[go: up one dir, main page]

CN116633670A - Mail sending path and sending IP extraction method based on front edge mail service data - Google Patents

Mail sending path and sending IP extraction method based on front edge mail service data Download PDF

Info

Publication number
CN116633670A
CN116633670A CN202310751222.6A CN202310751222A CN116633670A CN 116633670 A CN116633670 A CN 116633670A CN 202310751222 A CN202310751222 A CN 202310751222A CN 116633670 A CN116633670 A CN 116633670A
Authority
CN
China
Prior art keywords
mail
sending
field
path
origin
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202310751222.6A
Other languages
Chinese (zh)
Inventor
邓金详
代先勇
俞祥基
许贤龙
余泳洁
罗贤明
李闯
刘宗洋
蒋至涛
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Chengdu Fengwei Technology Co ltd
Original Assignee
Chengdu Fengwei Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Chengdu Fengwei Technology Co ltd filed Critical Chengdu Fengwei Technology Co ltd
Priority to CN202310751222.6A priority Critical patent/CN116633670A/en
Publication of CN116633670A publication Critical patent/CN116633670A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1416Event detection, e.g. attack signature detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L51/00User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail
    • H04L51/42Mailbox-related aspects, e.g. synchronisation of mailboxes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/126Applying verification of the received information the source of the received data
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2463/00Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
    • H04L2463/146Tracing the source of attacks
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D30/00Reducing energy consumption in communication networks
    • Y02D30/50Reducing energy consumption in communication networks in wire-line communication networks, e.g. low power modes or reduced link rate

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

The invention discloses a mail sending path and a mail sending IP extraction method based on front edge mail service data, which relate to the field of mail analysis and comprise the steps of S1, acquiring a mail head of a mail to be detected; s2, detecting an origin IP field and a Received field of the mail header; s3, analyzing whether an origin IP field and a Received field exist or not, and if both the origin IP field and the Received field exist, proceeding to S4; if only the originating IP field exists, S5 is entered; if only the Received field exists, proceeding to S6; if none exists, the sending path and the sending IP are empty; s4, analyzing the relation between the source IP field and the Received field, and determining a transmission path and a sender IP; s5, analyzing the related information of the source IP field, determining a sending path and a sender IP, wherein the S6 sending path is a path formed by upward combination of Received fields, and the sender IP is a first non-local area network IP; the sending path and the sending IP can be found and extracted from the mail, and reliable data support is provided for tracing the mail attack behavior; the real mail sending path and the sending IP of the attack mail are identified, and the problem that an attacker falsifies mail sending information is solved.

Description

基于前沿邮服数据的邮件发送路径和发件IP提取方法Mail sending path and sending IP extraction method based on frontier postal service data

技术领域technical field

本发明涉及邮件分析领域,尤其涉及一种基于前沿邮服数据的邮件发送路径和发件IP提取方法。The invention relates to the field of mail analysis, in particular to a method for extracting mail sending paths and sending IPs based on frontier postal service data.

背景技术Background technique

邮件系统是现代企业信息技术发展产生的重要通讯手段之一。企业可通过搭建邮件服务器构建自己的邮件系统,给内部员工和外部客户提供电子邮件通讯服务。电子邮件可以传输多种信息,包括文本、图片、HTML、音频等。并且可以通过邮件客户端代理发送电子邮件。电子邮件的一个特点就是发送行为与接收行为是彼此独立的。因此,即使收件人离线,电子邮件依旧可以发送到收件人电子邮件服务器中被缓存,等待收件人从中读取信件,而网络攻击行为中,钓鱼邮件等更是主流的攻击手段,对邮件的各项内容、关键字段等进行伪造修改的手段层出不穷,这无疑增加了邮件类型的网络攻击行为的分析难度。The mail system is one of the important means of communication produced by the development of modern enterprise information technology. Enterprises can build their own mail system by building a mail server to provide email communication services to internal employees and external customers. E-mail can transmit a variety of information, including text, pictures, HTML, audio and so on. And can send email through mail client proxy. A characteristic of e-mail is that the act of sending is independent of the act of receiving. Therefore, even if the recipient is offline, the email can still be sent to the recipient's email server and cached, waiting for the recipient to read the letter from it. In network attacks, phishing emails are the mainstream attack methods. There are endless ways to forge and modify the content and key fields of emails, which undoubtedly increases the difficulty of analyzing email-type cyber attacks.

