【作者】 朱骏；

【导师】 陈刚；

【作者基本信息】 浙江大学 ， 计算机应用， 2003， 硕士

【摘要】 电子邮件在发送过程中，会经过不同的网络节点，极可能被偷窥和篡改。当电子邮件系统在企业中的角色逐渐向信息平台转换时，这些安全问题日益严重。安全的电子邮件传输有三点基本的要求，即保密性、完整性和不可抵赖性。为了达到这些要求，企业设立了自己的电子邮件安全平台。目前较为流行的方案是基于PGP／MIME和S／MIME两类邮件安全标准，两者均采用加密技术和数字签名技术来实现对邮件内容的安全和来源的确认，基本能满足企业的需要。 企业为了保护电子邮件安全所做的另一项工作，就是建立邮件过滤系统来解决电子邮件的滥用问题。企业的电子邮件滥用问题有两类，一是指企业外部某些个人和机构向企业发送大量内容雷同或含有不适宜信息甚至附带计算机病毒的邮件；另一类是指企业内部的员工在有意或无意的情况下通过电子邮件泄漏了涉及企业知识产权和商业机密的信息。解决这个问题的最好办法就是对电子邮件的扫描过滤。可是目前的扫描过滤技术还不能胜任企业信息安全的需要，没有很好的利用企业已有的邮件安全机制，如前面提到的数字签名等。 本文在分析传统邮件协议安全缺陷的基础之上，对安全电子邮件系统的技术发展进行了综述。分析了当前企业环境下，安全电子邮件系统，特别是电子邮件扫描过滤技术所存在的不足，并就此提出了本文的研究目标。 然后，本文对解决邮件扫描过滤在企业应用中所存在的问题进行了研究，详细分析了企业信息安全平台中对电子邮件安全所使用的机制(本文称之为企业邮件安全平台)，特别是可以被利用到邮件扫描过滤技术中去的数字签名机制和基于数字水印的图档管理机制，阐明了它们的工作原理和体系结构。 接着，本文给出了一个改进了的企业邮件过滤网关方案，解决了现有扫描过滤系统的缺陷，包括：利用TCP包的伪装技术实现邮件会话的保持，继而实现串行接入的邮件过滤；利用数字签名技术实现的“白名单”功能；利用数字水印实现的对图档附件的过滤。 最后，本文提出了实现企业邮件过滤网关的四层结构(即传输控制层、邮件协议层、邮件解析层和内容分析层)，以及各层所要完成的功能和整个系统的过滤机制，并在此基础上，详细介绍了四层的具体实现和改进的算法。更多还原

【Abstract】 During the sending process, e-mail must go through various network nodes, which will make the content be peered and modified. Nowadays, the role of the mail system become more and more important as an information platform in corporations, however, the security problems become worse. There are three basic requests for the secure mail, that is, confidentiality, integrity and being undeniable. To reach these needs, corporations have established their own secure mail platform. The most popular solutions are always base on PGP/MIME and S/MIME standards, both of which protect the e-mail content by using the technics of cryptology and digital signature.Another work for corporations to do to protect the security of e-mails is to establish a mail filter system, which is intended to solve the problem of e-mail abuse. The kind of e-mail abuse can be classified as two. One is that, certain person or entity sends mails of similar content, or improper information, even computer viruses; the other is that, certain employee may divulgate the business secret through e-mail intentionally or not. The best way to solve the problem is mail scanning and filtering. Anyway, the scanning and filtering technology now is not so competent to meet the needs of corporations.In this paper, we firstly make a summarization of the development of mail security technology, analyzing the weak points of these technology, especially the weak points of the mail filtering. Thus, we gives out the goal of the reach work in this paper.Then, we discuss deeply into operation of the mail security platform in corporation environment. We pay special attention on the mechanisms of digital signature and digital-print-based management of drawings in such corporations and expect to make clear the architecture and the theory of them.After that, we give out an enhanced design of the mail filter gateway for corporation use. This design makes up the weak point of current filter system, and support the functions including: the mail session keeping by TCP package cheating technology; the "white list" function by digital signature technology and the drawing filtering by digital print technology.At last, we represent the four-layer architecture of the mail filter, including the transfer control layer, the mail protocol layer, the mail parsing layer and the content analysis layer. Based on this idea, we finally give out the implement detail of the mail filter and the enhanced algorithm.更多还原