Search

KR-20260066854-A - METHOD FOR DELIVERING URL USING SMTP PORT IN SEPERATED NETWORK ENVIRONMENT AND MAIL LINK DEVICE PERFORMING THE SAME

KR20260066854AKR 20260066854 AKR20260066854 AKR 20260066854AKR-20260066854-A

Abstract

The present invention relates to a method for transmitting a URL within a mail body using an SMTP port in a network separation environment and a mail linkage device for performing the same, the method comprising: a step of detecting a URL within a body included in the EML of a received mail; a step of obtaining a web page capture image by capturing the screen of a web page accessed using the detected URL within the body; a step of generating a system EML that includes the obtained web page capture image as an attachment; a step of configuring a recombined EML by including location information within an internal network where the web page capture image is stored in the EML; and a step of transmitting the system EML and the recombined EML to an internal network through a first port.

Inventors

  • 김기남
  • 이성한
  • 이호성

Assignees

  • (주)기원테크

Dates

Publication Date
20260512
Application Date
20241105

Claims (15)

  1. A method for transmitting a URL (Uniform Resource Locator) within the body of an email received from an external network to an internal network in a network separation environment, A step of detecting a URL within the body of the EML of the received email; A step of obtaining a webpage capture image by capturing the screen of a webpage accessed using the detected URL within the body; A step of generating a system EML that includes the above-mentioned webpage capture image as an attachment; A step of configuring a recombined EML by including location information within an internal network where the web page capture image is stored in the above EML; and A method for transmitting a URL in a mail body using an SMTP port in a network separation environment, characterized by including the step of transmitting the generated system EML and the configured recombined EML to an internal network through a first port.
  2. In paragraph 1, the system EML is It is transmitted from the first network linkage device located in the external network to the second network linkage device located in the internal network through port 25, and A method for delivering a URL within a mail body using an SMTP port in a network separation environment, characterized by being bypassed by the first and second network interconnection devices and transmitted to the internal network as is the generated system EML.
  3. In paragraph 2, the above-mentioned system EML is A method for delivering a URL within a mail body using an SMTP port in a network separation environment, characterized by being generated by a first mail linkage device located in the external network and having the recipient address changed to a preset address and transmitted to the first network linkage device.
  4. In paragraph 2, A method for transmitting a URL within a mail body using an SMTP port in a network separation environment, characterized in that the web page capture image included as an attachment in the above-mentioned system EML is transmitted from the above-mentioned second network linkage device to the second mail linkage device located in the above-mentioned internal network and stored.
  5. In paragraph 4, the recombinant EML is It is transmitted from the first network linkage device located in the external network to the second network linkage device located in the internal network through port 25, and A method for delivering a URL within a mail body using an SMTP port in a network separation environment, characterized by being delivered to a user terminal through a mail server located in the internal network.
  6. In paragraph 5, A method for delivering a URL within a mail body using an SMTP port in a network separation environment, characterized in that when a URL within the body is selected at a user terminal that has received the recombined EML, a web page capture image stored in a second mail linkage device located in the internal network is downloaded to the user terminal.
  7. In paragraph 5, When a report-type attachment containing a list of URLs within the body is selected on a user terminal that has received the above-mentioned recombined EML, the list of URLs within the body is provided to the user terminal, and A method for delivering a URL within a mail body using an SMTP port in a network separation environment, characterized in that when a URL within the mail body is selected from the list of URLs within the mail body provided above, a web page capture image stored in a second mail linkage device located in the internal network is downloaded to the user terminal.
  8. In paragraph 7, the recombinant EML is A method for delivering a URL within a mail body using an SMTP port in a network separation environment, characterized by including a body capture image of the body of the received mail as an image within the body.
  9. In paragraph 1, the recombinant EML is A method for delivering a URL within a mail body using an SMTP port in a network separation environment, characterized by including the above-mentioned webpage capture image as an image within the body.
  10. A computer program recorded on a recording medium to execute the method described in any one of paragraphs 1 through 9 on a computer.
  11. In a mail linkage device for transmitting a URL within the body of a received mail from an external network to an internal network in a network separation environment, A content detection unit that detects URLs within the body of the EML of the received email; An image acquisition unit that obtains a webpage capture image by capturing the screen of a webpage accessed using the detected URL within the body; and An EML processing unit that generates a system EML including the above-mentioned acquired webpage capture image as an attachment, and constructs a recombined EML by including location information within an internal network where the webpage capture image is stored in the EML; A mail linkage device characterized by the above-mentioned generated system EML and the above-mentioned configured recombinant EML being transmitted to an internal network through a first port.
  12. In paragraph 11, the system EML and the recombinant EML are It is transmitted from the first network linkage device located in the external network to the second network linkage device located in the internal network through port 25, and The above system EML is bypassed by the first and second network interconnection devices and transmitted to the internal network as is, the system EML generated by the EML processing unit, and A mail linkage device characterized by the above-mentioned recombined EML being delivered to a user terminal through a mail server located in the internal network.
  13. In Paragraph 12, A mail linkage device characterized by the fact that the web page capture image included as an attachment in the above-mentioned system EML is transmitted from the above-mentioned second network linkage device to an internal mail linkage device located in the above-mentioned internal network and stored.
  14. In Paragraph 13, A mail linkage device characterized by the fact that when a URL within the body is selected on a user terminal that has received the recombined EML, the web page capture image stored in the internal mail linkage device is downloaded to the user terminal.
  15. In Paragraph 13, When a report-type attachment containing a list of URLs within the body is selected on a user terminal that has received the above-mentioned recombined EML, the list of URLs within the body is provided to the user terminal, and A mail linkage device characterized by the fact that when a URL within the body is selected from the provided URL list within the body, the web page capture image stored in the internal mail linkage device is downloaded to the user terminal.

