1. Field of the Invention
The present invention relates generally to computer network traffic analysis. More particularly, the present invention relates to a method and apparatus for detecting web-based electronic mail in network traffic.
2. Description of the Related Art
Various software applications exist to intercept electronic mail (e-mail) within a network. An enterprise, small business, or other organization may utilize such applications for purposes of compliance checking, data leakage prevention (DLP), archiving, and the like. Such applications can be effective at intercepting normal e-mail messages composed and sent using e-mail client applications, such as MICROSOFT OUTLOOK and the like. Such normal e-mail messages can be detected, since the e-mail client applications utilize well-known e-mail protocols, such as simple mail transfer protocol (SMTP). E-mail intercept applications, however, fail to capture web-based e-mail messages (also referred to as “webmail”). Exemplary webmail clients include HOTMAIL, GMAIL, YAHOO mail, and the like. Applications that monitor the well-known e-mail protocols can miss webmail messages, which are typically sent out of the network using hypertext transfer protocol (HTTP).
Accordingly, there exists a need in the art for a method and apparatus for detecting web-based e-mail in network traffic.