| 摘要 |
Information such as message identifier, sender, recipient, timestamp, etc., are recorded in a record in a local database as an e-mail message is sent out. A DSN counter is set equal to the total number of recipients, thus allowing returned messages to be compared against this counter to thwart a capture/replay attack. When a DSN message is received at the computer system it includes the originally sent e-mail message. The DSN message may be legitimate or it may be a faked DSN message. The system searches the local database for a record having information that matches with the returned e-mail message. If a match exists, the DSN message is legitimate and it is delivered to the original sender. If no match exists, then the DSN message has been faked and appropriate action is taken. When a match occurs, a match count value is incremented for that record and compared against the originally stored DSN count value. If the number of received DSN messages is greater than the original number of recipients, then a capture/replay attack has occurred and appropriate action is taken. |