发明内容Contents of the invention

本发明的目的就在于为了解决上述问题设计了一种基于前沿邮服数据的邮件发送路径和发件IP提取方法。The object of the present invention is to design a method for extracting mail sending path and sending IP based on frontier postal service data in order to solve the above problems.

本发明通过以下技术方案来实现上述目的:The present invention achieves the above object through the following technical solutions:

基于前沿邮服数据的邮件发送路径和发件IP提取方法,包括:Email sending path and sending IP extraction method based on frontier postal service data, including:

S1、获取待测邮件的邮件头;S1. Obtain the mail header of the mail to be tested;

S2、检测邮件头的起源IP字段和Received字段;S2, detecting the source IP field and the Received field of the mail header;

S3、分析起源IP字段和Received字段是否存在,若均存在进入S4;若仅起源IP字段存在,则进入S5;若仅Received字段存在,则进入S6;若均不存在则发送路径和发件IP均为空;S3, analyze whether the source IP field and the Received field exist, if both exist, enter S4; if only the source IP field exists, then enter S5; if only the Received field exists, then enter S6; if neither exist, send the path and sender IP are empty;

S4、分析起源IP字段和Received字段的关系,确定发送路径和发件IP;S4. Analyze the relationship between the source IP field and the Received field to determine the sending path and sending IP;

S5、分析起源IP字段的相关信息,确定发送路径和发件IP;S5. Analyzing the relevant information of the source IP field to determine the sending path and sending IP;

S6、发送路径为Received字段向上组合形成的路径,发件IP为第一个非局域网IP。S6. The sending path is a path formed by upward combination of Received fields, and the sending IP is the first non-local area network IP.

本发明的有益效果在于:本方法能从邮件中发现并提取出真实的邮件发送路径及发件IP,为邮件攻击行为溯源提供可靠的数据支撑;识别出攻击邮件真实的邮件发送路径及发件IP,解决攻击者伪造邮件发送信息的问题。The beneficial effect of the present invention is that: the method can discover and extract the real mail sending path and sending IP from the mail, and provide reliable data support for tracing the source of mail attack behavior; identify the real mail sending path and sender of the attack mail IP, to solve the problem of attackers forging email sending information.

附图说明Description of drawings

图1是本发明基于前沿邮服数据的邮件发送路径和发件IP提取方法的流程示意图。Fig. 1 is a schematic flowchart of the mail sending path and sending IP extraction method based on frontier postal service data in the present invention.

具体实施方式Detailed ways

为使本发明实施例的目的、技术方案和优点更加清楚,下面将结合本发明实施例中的附图,对本发明实施例中的技术方案进行清楚、完整地描述。显然,所描述的实施例是本发明一部分实施例,而不是全部的实施例。通常在此处附图中描述和示出的本发明实施例的组件可以以各种不同的配置来布置和设计。In order to make the purpose, technical solutions and advantages of the embodiments of the present invention more clear, the technical solutions in the embodiments of the present invention will be clearly and completely described below in conjunction with the drawings in the embodiments of the present invention. Apparently, the described embodiments are some, but not all, embodiments of the present invention. The components of the embodiments of the invention generally described and illustrated in the figures herein may be arranged and designed in a variety of different configurations.

因此,以下对在附图中提供的本发明的实施例的详细描述并非旨在限制要求保护的本发明的范围,而是仅仅表示本发明的选定实施例。基于本发明中的实施例,本领域普通技术人员在没有作出创造性劳动前提下所获得的所有其他实施例,都属于本发明保护的范围。Accordingly, the following detailed description of the embodiments of the invention provided in the accompanying drawings is not intended to limit the scope of the claimed invention, but merely represents selected embodiments of the invention. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without creative efforts fall within the protection scope of the present invention.

应注意到:相似的标号和字母在下面的附图中表示类似项,因此,一旦某一项在一个附图中被定义,则在随后的附图中不需要对其进行进一步定义和解释。It should be noted that like numerals and letters denote similar items in the following figures, therefore, once an item is defined in one figure, it does not require further definition and explanation in subsequent figures.

