper Networks, Inc. Providing privacy within computer networks using anonymous cookies
US9479812B2 (en) * 2009-06-05 2016-10-25 Time Warner Cable Enterprises Llc User selection of software components in a television set-top box
US20110207503A1 (en) * 2010-02-19 2011-08-25 Ruperto Netzer A Facilitating assisted gps and other network services in mobile phones across disparate mobile communications networks
US9348927B2 (en) 2012-05-07 2016-05-24 Smart Security Systems Llc Systems and methods for detecting, identifying and categorizing intermediate nodes
US10778659B2 (en) 2012-05-24 2020-09-15 Smart Security Systems Llc System and method for protecting communications
US9325676B2 (en) 2012-05-24 2016-04-26 Ip Ghoster, Inc. Systems and methods for protecting communications between nodes
US10382595B2 (en) 2014-01-29 2019-08-13 Smart Security Systems Llc Systems and methods for protecting communications
US10305861B2 (en) 2016-08-29 2019-05-28 Microsoft Technology Licensing, Llc. Cross-tenant data leakage isolation
US10558641B2 (en) 2017-04-21 2020-02-11 Microsoft Technology Licensing, Llc Trigger system for databases using proxy
CN109218163B (en) * 2017-07-05 2021-05-07 北京二六三企业通信有限公司 Mail delivery method and server
US11194930B2 (en) 2018-04-27 2021-12-07 Datatrendz, Llc Unobtrusive systems and methods for collecting, processing and securing information transmitted over a network

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5727159A (en) * 1996-04-10 1998-03-10 Kikinis; Dan System in which a Proxy-Server translates information received from the Internet into a form/format readily usable by low power portable computers
GB2366965A (en) * 2000-09-01 2002-03-20 Ncr Int Inc Downloading data to a requesting client form the local cache of another client
US20040117450A1 (en) 2002-12-13 2004-06-17 Campbell David T. Gateway email concentrator
JP2004362062A (en) * 2003-06-02 2004-12-24 Kddi Corp Network system, data download continuation method in terminal switching in the network system, and its program
CN1645392A (en) * 2005-03-01 2005-07-27 北京立通无限科技有限公司 Receiving, transmitting and managing method for wireless mobile terminal E-mail

Family Cites Families (25)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5694546A (en) * 1994-05-31 1997-12-02 Reisman; Richard R. System for automatic unattended electronic information transport between a server and a client by a vendor provided transport software with a manifest list
US5918013A (en) * 1996-06-03 1999-06-29 Webtv Networks, Inc. Method of transcoding documents in a network environment using a proxy server
US6009462A (en) * 1997-06-16 1999-12-28 Digital Equipment Corporation Replacing large bit component of electronic mail (e-mail) message with hot-link in distributed computer system
US5983348A (en) * 1997-09-10 1999-11-09 Trend Micro Incorporated Computer network malicious code scanner
US6654787B1 (en) * 1998-12-31 2003-11-25 Brightmail, Incorporated Method and apparatus for filtering e-mail
GB2347053A (en) * 1999-02-17 2000-08-23 Argo Interactive Limited Proxy server filters unwanted email
US7305473B2 (en) * 1999-05-28 2007-12-04 The Coca-Cola Company Provision of transparent proxy services to a user of a client device
US20030140112A1 (en) * 1999-11-04 2003-07-24 Satish Ramachandran Electronic messaging system method and apparatus
US6850968B1 (en) * 2000-02-01 2005-02-01 Service Co. Reduction of network server loading
DE60031112T8 (en) * 2000-08-23 2007-09-06 Sony Deutschland Gmbh Remote control of a home network via electronic mail
US20060235723A1 (en) * 2001-02-20 2006-10-19 Steve Millard System and method for management of content associated with digital distribution and updatable storage media
WO2002095553A2 (en) * 2001-05-18 2002-11-28 Imprivata Inc. Biometric authentication for remote initiation of actions and services
US7240095B1 (en) * 2002-02-22 2007-07-03 Bellsouth Intellectual Property Corporation Electronic mail notification
US7475146B2 (en) * 2002-11-28 2009-01-06 International Business Machines Corporation Method and system for accessing internet resources through a proxy using the form-based authentication
US20040117785A1 (en) * 2002-12-13 2004-06-17 Samsung Electronics Co., Ltd. Component download manager for a wireless mobile station and method of operation
JP4794815B2 (en) * 2003-03-12 2011-10-19 キヤノン株式会社 Image communication apparatus and image communication method
US20040216173A1 (en) * 2003-04-11 2004-10-28 Peter Horoszowski Video archiving and processing method and apparatus
WO2004100010A1 (en) * 2003-04-30 2004-11-18 Iptv Systems, Llc Secure, continuous, proxy-optimized, device-to-device data download reception system and method of use
US7591017B2 (en) * 2003-06-24 2009-09-15 Nokia Inc. Apparatus, and method for implementing remote client integrity verification
US20050216564A1 (en) * 2004-03-11 2005-09-29 Myers Gregory K Method and apparatus for analysis of electronic communications containing imagery
US20050240773A1 (en) * 2004-04-21 2005-10-27 Fuji Xerox Co., Ltd. Secure file sharing
US8155975B1 (en) * 2004-11-05 2012-04-10 Rdm Corporation System and method for providing configuration and settlement processing of financial transactions using a hierarchy node model
US8721446B2 (en) * 2004-12-09 2014-05-13 Wms Gaming Inc. Background downloading of gaming content to a gaming machine prior to a scheduled shutdown
US8214827B2 (en) * 2005-12-05 2012-07-03 Flash Networks, Ltd Method and system for improving user confidence and experience in content purchasing via a service provider premises
US7836132B2 (en) * 2005-12-13 2010-11-16 Microsoft Corporation Delivery confirmation for e-mail

