E-mail firewall with stored key encryption/decryption
First Claim
1. A method for controlling e-mail messages transmitted from and received by a computing site, the method implemented using a firewall implemented at least partially in hardware and comprising:
- selectively encrypting individual e-mail messages transmitted from an e-mail sender associated with said computing site to a first e-mail recipient via the firewall, the selective encrypting being performed under control of the firewall and in accordance with (i) a security policy associated with said computing site and (ii) at least a first recipient key associated with the first e-mail recipient;
decrypting individual encrypted e-mail messages sent to a second e-mail recipient associated with said computing site, the decrypting being performed under control of the firewall and in accordance with (i) the security policy and (ii) at least a second recipient key associated with the second e-mail recipient;
at the firewall, filtering said e-mail messages, after said decryption and before said encryption respectively, and in accordance with changeable filter information, the filtering comprising at least content filtering to enforce content control policies by reference to specific words in the message body, each of said e-mail messages including at least one recipient address; and
transmitting at least one of said messages to at least one recipient address thereof in response to a predetermined policy result of said filter.
3 Assignments
0 Petitions
Accused Products
Abstract
An e-mail firewall applies policies to messages between a first site and a plurality of second sites in accordance with administrator selectable policies. The firewall includes an SMTP relay and policy managers to enforce administrator selectable policies, such as encryption and decryption policies, a source/destination policy, a content policy and a first virus policy. Some policies are characterized by administrator selectable criteria, administrator selectable exceptions to the criteria and administrator selectable actions associated with the criteria and exceptions. Policy managers can include an access manager for restricting transmission of messages between the first and second sites in accordance with the source/destination policy, a content manager for restricting transmission of messages between the first and second sites in accordance with the content policy, and a virus manager for restricting transmission of messages between the first and second sites in accordance with the virus policy.
-
Citations
7 Claims
-
1. A method for controlling e-mail messages transmitted from and received by a computing site, the method implemented using a firewall implemented at least partially in hardware and comprising:
-
selectively encrypting individual e-mail messages transmitted from an e-mail sender associated with said computing site to a first e-mail recipient via the firewall, the selective encrypting being performed under control of the firewall and in accordance with (i) a security policy associated with said computing site and (ii) at least a first recipient key associated with the first e-mail recipient; decrypting individual encrypted e-mail messages sent to a second e-mail recipient associated with said computing site, the decrypting being performed under control of the firewall and in accordance with (i) the security policy and (ii) at least a second recipient key associated with the second e-mail recipient; at the firewall, filtering said e-mail messages, after said decryption and before said encryption respectively, and in accordance with changeable filter information, the filtering comprising at least content filtering to enforce content control policies by reference to specific words in the message body, each of said e-mail messages including at least one recipient address; and transmitting at least one of said messages to at least one recipient address thereof in response to a predetermined policy result of said filter. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
Specification