E-mail firewall with policy-based cryptosecurity
First Claim
Patent Images
1. A computer-implemented method for filtering e-mail messages transmitted from an external site to an internal site associated with a first policy, comprising:
- i. intercepting using an SMTP relay implemented as programmed computer hardware an e-mail message having a sender address associated with an external site;
ii. detecting whether said e-mail message includes a digital signature;
iii. applying at least one policy condition to said e-mail message, said policy condition applied by reference to the digital signature, said applying providing a policy application result;
iv. applying at least a second policy condition to said e-mail message in response to a predetermined condition of the digital signature, the second policy condition selected by reference to an identity associated with the digital signature;
v. detecting that the digital signature is a valid digital signature; and
vi. processing said e-mail message in accordance with said applying of the second policy.
3 Assignments
0 Petitions
Accused Products
Abstract
An e-mail firewall applies policies to e-mail messages between a first site and second sites in accordance with administrator selectable policies. The firewall includes a simple mail transfer protocol relay for causing the e-mail messages to be transmitted between the first site and selected ones of the second sites. Policy managers enforce-administrator selectable policies relative to one or more of encryption and decryption, signature, source/destination, content and viruses.
69 Citations
7 Claims
-
1. A computer-implemented method for filtering e-mail messages transmitted from an external site to an internal site associated with a first policy, comprising:
-
i. intercepting using an SMTP relay implemented as programmed computer hardware an e-mail message having a sender address associated with an external site; ii. detecting whether said e-mail message includes a digital signature; iii. applying at least one policy condition to said e-mail message, said policy condition applied by reference to the digital signature, said applying providing a policy application result; iv. applying at least a second policy condition to said e-mail message in response to a predetermined condition of the digital signature, the second policy condition selected by reference to an identity associated with the digital signature; v. detecting that the digital signature is a valid digital signature; and vi. processing said e-mail message in accordance with said applying of the second policy.
-
-
2. A computer-implemented method for filtering e-mail messages transmitted from an external site to an internal site associated with a first policy, comprising:
-
i. intercepting using an SMTP relay implemented as programmed computer hardware an e-mail message having a sender address associated with an external site; ii. detecting whether said e-mail message includes a digital signature; iii. applying at least one policy condition to said e-mail message, said policy condition applied by reference to the digital signature, said applying providing a policy application result; iv. applying a second policy for detecting whether the digital signature is associated with a domain which is included in a stored list of trusted domains; and v. processing said e-mail message in accordance with said applying of the second policy.
-
-
3. A method for restricting transmission of e-mail messages between a first site and a second site in accordance with administrator selectable policies, said method comprising:
-
utilizing a simple mail transfer protocol (SMTP) relay in a transmission path for the e-mail messages between said first site and second sites; enforcing one or more administrator selectable policies, at least some of said policies establishing both criteria and exceptions relative to actions on e-mail messages received at the SMTP relay and thereby restricting transmission of at least some of the received mail messages based on access, content and virus control policy aspects of the administrator selectable policies, wherein the administrator selectable policies further enforce security policy aspects that dictate, relative to a policy-defined subset of less than all e-mail messages received at the SMTP relay, encryption and signature requirements, and wherein the actions established by the administrator selectable policies restrict transit of at least some of the received e-mail messages based non-compliance with a requirement that the policy-defined subset of e-mail messages be encrypted or signed. - View Dependent Claims (4, 5, 6, 7)
-
Specification