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5727159A (en) * 1996-04-10 1998-03-10 Kikinis; Dan System in which a Proxy-Server translates information received from the Internet into a form/format readily usable by low power portable computers
GB2366965A (en) * 2000-09-01 2002-03-20 Ncr Int Inc Downloading data to a requesting client form the local cache of another client
US20040117450A1 (en) 2002-12-13 2004-06-17 Campbell David T. Gateway email concentrator
JP2004362062A (en) * 2003-06-02 2004-12-24 Kddi Corp Network system, data download continuation method in terminal switching in the network system, and its program
CN1645392A (en) * 2005-03-01 2005-07-27 北京立通无限科技有限公司 Receiving, transmitting and managing method for wireless mobile terminal E-mail

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See also references of EP2035939A4

Also Published As

Publication number Publication date
EP2035939A4 (en) 2013-02-27
US20090249467A1 (en) 2009-10-01
AU2007270872B2 (en) 2013-05-02
AU2007270872A1 (en) 2008-01-10
CN101529399B (en) 2014-12-03
CN101529399A (en) 2009-09-09
US8365270B2 (en) 2013-01-29
EP2035939A1 (en) 2009-03-18

Similar Documents

Publication Publication Date Title
AU2007270872B2 (en) Proxy server
US11271883B2 (en) System and method for securely performing multiple stage email processing with embedded codes
US7516480B2 (en) Secure remote configuration of targeted devices using a standard message transport protocol
US8819410B2 (en) Private electronic information exchange
US8065377B2 (en) System and method for configuring access to electronic mailboxes
US7962558B2 (en) Program product and system for performing multiple hierarchical tests to verify identity of sender of an e-mail message and assigning the highest confidence value
US7475115B2 (en) System and method for generating configurations used for accessing electronic mailboxes
US20070100999A1 (en) Method, system and software for rendering e-mail messages
US20050216587A1 (en) Establishing trust in an email client
US20110321140A1 (en) System and method for automatically learning mailbox configuration conventions
GB2347053A (en) Proxy server filters unwanted email
WO2001044953A1 (en) Method and system for confirming receipt of electronic mail transmitted via a communications network
US20060184634A1 (en) Electronic mail system using email tickler
US8380791B1 (en) Anti-spam system, method, and computer program product
Riabov SMTP (simple mail transfer protocol)
Erickson et al. The Effectiveness of Whitelisting: a User-Study.
Blum Open source e-mail security
EP1457905A2 (en) Reducing unwanted and unsolicited electronic messages
La Lau et al. Advanced Email
Koymans et al. Email
Scheerder CPJ Koymans
Platform FortiMail™ Secure Messaging Platform
Proxy et al. Spamato Revolutions

Legal Events

Date Code Title Description
WWE Wipo information: entry into national phase

Ref document number: 200780024502.6

Country of ref document: CN

121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 07766595

Country of ref document: EP

Kind code of ref document: A1

WWE Wipo information: entry into national phase

Ref document number: 2007270872

Country of ref document: AU

NENP Non-entry into the national phase

Ref country code: DE

ENP Entry into the national phase

Ref document number: 2007270872

Country of ref document: AU

Date of ref document: 20070629

Kind code of ref document: A

WWE Wipo information: entry into national phase

Ref document number: 2007766595

Country of ref document: EP

NENP Non-entry into the national phase

Ref country code: RU