Cloud email message scanning with local policy application in a network environment
First Claim
1. A method for applying policies to an email message, comprising:
- receiving, by an inbound policy module in a protected network, message metadata of an email message en route to an intended recipient associated with the protected network, wherein the message metadata is to be received without the email message;
determining, based on the message metadata, whether receiving the email message in the protected network is prohibited by at least one metadata policy of one or more metadata policies;
sending a response from the protected network to block the email message from being forwarded to the protected network if receiving the email message in the protected network is determined to be prohibited by the at least one metadata policy;
sending a request from the protected network for scan results data for the email message if receiving the email message in the protected network is determined not to be prohibited by the one or more metadata policies;
receiving, by the inbound policy module in the protected network, the scan results data;
determining, based on the scan results data, whether receiving the email message in the protected network is prohibited by at least one scan policy of one or more scan policies;
sending a particular response from the protected network to block the email message from being forwarded to the protected network if receiving the email message in the protected network is prohibited by the at least one scan policy;
sending a request from the protected network for the email message if receiving the email message in the protected network is not prohibited by the one or more scan policies;
receiving, by the inbound policy module in the protected network, the email message in response to the request for the email message; and
forwarding the email message to a destination network address associated with a recipient email address, wherein the destination network address is in the protected network.
13 Assignments
0 Petitions
Accused Products
Abstract
A method for applying policies to an email message includes receiving, by an inbound policy module in a protected network, message metadata of an email message. The method also includes determining, based on the message metadata, whether receiving the email message in the protected network is prohibited by at least one metadata policy. The method further includes blocking the email message from being forwarded to the protected network if receiving the email message in the protected network is prohibited by the metadata policy. In specific embodiments, the method includes requesting scan results data for the email message if receiving the email message in the protected network is not prohibited by one or more metadata policies. In further embodiments, the method includes receiving the scan results data and requesting the email message if receiving the email message in the protected network is not prohibited by one or more scan policies.
23 Citations
15 Claims
-
1. A method for applying policies to an email message, comprising:
-
receiving, by an inbound policy module in a protected network, message metadata of an email message en route to an intended recipient associated with the protected network, wherein the message metadata is to be received without the email message; determining, based on the message metadata, whether receiving the email message in the protected network is prohibited by at least one metadata policy of one or more metadata policies; sending a response from the protected network to block the email message from being forwarded to the protected network if receiving the email message in the protected network is determined to be prohibited by the at least one metadata policy; sending a request from the protected network for scan results data for the email message if receiving the email message in the protected network is determined not to be prohibited by the one or more metadata policies; receiving, by the inbound policy module in the protected network, the scan results data; determining, based on the scan results data, whether receiving the email message in the protected network is prohibited by at least one scan policy of one or more scan policies; sending a particular response from the protected network to block the email message from being forwarded to the protected network if receiving the email message in the protected network is prohibited by the at least one scan policy; sending a request from the protected network for the email message if receiving the email message in the protected network is not prohibited by the one or more scan policies; receiving, by the inbound policy module in the protected network, the email message in response to the request for the email message; and forwarding the email message to a destination network address associated with a recipient email address, wherein the destination network address is in the protected network. - View Dependent Claims (2, 3, 4, 5)
-
-
6. At least one non-transitory machine readable storage medium having instructions stored thereon for applying policies to an email message, the instructions when executed by a processor cause the processor to:
-
receive, by an inbound policy module in a protected network, message metadata of an email message en route to an intended recipient associated with the protected network, wherein the message metadata is to be received without the email message; determine, based on the message metadata, whether receiving the email message in the protected network is prohibited by at least one metadata policy of one or more metadata policies; send a response from the protected network to block the email message from being forwarded to the protected network if receiving the email message in the protected network is determined to be prohibited by the at least one metadata policy; send a request from the protected network for scan results data for the email message if receiving the email message in the protected network is determined not to be prohibited by the one or more metadata policies; receive, by the inbound policy module in the protected network, the scan results data; determine, based on the scan results data, whether receiving the email message in the protected network is prohibited by at least one scan policy of one or more scan policies; send a particular response from the protected network to block the email message from being forwarded to the protected network if receiving the email message in the protected network is prohibited by the at least one scan policy; send a request from the protected network for the email message if receiving the email message in the protected network is not prohibited by the one or more scan policies; receive, by the inbound policy module in the protected network, the email message in response to the request for the email message; and forward the email message to a mail server in the protected network, wherein the mail server delivers the email message to the intended recipient of the email message. - View Dependent Claims (7)
-
-
8. At least one non-transitory machine readable storage medium having instructions stored thereon for applying policies to an email message, the instructions when executed by a processor cause the processor to:
-
receive, by an inbound policy module in a protected network, message metadata of an email message en route to an intended recipient associated with the protected network, wherein the message metadata is to be received without the email message; determine, based on the message metadata, whether receiving the email message in the protected network is prohibited by at least one metadata policy of one or more metadata policies; send a response from the protected network to block the email message from being forwarded to the protected network if receiving the email message in the protected network is determined to be prohibited by the at least one metadata policy; send a request from the protected network for scan results data for the email message if receiving the email message in the protected network is determined not to be prohibited by the one or more metadata policies; receive, by the inbound policy module in the protected network, the scan results data; determine, based on the scan results data, whether receiving the email message in the protected network is prohibited by at least one scan policy of one or more scan policies; send a particular response from the protected network to block the email message from being forwarded to the protected network if receiving the email message in the protected network is prohibited by the at least one scan policy; send a request from the protected network for the email message if receiving the email message in the protected network is not prohibited by the one or more scan policies; receive, by the inbound policy module in the protected network, the email message in response to the request for the email message; scan the received email message for content prohibited by one or more local scan policies; and responsive to finding at least some prohibited content during the scanning, quarantine the email message.
-
-
9. At least one non-transitory machine readable storage medium having instructions stored thereon for applying policies to an email message, the instructions when executed by a processor cause the processor to:
-
receive, by an inbound policy module in a protected network, message metadata of an email message en route to an intended recipient associated with the protected network, wherein the message metadata is to be received without the email message; determine, based on the message metadata, whether receiving the email message in the protected network is prohibited by at least one metadata policy of one or more metadata policies; send a response from the protected network to block the email message from being forwarded to the protected network if receiving the email message in the protected network is determined to be prohibited by the at least one metadata policy; send a request from the protected network for scan results data for the email message if receiving the email message in the protected network is determined not to be prohibited by the one or more metadata policies; receive, by the inbound policy module in the protected network, the scan results data; determine, based on the scan results data, whether receiving the email message in the protected network is prohibited by at least one scan policy of one or more scan policies; send a particular response from the protected network to block the email message from being forwarded to the protected network if receiving the email message in the protected network is prohibited by the at least one scan policy; send a request from the protected network for the email message if receiving the email message in the protected network is not prohibited by the one or more scan policies; receive, by the inbound policy module in the protected network, the email message in response to the request for the email message; scan the received email message for content prohibited by one or more local scan policies; and responsive to finding at least some prohibited content during the scanning, block the email message from being delivered to the intended recipient of the email message.
-
-
10. At least one non-transitory machine readable storage medium having instructions stored thereon for applying policies to an email message, the instructions when executed by a processor cause the processor to:
-
receive, by an inbound policy module in a protected network, message metadata of an email message en route to an intended recipient associated with the protected network, wherein the message metadata is to be received without the email message; determine, based on the message metadata, whether receiving the email message in the protected network is prohibited by at least one metadata policy of one or more metadata policies; send a response from the protected network to block the email message from being forwarded to the protected network if receiving the email message in the protected network is determined to be prohibited by the at least one metadata policy; send a request from the protected network for scan results data for the email message if receiving the email message in the protected network is determined not to be prohibited by the one or more metadata policies; receive, by the inbound policy module in the protected network, the scan results data; determine, based on the scan results data, whether receiving the email message in the protected network is prohibited by at least one scan policy of one or more scan policies; send a particular response from the protected network to block the email message from being forwarded to the protected network if receiving the email message in the protected network is prohibited by the at least one scan policy; send a request from the protected network for the email message if receiving the email message in the protected network is not prohibited by the one or more scan policies; receive the email message in response to the request for the email message; scan the received email message for content prohibited by a local scan policy; and responsive to not finding any prohibited content during the scanning, forward the email message to a mail server in the protected network, wherein the mail server is configured to deliver the email message to the intended recipient of the email message.
-
-
11. An apparatus for applying policies to an email message, comprising:
-
a processor in a protected network; and an inbound policy module executing on the processor, the inbound policy module configured to; receive message metadata of an email message en route to an intended recipient associated with the protected network, wherein the message metadata is to be received without the email message; determine, based on the message metadata, whether receiving the email message in the protected network is prohibited by at least one metadata policy of one or more metadata policies; send a response from the protected network to block the email message from being forwarded to the protected network if receiving the email message in the protected network is determined to be prohibited by the at least one metadata policy; send a request from the protected network for scan results data for the email message if receiving the email message in the protected network is determined not to be prohibited by the one or more metadata policies; receive the scan results data; determine, based on the scan results data, whether receiving the email message in the protected network is prohibited by at least one scan policy of one or more scan policies; send a particular response from the protected network to block the email message from being forwarded to the protected network if receiving the email message in the protected network is prohibited by the at least one scan policy; send a request from the protected network for the email message if receiving the email message in the protected network is not prohibited by the one or more scan policies; receive the email message in response to the request for the email message; and forward the email message to a mail server in the protected network, wherein the mail server delivers the email message to the intended recipient of the email message. - View Dependent Claims (12, 13, 14, 15)
-
Specification