在本发明的描述中,需要理解的是,术语“上”、“下”、“内”、“外”、“左”、“右”等指示的方位或位置关系为基于附图所示的方位或位置关系,或者是该发明产品使用时惯常摆放的方位或位置关系,或者是本领域技术人员惯常理解的方位或位置关系,仅是为了便于描述本发明和简化描述,而不是指示或暗示所指的设备或元件必须具有特定的方位、以特定的方位构造和操作,因此不能理解为对本发明的限制。In the description of the present invention, it should be understood that the orientations or positional relationships indicated by the terms "upper", "lower", "inner", "outer", "left", "right" etc. are based on those shown in the accompanying drawings. Orientation or positional relationship, or the orientation or positional relationship that is usually placed when the product of the invention is used, or the orientation or positional relationship that is commonly understood by those skilled in the art, is only for the convenience of describing the present invention and simplifying the description, rather than indicating or It should not be construed as limiting the invention by implying that a referenced device or element must have a particular orientation, be constructed, and operate in a particular orientation.

此外,术语“第一”、“第二”等仅用于区分描述,而不能理解为指示或暗示相对重要性。In addition, the terms "first", "second", etc. are only used for distinguishing descriptions, and should not be construed as indicating or implying relative importance.

在本发明的描述中,还需要说明的是,除非另有明确的规定和限定,“设置”、“连接”等术语应做广义理解,例如,“连接”可以是固定连接,也可以是可拆卸连接,或一体地连接;可以是机械连接,也可以是电连接;可以是直接连接,也可以通过中间媒介间接连接,可以是两个元件内部的连通。对于本领域的普通技术人员而言,可以根据具体情况理解上述术语在本发明中的具体含义。In the description of the present invention, it should also be noted that, unless otherwise specified and limited, terms such as "setting" and "connection" should be understood in a broad sense. For example, "connection" can be a fixed connection or a Detachable connection, or integral connection; it can be mechanical connection or electrical connection; it can be direct connection or indirect connection through an intermediary, and it can be the internal communication of two components. Those of ordinary skill in the art can understand the specific meanings of the above terms in the present invention according to specific situations.

下面结合附图,对本发明的具体实施方式进行详细说明。The specific implementation manners of the present invention will be described in detail below in conjunction with the accompanying drawings.

如图1所示,基于前沿邮服数据的邮件发送路径和发件IP提取方法,包括:As shown in Figure 1, the mail sending path and sending IP extraction method based on the frontier postal service data include:

S1、获取待测邮件的邮件头。S1. Obtain the mail header of the mail to be tested.

S2、检测邮件头的起源IP字段和Received字段,检测Received字段时,Received字段为邮件头最下边一个Received向上组合,fromby中有IP的,展示解析IP,没有IP的,展示邮箱地址或服务器地址。S2. Detect the source IP field and Received field of the mail header. When detecting the Received field, the Received field is the combination of Received at the bottom of the mail header. If there is an IP in the fromby, the resolved IP will be displayed; if there is no IP, the email address or server address will be displayed. .

S3、分析起源IP字段和Received字段是否存在,若均存在进入S4;若仅起源IP字段存在,则进入S5;若仅Received字段存在,则进入S6;若均不存在则发送路径和发件IP均为空。S3, analyze whether the source IP field and the Received field exist, if both exist, enter S4; if only the source IP field exists, then enter S5; if only the Received field exists, then enter S6; if neither exist, send the path and sender IP are all empty.

S4、分析起源IP字段和Received字段的关系,确定发送路径和发件IP;具体为:S4. Analyze the relationship between the source IP field and the Received field to determine the sending path and sending IP; specifically:

S41、分析起源IP字段是否存在于Received字段中,若存在,则发送路径为Received字段向上组合形成的路径,则进入S42,反之则发送路径为Received字段向上组合加上起源IP接入到第一个组合后的公网IP前,并进入S44;S41, analyze whether the source IP field exists in the Received field, if it exists, then the sending path is the path formed by the upward combination of the Received field, then enter S42, otherwise the sending path is the upward combination of the Received field and the source IP access to the first before the combined public network IP, and enter S44;

S42、分析起源IP是否为公网IP,若是,则进入S43,反之则发件IP为发送路径中第一个公网IP;S42, analyze whether the source IP is a public network IP, if so, then enter S43, otherwise the sending IP is the first public network IP in the sending path;

S43、分析起源IP是否为单IP,若是,则发件IP等于起源IP;反之则发件IP为第一个起源IP;S43, analyzing whether the source IP is a single IP, if so, the sending IP is equal to the source IP; otherwise, the sending IP is the first source IP;

S44、分析起源IP是否为公网IP,若是,则进入S45,反之则发件IP为邮件地址中的第一个公网IP;S44, analyze whether the source IP is a public network IP, if so, then enter S45, otherwise the sending IP is the first public network IP in the mail address;

S45、分析起源IP是否为单IP,若是,则发件IP为起源IP;反之则发件IP为第一个起源IP。S45. Analyze whether the originating IP is a single IP, if yes, then the sending IP is the originating IP; otherwise, the sending IP is the first originating IP.

