大規模組織におけるPOP before SMTPに基づく管理の容易な電子メールシステム運用方法  [in Japanese] An Operation Method of E-mail Systems for Large Scale Organizations Based on "POP before SMTP" with Minimal Administration  [in Japanese]

Access this Article

Search this Article

Author(s)

Abstract

電子メールにおけるセキュリティ強化手法として,多数の下部組織を有する大規模組織では,組織宛のすべての電子メールをいったん受け取り,検査を行ったうえで組織内の他のメールサーバに中継するようなメールゲートウェイが導入されている場合が多い.ところが,この場合,正規の利用者が組織内メールサーバを用いて組織外から電子メールを発信する場合によく利用されるPOP beforeSMTPをそのまま用いることが困難であるという問題が生じる.そこで本論文では,メールゲートウェイにPOP通信を監視させることにより上記の問題を解決する運用方法を提案する.この方法では利用者端末や他のメールサーバの変更は必要なく,管理が容易であるという特徴を持つ.実験の結果,本方法のオーバヘッドは十分小さく,本方法の実用性が確認された.In terms of security enhancement for e-mail, a large organization with many divisions often introduces a mail gateway, which receives all inbound e-mails, then examines and forwards them to other mail servers in the organization. However, in such an organization, "POP before SMTP" cannot be used for a legitimate user to send messages with an inner mail server from outside of the organization. To solve this problem, we propose an operation method that the mail gateway monitors all POP communication between a user's terminal and an inner mail server. Since this method does not require the configurations of either users' terminals or inner mail servers, it is easy for the administrators to introduce and maintain this method. Simulation experiments show that the overhead of the proposed method is small enough for practical use.

In terms of security enhancement for e-mail, a large organization with many divisions often introduces a mail gateway, which receives all inbound e-mails, then examines and forwards them to other mail servers in the organization. However, in such an organization, "POP before SMTP" cannot be used for a legitimate user to send messages with an inner mail server from outside of the organization. To solve this problem, we propose an operation method that the mail gateway monitors all POP communication between a user's terminal and an inner mail server. Since this method does not require the configurations of either user's terminals or inner mail servers, it is easy for the administrators to introduce and maintain this method. Simulation experiments show that the overhead of the proposed method is small enough for practical use.

Journal

  • IPSJ journal

    IPSJ journal 46(4), 1041-1050, 2005-04-15

    Information Processing Society of Japan (IPSJ)

References:  17

Codes

  • NII Article ID (NAID)
    110002768607
  • NII NACSIS-CAT ID (NCID)
    AN00116647
  • Text Lang
    JPN
  • Article Type
    Journal Article
  • ISSN
    1882-7764
  • NDL Article ID
    7323187
  • NDL Source Classification
    ZM13(科学技術--科学技術一般--データ処理・計算機)
  • NDL Call No.
    Z14-741
  • Data Source
    CJP  NDL  NII-ELS  IPSJ 
Page Top