| With the popularization and development of Internet, E-mail has become one kind of the most important network services on the Internet. It brings people great conveniences, in the meantime also gives some offenders the opportunities to transmit the illegal information by it who will achieve a wigger in the woodpile. The network monitor belongs to the category of network security monitor, and the E-mail monitoring also belongs to a part of the network monitor, which only monitors the E-mail protocol.At first, this paper discusses the research background, analyzes the present development situation of E-mail monitor technology at home and abroad, then elaborates the transmission theory of E-mail, introduces two important E-mail protocols—SMTP and POP3 and a few important E-mail encoding methods. And it introduces the network theory monitor and the correlative knowledge of BPF model in detail. Based on that, the framework and whole design of E-mail monitor systems are put forward. It can be divided into the E-mail monitor part and E-mail analysis part. In the part of the E-mail monitor, it has disposed several kinds of different experimental environments. And the monitor computer runs the monitor programs on Linux OS which captures data packets from network card, and filters these data packets, and analyzes how to capture the data of SMTP or POP3 E-mail protocol. And in the E-mail analysis, it analyzes the structure and format of E-mail, and gives the methods of analyzing the E-mails carptured from the monitor part and restoring their contents. This part comes true the management of E-mails which are analyzed, and could be run on the monitor computer and other machines. At last, this paper draws a conclusion and makes a view of the prospect. |
PDF Full Text Request