S5、分析起源IP字段的相关信息,确定发送路径和发件IP;具体为:S5. Analyze the relevant information of the source IP field to determine the sending path and sending IP; specifically:

S51、分析起源IP字段的相关信息具体为分析起源IP是否为公网IP,若是,则进入S52;反之则发件IP为空,发送路径为起源IP;S51. Analyzing the relevant information of the source IP field is specifically analyzing whether the source IP is a public network IP, and if so, proceeding to S52; otherwise, the sending IP is empty, and the sending path is the source IP;

S52、分析起源IP是否为单IP,若是,则发件IP为起源IP,发送路径为起源IP;反之则发件IP为第一个起源IP,发送路径为第一个起源IP->第二个起源IP。S52. Analyze whether the originating IP is a single IP, if so, the sending IP is the originating IP, and the sending path is the originating IP; otherwise, the sending IP is the first originating IP, and the sending path is the first originating IP -> the second source IP.

S6、发送路径为Received字段向上组合形成的路径,发件IP为第一个非局域网IP。S6. The sending path is a path formed by upward combination of Received fields, and the sending IP is the first non-local area network IP.

Received字段向上组合形成路径时,按IP1->IP2的顺序展现所有的起源IP。起源IP的字段包括X-Originating-IP、X-Sender-IP、X-SenderIP、X-SentIP、senderIP、X-EMDG-ORIGINAL-IP。When the Received field is combined upwards to form a path, all source IPs are displayed in the order of IP1->IP2. The originating IP field includes X-Originating-IP, X-Sender-IP, X-SenderIP, X-SentIP, senderIP, X-EMDG-ORIGINAL-IP.

本方法能从邮件中发现并提取出真实的邮件发送路径及发件IP,为邮件攻击行为溯源提供可靠的数据支撑;识别出攻击邮件真实的邮件发送路径及发件IP,解决攻击者伪造邮件发送信息的问题。This method can discover and extract the real mail sending path and sending IP from the mail, and provide reliable data support for tracing the source of mail attack behavior; identify the real mail sending path and sending IP of the attack mail, and solve the problem of attackers forging mail Problem sending information.

本发明的技术方案不限于上述具体实施例的限制,凡是根据本发明的技术方案做出的技术变形,均落入本发明的保护范围之内。The technical solution of the present invention is not limited to the limitations of the above-mentioned specific embodiments, and any technical deformation made according to the technical solution of the present invention falls within the protection scope of the present invention.

Claims (4)

1. The mail sending path and the sending IP extraction method based on the front mail service data are characterized by comprising the following steps:
s1, acquiring a mail header of a mail to be tested;
s2, detecting an origin IP field and a Received field of the mail header;
s3, analyzing whether an origin IP field and a Received field exist or not, and entering S4 if both the origin IP field and the Received field exist; if only the originating IP field exists, then S5 is entered; if only the Received field exists, entering S6; if none exists, the sending path and the sending IP are empty;
s4, analyzing the relation between the source IP field and the Received field, and determining a transmission path and a sender IP;
s5, analyzing the related information of the origin IP field, and determining a transmission path and a transmission IP;
s6, the sending path is a path formed by upward combination of Received fields, and the sender IP is a first non-local area network IP.
2. The mail sending path and the sender IP extraction method based on the front edge mail service data according to claim 1, wherein when the Received field is detected, the Received field is the last Received of the mail header, and IP in from by is displayed and resolved, and mailbox address or server address is displayed without IP.
3. The mail transmission path and the delivery IP extraction method based on the front edge mail service data as set forth in claim 1, comprising in S4:
s41, analyzing whether an origin IP field exists in a Received field, if so, entering S42 if a transmission path is a path formed by upward combination of the Received field, otherwise, entering S44 if the transmission path is upward combination of the Received field and the origin IP before the first combined public network IP is accessed;
s42, analyzing whether the origin IP is a public network IP, if so, entering S43, otherwise, the sender IP is the first public network IP in the sending path;
s43, analyzing whether the origin IP is single IP, if so, enabling the sender IP to be equal to the origin IP; otherwise, the sender IP is the first origin IP;
s44, analyzing whether the origin IP is a public network IP, if so, entering S45, otherwise, sending the IP to be the first public network IP in the mail address;
s45, analyzing whether the originating IP is single IP, if so, the originating IP is the originating IP; otherwise, the sender IP is the first origin IP.
4. The mail transmission path and the delivery IP extraction method based on the front edge mail service data as set forth in claim 1, comprising in S5:
s51, analyzing whether the source IP is a public network IP or not according to the related information of the source IP field, if so, entering S52; otherwise, the sender IP is empty, and the sending path is the origin IP;
s52, analyzing whether the originating IP is single IP, if so, the originating IP is the originating IP, and the sending path is the originating IP; and otherwise, the sender IP is the first origin IP, and the sending path is the first origin IP- > the second origin IP.
CN202310751222.6A 2023-06-25 2023-06-25 Mail sending path and sending IP extraction method based on front edge mail service data Pending CN116633670A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202310751222.6A CN116633670A (en) 2023-06-25 2023-06-25 Mail sending path and sending IP extraction method based on front edge mail service data

