E-mail firewall with stored key encryption/decryption
First Claim
1. A method for filtering e-mail messages transmitted from an external site to an internal site associated with a first policy, comprising:
- i. intercepting a plurality of data packets associated with an e-mail message having a sender address associated with an external site;
ii. assembling said data packets to an application level message;
iii. detecting whether the application level message includes a digital signature attachment;
iv. applying at least one policy condition to said application level e-mail message, said policy condition applied by reference to said attached digital signature, said applying providing a policy application result;
v. applying at least a second policy condition to said application level e-mail message in response to a predetermined condition of the attached digital signature, the second policy condition selected by reference to an identity associated with the valid digital signature;
vi. detecting that the digital signature is a valid digital signature; and
vii. processing said application level e-mail message in accordance with said applying at least a second policy condition.
0 Assignments
0 Petitions
Accused Products
Abstract
An e-mail firewall (105) applies policies to e-mail messages (204) between a first site and a plurality of second sites in accordance with a plurality of administrator selectable policies (216). The firewall comprises a simple mail transfer protocol (SMTP) relay (202) for causing the e-mail messages (204) to be transmitted between the first site and selected ones of the second sites. A plurality of policy managers (216) enforce administrator selectable policies. The policies, such as encryption and decryption policies, comprise at least a first source/destination policy (218), at least a first content policy (202) and at least a first virus policy (224). The policies are characterized by a plurality of administrator selectable criteria (310), a plurality of administrator selectable exceptions (312) to the criteria and a plurality of administrator selectable actions (314, 316, 322) associated with the criteria and exceptions. The policy managers comprise an access manager (218) for restricting transmission of e-mail messages (204) between the first site and the second sites in accordance with the source/destination policy (218). The policy managers (216) further comprise a content manager (220) for restricting transmission of e-mail messages (204) between the first site and the second sites in accordance with the content policy (220), and a virus manager (224) for restriction transmission of e-mail messages (204) between the first site and the second sites in accordance with the virus policy (224).
-
Citations
2 Claims
-
1. A method for filtering e-mail messages transmitted from an external site to an internal site associated with a first policy, comprising:
-
i. intercepting a plurality of data packets associated with an e-mail message having a sender address associated with an external site; ii. assembling said data packets to an application level message; iii. detecting whether the application level message includes a digital signature attachment; iv. applying at least one policy condition to said application level e-mail message, said policy condition applied by reference to said attached digital signature, said applying providing a policy application result; v. applying at least a second policy condition to said application level e-mail message in response to a predetermined condition of the attached digital signature, the second policy condition selected by reference to an identity associated with the valid digital signature; vi. detecting that the digital signature is a valid digital signature; and vii. processing said application level e-mail message in accordance with said applying at least a second policy condition.
-
-
2. A method for filtering e-mail messages transmitted from an external site to an internal site associated with a first policy, comprising:
-
i. intercepting a plurality of data packets associated with an e-mail message having a sender address associated with an external site; ii. assembling said data packets to an application level message; iii. detecting whether the application level message includes a digital signature attachment; iv. applying at least one policy condition to said application level e-mail message, said policy condition applied by reference to said attached digital signature, said applying providing a policy application result; v. applying a second policy for detecting whether the attached signature is associated with a domain which is included in a stored list of trusted domains; and vi. processing said application level e-mail message in accordance with said applying at least a second policy condition.
-
Specification
-
- Resources
-
Current AssigneeTumbleweed Communications Corporation (Axway Software SA)
-
Original AssigneeTumbleweed Communications Corporation (Axway Software SA)
-
InventorsDickinson, III, Robert D., Krishnamurthy, Sathvik
-
Primary Examiner(s)Moise, Emmanuel L.
-
Assistant Examiner(s)CALLAHAN, PAUL E
-
Application NumberUS09/967,117Publication NumberTime in Patent Office1,928 DaysField of Search380/282, 380/30, 713/151, 713/152, 713/153, 713/154, 713/156, 713/170, 713/201, 713/701, 726/14, 726/24, 726/17, 726/18, 726/11, 726/12, 726/13US Class Current726/14CPC Class CodesH04L 51/212 using filtering or selectiv...H04L 63/02 for separating internal fro...H04L 63/0428 wherein the data content is...H04L 63/0823 using certificates cryptogr...H04L 63/12 Applying verification of th...
