E-mail firewall with stored key encryption/decryption
First Claim
1. A method for controlling e-mail messages transmitted from and received by a computing site, comprising:
- a encrypting a first designated type of message transmitted from a user associated with said computing site in accordance with at least a first stored encryption key;
decrypting a second designated type of message sent to a user associated with said computing site in accordance with at least a second stored encryption key;
filtering for monitoring said messages, after said decryption and before said encryption, filtering comprising at least a content filtering to enforce content control policies by reference to specific words in the message body, each of said messages including at least one recipient address; and
transmitting a message to said at least one recipient address in response to a predetermined policy result of said filter.
3 Assignments
0 Petitions
Accused Products
Abstract
An e-mail firewall (105) applies policies to e-mail messages (204) between a first 5 site and a plurality of second sites in accordance with a plurality of administrator selectable policies (216). The firewall comprises a simple mail transfer protocol (SMTP) relay (202) for causing the e-mail messages (204) to be transmitted between the first site and selected ones of the second sites. A plurality of policy managers (216) enforce—administrator selectable policies. The policies, such as encryption and decryption policies, comprise at least a first source/destination policy (218), at least a first content policy (202) and at least a first virus policy (224). The policies are characterized by a plurality of administrator selectable criteria (310), a plurality of administrator selectable exceptions (312) to the criteria and a plurality of administrator selectable actions (314, 316, 322) associated with the criteria and exceptions. The policy managers comprise an access manager (218) for restricting transmission of e-mail messages (204) between the first site and the second sites in accordance with the source/destination policy (218). The policy managers (216) further comprise a content manager (220) for restricting transmission of e-mail messages (204) between the first site and the second sites in accordance with the content policy (220), and a virus manager (224) for restriction transmission of e-mail messages (204) between the first site and the second sites in accordance with the virus policy (224).
-
Citations
15 Claims
-
1. A method for controlling e-mail messages transmitted from and received by a computing site, comprising:
- a encrypting a first designated type of message transmitted from a user associated with said computing site in accordance with at least a first stored encryption key;
decrypting a second designated type of message sent to a user associated with said computing site in accordance with at least a second stored encryption key;
filtering for monitoring said messages, after said decryption and before said encryption, filtering comprising at least a content filtering to enforce content control policies by reference to specific words in the message body, each of said messages including at least one recipient address; and
transmitting a message to said at least one recipient address in response to a predetermined policy result of said filter. - View Dependent Claims (2, 3, 4, 5, 6, 7)
- a encrypting a first designated type of message transmitted from a user associated with said computing site in accordance with at least a first stored encryption key;
-
8. Computer media storing instructions or statements for use in execution in a computer of a method for restricting receipt of e-mail messages, in accordance with a plurality of changeable policies, to a first site from a plurality of second sites, the method comprising the steps of:
- intercepting a first e-mail message transmitted to a user associated with said first site from at least one user associated with one of said second sites;
determining if said message is encrypted and decrypting said message in accordance with a stored key, if said message is encrypted; and
filtering said message in accordance with at least one stored content policy, said messages including at least one internal site recipient address, the e-mail control system transmitting the message to said at least one internal site recipient address in response to a predetermined policy result of said filtering. - View Dependent Claims (10, 11)
- intercepting a first e-mail message transmitted to a user associated with said first site from at least one user associated with one of said second sites;
-
9. Computer media storing instructions or statements for use in execution in a computer of a method for restricting transmission of e-mail messages, in accordance with a plurality of changeable policies, from a first site to a plurality of second sites, the method comprising the steps of:
- intercepting an e-mail message transmitted to at least one user associated with one of said second sites from a user associated with said first site;
filtering said e-mail message in accordance with a plurality of stored policies, including at least one content policy to enforce content control policies by reference to specific words in the message body;
responding to a first of said stored policies by encrypting said e-mail message in accordance with a stored key; and
transmitting said e-mail message to at least one user associated with one of said second sites.
- intercepting an e-mail message transmitted to at least one user associated with one of said second sites from a user associated with said first site;
-
12. An e-mail control system for restricting receipt of e-mail messages, in accordance with a plurality of changeable policies, to a first site from a plurality of second sites, comprising:
- a means for intercepting a first e-mail message transmitted to a user associated with said first site from at least one user associated with one of said second sites;
a means for determining if said message is encrypted and decrypting said message in accordance with a stored key, if said message is encrypted; and
means for filtering said message in accordance with at least one stored content policy, said messages including at least one internal site recipient address, the e-mail control system transmitting the message to said at least one internal site recipient address in response to a predetermined policy result of said filtering. - View Dependent Claims (14, 15)
- a means for intercepting a first e-mail message transmitted to a user associated with said first site from at least one user associated with one of said second sites;
-
13. An e-mail control system for restricting transmission of e-mail messages, in accordance with a plurality of changeable policies, from a first site to a plurality of second sites, comprising:
- means for intercepting an e-mail message transmitted to at least one user associated with one of said second sites from a user associated with said first site;
means for filtering said e-mail message in accordance with a plurality of stored policies, including at least one content policy to enforce content control policies by reference to specific words in the message body;
means for responding to a first of said stored policies by encrypting said e-mail message in accordance with a stored key; and
means for transmitting said e-mail message to at least one user associated with one of said second sites.
- means for intercepting an e-mail message transmitted to at least one user associated with one of said second sites from a user associated with said first site;
Specification