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202310751222.6A CN116633670A (en) 2023-06-25 2023-06-25 Mail sending path and sending IP extraction method based on front edge mail service data

Publications (1)

Publication Number Publication Date
CN116633670A true CN116633670A (en) 2023-08-22

Family

ID=87617170

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202310751222.6A Pending CN116633670A (en) 2023-06-25 2023-06-25 Mail sending path and sending IP extraction method based on front edge mail service data

Country Status (1)

Country Link
CN (1) CN116633670A (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7756929B1 (en) * 2004-05-18 2010-07-13 Microsoft Corporation System and method for processing e-mail
CN104579924A (en) * 2014-12-27 2015-04-29 北京奇虎科技有限公司 Method for displaying email and email client
CN107154926A (en) * 2017-03-22 2017-09-12 国家计算机网络与信息安全管理中心 A kind of recognition methods and system for forging the fishing mail of sender
CN108418777A (en) * 2017-02-09 2018-08-17 中国移动通信有限公司研究院 Method, device and system for detecting phishing emails

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7756929B1 (en) * 2004-05-18 2010-07-13 Microsoft Corporation System and method for processing e-mail
CN104579924A (en) * 2014-12-27 2015-04-29 北京奇虎科技有限公司 Method for displaying email and email client
CN108418777A (en) * 2017-02-09 2018-08-17 中国移动通信有限公司研究院 Method, device and system for detecting phishing emails
CN107154926A (en) * 2017-03-22 2017-09-12 国家计算机网络与信息安全管理中心 A kind of recognition methods and system for forging the fishing mail of sender

Similar Documents

Publication Publication Date Title
US7668921B2 (en) Method and system for phishing detection
AU2010263086B2 (en) Real-time spam look-up system
US9635042B2 (en) Risk ranking referential links in electronic messages
US9305079B2 (en) Advanced spam detection techniques
JP2009518751A (en) Email Antiphishing Inspector
US20050050150A1 (en) Filter, system and method for filtering an electronic mail message
CN101730903A (en) Multidimensional reputation scoring
CN109039875B (en) A method and system for detecting phishing emails based on link feature analysis
CN108683589B (en) Junk mail detection method and device and electronic equipment
US9740858B1 (en) System and method for identifying forged emails
CN109039874B (en) A method and device for mail auditing based on behavior analysis
US20100161748A1 (en) Apparatus, a Method, a Program and a System for Processing an E-Mail
US20070061402A1 (en) Multipurpose internet mail extension (MIME) analysis
US20230291767A1 (en) Method of Detect an Email Phishing Attempt or Fraudulent Email Within an Email Domain
CN113938311B (en) Mail attack tracing method and system
CN116633670A (en) Mail sending path and sending IP extraction method based on front edge mail service data
CN115801719A (en) Mail processing method, device, equipment and readable storage medium
CN116319654B (en) Intelligent type junk mail scanning method
CN113381983B (en) A method and device for identifying counterfeit emails
JP2019008768A (en) Method of determining risk of scam mail, and device for the same
US20240297860A1 (en) Technique for communicating electronic messages
JP2003141033A (en) E-mail system for preventing mis-delivery
CN106656734A (en) Information processing device, information processing system, and information processing method
JP2006059313A (en) Filtering device that removes spam
CN115801419A (en) Fishing mail intercepting method and device, storage medium and electronic equipment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination