E-mail firewall with stored key encryption/decryption
First Claim
1. A method for filtering e-mail messages transmitted from an external site to an internal site associated with a first policy, comprising:
- i. intercepting a plurality of data packets associated with an e-mail message having a sender address associated with an external site;
ii. assembling said data packets to an application level message;
iii. detecting whether the application level message includes a digital signature attachment;
iv. applying at least one policy condition to said application level e-mail message, said policy condition applied by reference to said attached digital signature, said applying providing a policy application result;
v. applying at least a second policy condition to said application level e-mail message in response to a predetermined condition of the attached digital signature, the second policy condition selected by reference to an identity associated with the valid digital signature;
vi. detecting that the digital signature is a valid digital signature; and
vii. processing said application level e-mail message in accordance with said applying at least a second policy condition.
3 Assignments
0 Petitions
Accused Products
Abstract
An e-mail firewall (105) applies policies to e-mail messages (204) between a first site and a plurality of second sites in accordance with a plurality of administrator selectable policies (216). The firewall comprises a simple mail transfer protocol (SMTP) relay (202) for causing the e-mail messages (204) to be transmitted between the first site and selected ones of the second sites. A plurality of policy managers (216) enforce administrator selectable policies. The policies, such as encryption and decryption policies, comprise at least a first source/destination policy (218), at least a first content policy (202) and at least a first virus policy (224). The policies are characterized by a plurality of administrator selectable criteria (310), a plurality of administrator selectable exceptions (312) to the criteria and a plurality of administrator selectable actions (314, 316, 322) associated with the criteria and exceptions. The policy managers comprise an access manager (218) for restricting transmission of e-mail messages (204) between the first site and the second sites in accordance with the source/destination policy (218). The policy managers (216) further comprise a content manager (220) for restricting transmission of e-mail messages (204) between the first site and the second sites in accordance with the content policy (220), and a virus manager (224) for restriction transmission of e-mail messages (204) between the first site and the second sites in accordance with the virus policy (224).
59 Citations
10 Claims
-
1. A method for filtering e-mail messages transmitted from an external site to an internal site associated with a first policy, comprising:
-
i. intercepting a plurality of data packets associated with an e-mail message having a sender address associated with an external site; ii. assembling said data packets to an application level message; iii. detecting whether the application level message includes a digital signature attachment; iv. applying at least one policy condition to said application level e-mail message, said policy condition applied by reference to said attached digital signature, said applying providing a policy application result; v. applying at least a second policy condition to said application level e-mail message in response to a predetermined condition of the attached digital signature, the second policy condition selected by reference to an identity associated with the valid digital signature; vi. detecting that the digital signature is a valid digital signature; and vii. processing said application level e-mail message in accordance with said applying at least a second policy condition.
-
-
2. A method for filtering e-mail messages transmitted from an external site to an internal site associated with a first policy, comprising:
-
i. intercepting a plurality of data packets associated with an e-mail message having a sender address associated with an external site; ii. assembling said data packets to an application level message; iii. detecting whether the application level message includes a digital signature attachment; iv. applying at least one policy condition to said application level e-mail message, said policy condition applied by reference to said attached digital signature, said applying providing a policy application result; v. applying a second policy for detecting whether the attached signature is associated with a domain which is included in a stored list of trusted domains; and vi. processing said application level e-mail message in accordance with said applying at least a second policy condition.
-
-
3. A method for filtering e-mail messages transmitted from an external site to an internal site associated with a first policy, comprising:
-
intercepting, at an SMTP relay implemented as programmed computer hardware separate and distinct from a packet inspection-type access firewall, a plurality of data packets associated with an e-mail message having a sender address associated with an external site; assembling said data packets to an application level e-mail message; detecting whether the application level e-mail message includes a digital signature attachment; applying at least a first policy condition to said application level e-mail message, said first policy condition applied by reference to said attached digital signature, said applying providing a policy application result; applying at least a second policy condition to said application level e-mail message in response to a predetermined condition of the attached digital signature, the second policy condition selected by reference to an identity associated with the valid digital signature; detecting that the digital signature is a valid digital signature; processing said application level e-mail message in accordance with said applying at least a second policy condition, and responsive to the interception at the SMTP relay, building a list of sender policies corresponding to the sender address of the application level e-mail message and building a list of recipient policies corresponding to one or more recipient addresses of the application level e-mail message; the applied first and second policy conditions being respectively selected from one of the lists of sender and recipient policies for the application level e-mail message, wherein different types of the sender and recipient policies are applied to the application level e-mail message in a predetermined priority order in which access management policies are applied after decryption policies and before remaining content control policies, formal conversion policies and security policies, wherein the security policies include at least client security usage, preserve encryption and plain text access policies. - View Dependent Claims (4, 5, 6)
-
-
7. A method for filtering e-mail messages transmitted from an external site to an internal site associated with a first policy, comprising:
-
intercepting at an SMTP relay implemented as programmed computer hardware separate and distinct from a packet inspection-type access firewall, a plurality of data packets associated with an e-mail message having a sender address associated with an external site; assembling said data packets to an application level e-mail message; detecting whether the application level e-mail message includes a digital signature attachment; applying at least a first policy condition to said application level e-mail message, said first policy condition applied by reference to said attached digital signature, said applying providing a policy application result; applying at least a second policy condition for detecting whether the attached signature is associated with a domain which is included in a stored list of trusted domains; processing said application level e-mail message in accordance with said applying at least a second policy condition; and responsive to the interception at the SMTP relay, building a list of sender policies corresponding to the sender address of the application level e-mail message and building a list of recipient policies corresponding to one or more recipient addresses of the application level e-mail message; the applied first and second policy conditions being respectively selected from one, of the lists of sender and recipient policies for the application level e-mail message, wherein different types of the sender and recipient policies are applied to the application level e-mail message in a predetermined priority order in which access management policies are applied after decryption policies and before remaining content control policies, formal conversion policies and security policies, wherein the security policies include at least client security usage, preserve encryption and plain text access policies. - View Dependent Claims (8, 9, 10)
-
Specification