E-mail firewall with stored key encryption/decryption
DCFirst Claim
1. An e-mail control system for controlling e-mail messages transmitted from and received by a computing site, comprising:
- a message encryptor for encrypting a first designated type of message transmitted from a user associated with said computing site in accordance with at least a first stored encryption key;
a message decryptor for decrypting a second designated type of message sent to a user associated with said computing site in accordance with at least a second stored encryption key; and
a filter for monitoring said messages, after decryption by said decryptor and before encryption by said encryptor, in accordance with changeable filter information, the filter comprising at least a content filter to enforce content control policies by reference to specific words in the message body, each of said messages including at least one recipient address, the e-mail control system transmitting a message to said at least one recipient address in response to a predetermined policy result of said filter.
5 Assignments
Litigations
0 Petitions
Accused Products
Abstract
An e-mail firewall (105) applies policies to e-mail messages (204) between a first site and a plurality of second sites in accordance with a plurality of administrator selectable policies (216). The firewall comprises a simple mail transfer protocol (SMTP) relay (202) for causing the e-mail messages (204) to be transmitted between the first site and selected ones of the second sites. A plurality of policy managers (216) enforce administrator selectable policies. The policies, such as encryption and decryption policies, comprise at least a first source/destination policy (218), at least a first content policy (220) and at least a first virus policy (224). The policies are characterized by a plurality of administrator selectable criteria (310), a plurality of administrator selectable exceptions (312) to the criteria and a plurality of administrator selectable actions (314, 316, 322) associated with the criteria and exceptions. The policy managers comprise an access manager (218) for restricting transmission of e-mail messages (204) between the first site and the second sites in accordance with the source/destination policy (218). The policy managers (216) further comprise a content manager (220) for restricting transmission of e-mail messages (204) between the first site and the second sites in accordance with the content policy (220), and a virus manager (224) for restriction transmission of e-mail messages (204) between the first site and the second sites in accordance with the virus policy (224).
401 Citations
19 Claims
-
1. An e-mail control system for controlling e-mail messages transmitted from and received by a computing site, comprising:
-
a message encryptor for encrypting a first designated type of message transmitted from a user associated with said computing site in accordance with at least a first stored encryption key;
a message decryptor for decrypting a second designated type of message sent to a user associated with said computing site in accordance with at least a second stored encryption key; and
a filter for monitoring said messages, after decryption by said decryptor and before encryption by said encryptor, in accordance with changeable filter information, the filter comprising at least a content filter to enforce content control policies by reference to specific words in the message body, each of said messages including at least one recipient address, the e-mail control system transmitting a message to said at least one recipient address in response to a predetermined policy result of said filter. - View Dependent Claims (2, 3, 4, 5, 6, 7)
notification means, responsive to said means for causing redirection of messages, for causing generation of a notification e-mail message; and
redirection means for causing transmission of said notification e-mail message to a destination corresponding to changeable notification message destination information.
-
-
7. An e-mail control system as set forth in claim 6 wherein said notification message comprises a body portion and wherein said notification means further comprises means for causing generation of a message contained in said body portion.
-
8. An e-mail firewall for restricting transmission of e-mail messages between a first site and a plurality of second sites in accordance with a plurality of administrator selectable policies, said firewall comprising:
-
a simple mail transfer protocol (SMTP) relay for causing said e-mail messages to be transmitted between said first site and selected ones of said second sites; and
a plurality of policy managers, responsive to said SMTP relay, for enforcing administrator selectable policies, said policies comprising at least a first source/destination policy, at least a first content policy and at least a first virus policy, said policies characterized by a plurality of administrator selectable criteria, a plurality of administrator selectable exceptions to said criteria and exceptions, said policy managers comprising, an access manager for restricting transmission of e-mail messages between said first site and said second sites in accordance with said source/destination policy;
a content manager for restricting transmission of e-mail messages between said first site and said second sites in accordance with said content policy; and
a virus manager for restriction transmission of e-mail messages between said first site and said second sites in accordance with said virus policy, each of said e-mail messages including at least one recipient address, the e-mail control system transmitting a message to said at least one recipient address in response to a predetermined policy result of a policy manager. - View Dependent Claims (9, 10, 11, 12, 13, 14, 15)
-
-
16. A method for restricting receipt of e-mail messages, in accordance with a plurality of changeable policies, to a first site from a plurality of second sites, the method comprising the steps of:
-
intercepting a first e-mail message transmitted to a user associated with said first site from at least one user associated with one of said second sites;
determining if said message is encrypted and decrypting said message in accordance with a stored key, if said message is encrypted; and
filtering said message in accordance with at least one stored content policy, said messages including at least one internal site recipient address, the e-mail control system transmitting the message to said at least one internal site recipient address in response to a predetermined policy result of said filtering. - View Dependent Claims (18, 19)
-
-
17. A method for restricting transmission of e-mail messages, in accordance with a plurality of changeable policies, from a first site to a plurality of second sites, the method comprising the steps of:
-
intercepting an e-mail message transmitted to at least one user associated with one of said second sites from a user associated with said first site;
filtering said e-mail message in accordance with a plurality of stored policies, including at least one content policy to enforce content control policies by reference to specific words in the message body;
responding to a first of said stored policies by encrypting said e-mail message in accordance with a stored key; and
transmitting said e-mail message to at least one user associated with one of said second sites.
-
Specification