Method And System For Preventing Exploitation Of Email Messages
First Claim
1. A method for preventing the exploitation of an original email message having a destination, the method comprising:
- decomposing the original email message into the components thereof;
for each component of said components thereof;
formatting said component according to at least one published standards for formatting email into a correctly-formatted email component;
inspecting said correctly-formatted email component for undesirable content;
if said correctly-formatted email component contains undesirable content, then sanitizing said correctly-formatted email component;
reassembling said correctly-formatted email component into a replacement email message; and
substituting said replacement email message for the original email message, and sending said replacement email message to the destination of the original email message in place thereof.
3 Assignments
0 Petitions
Accused Products
Abstract
A method and system for preventing the exploitation of email messages in attacks on computer systems. Invalid formatting is often used by attackers to introduce undesirable content into email, because email handling applications and utilities are often insensitive to deviations from the standards, and invalid formatting can allow undesirable content to go undetected. According to the present invention, an original email message is decomposed into component parts, which are formatted according to email message standards. Format-compliant components are inspected for undesirable content and reassembled into a replacement email message that is sent to the destination of the original email message. Components with undesirable content are sanitized.
-
Citations
7 Claims
-
1. A method for preventing the exploitation of an original email message having a destination, the method comprising:
-
decomposing the original email message into the components thereof;
for each component of said components thereof;
formatting said component according to at least one published standards for formatting email into a correctly-formatted email component;
inspecting said correctly-formatted email component for undesirable content;
if said correctly-formatted email component contains undesirable content, then sanitizing said correctly-formatted email component;
reassembling said correctly-formatted email component into a replacement email message; and
substituting said replacement email message for the original email message, and sending said replacement email message to the destination of the original email message in place thereof. - View Dependent Claims (2, 3, 4)
-
-
5. A method for preventing the exploitation of an original email message having a destination, the method comprising:
-
decomposing the original email message into the components thereof;
for each component of said components thereof;
formatting said component according to at least one published standards for formatting email into a correctly-formatted email component;
a reassembling said correctly-formatted email component into a replacement email message;
substituting said replacement email message for the original email message;
inspecting said replacement email message for undesirable content;
if said replacement email message contains undesirable content, then sanitizing said replacement email message; and
sending said replacement email message to the destination of the original email message in place thereof. - View Dependent Claims (6)
-
-
7. A system for preventing the exploitation of an original email message having a destination, the system comprising:
-
an email component extractor, for extracting a component of the original email message;
an email component standards-compliant formatter, for formatting said component according to at least one published standard;
an undesirable content handler operative to inspect for undesirable content and to sanitize at least one of;
an email message component;
an email message; and
an email assembler, for assembling said component into a replacement email message for sending to the destination of original email message in place thereof.
-
Specification