Description

Method for delivering a URL within a mail body using an SMTP port in a separated network environment and a mail link device performing the same The present invention relates to a method for transmitting a URL (Uniform Resource Locator) within the body of an email received from an external network to an internal network in a network separation environment. Email enables the sending and receiving of messages through a network such as the Internet, and email users can transmit content they wish to share by attaching a file to the email or including a URL (Uniform Resource Locator) in the body. The EML (Electronic Mail) files used for sending and receiving emails as described above represent email messages stored using Outlook and other related applications, and most email clients support the EML file format to comply with the RFC-822 Internet Message Format standard. For example, Microsoft Outlook is the default software for opening EML message types, and EML files can be stored on computer storage media and sent to recipients using communication protocols. The format of an EML file can be provided according to the RFC 822 standard, and can be generated and transmitted according to the MIME RFC-822 standard so that content in various formats, such as plain text as well as HTML data and multimedia, can be included in the mail data. Meanwhile, cases of cybercrime damage are surging due to various attacks using spam or malicious emails, and corporate damage caused by fraudulent emails disguised as legitimate emails is also increasing. Recently, beyond random email attacks targeting an unspecified number of people, there has been an increasing trend of targeted email attacks aimed at specific individuals using techniques such as header tampering, pseudo-domains, spoofing emails, sending IP forgery, sender impersonation, and routing changes. Accordingly, mail security systems are required to effectively respond to targeted email attacks by comprehensively considering not only conventional spam blocking but also incoming and outgoing email security. In addition, there is a need to develop an email security system capable of effectively managing contents such as attachments, URLs, and images transmitted in various forms via email, blocking unauthorized access, and detecting potential risks that may occur after the fact. FIG. 1 is a block diagram schematically illustrating the overall configuration according to an embodiment of the present invention. FIG. 2 is a block diagram showing the configuration of a mail security system according to an embodiment of the present invention. FIG. 3 is a flowchart illustrating an EML recombination method according to an embodiment of the present invention. Figure 4 is a diagram illustrating an example of a method for recombining EML in a mail security system. FIGS. 5 and 6 are drawings for illustrating embodiments of a method for recombining and delivering EML for a received mail. FIGS. 7 and FIGS. 8 are drawings for illustrating embodiments of a method for recombining and delivering EML for outgoing mail. FIG. 9 is a diagram illustrating an embodiment of a method for encrypting and transmitting an attachment file. FIGS. 10 and FIGS. 11 are drawings for illustrating embodiments of a method for providing post-inspection results for an attached file. FIG. 12 is a block diagram showing another embodiment of the configuration of a mail security system according to the present invention. FIG. 13 is a flowchart illustrating an embodiment of a method for securing incoming mail. FIG. 14 is a flowchart illustrating an embodiment of a method for security of outgoing mail. FIG. 15 is a block diagram showing the configuration of the entire system according to an embodiment of the present invention in a network separation environment. FIG. 16 is a block diagram showing the configuration of a mail linkage device according to an embodiment of the present invention. FIG. 17 is a flowchart illustrating a method for transmitting a URL within a mail body according to an embodiment of the present invention. FIG. 18 is a block diagram illustrating an example of a method for transmitting a URL within a body to an internal network through an SMTP port in a network separation environment. FIG. 19 is a diagram illustrating an example of a method for generating a system EML. FIG. 20 is a drawing for explaining a first embodiment of a method for constructing a recombinant EML. FIG. 21 is a drawing for explaining a second embodiment of a method for constructing a recombinant EML. FIGS. 22 and FIGS. 23 are drawings for illustrating embodiments of the composition of a report included as an attachment in a recombinant EML. FIG. 24 is a diagram illustrating a second embodiment of a method for constructing a recombinant EML. Hereinafter, the configuration and operation of a mail security system according to an embodiment of the present invention will be described in detail with reference to the attached drawings.