The approaches described in this section are approaches that could be: pursued, but not necessarily approaches that have been previously conceived or pursued. Therefore, unless otherwise indicated, the approaches described in this section are not prior art to the claims in this application and are not admitted to be prior art by inclusion in this section.
Mail transfer agents (MTA's) typically receive a large number of email messages, anywhere from hundreds of messages per hour to hundreds of thousands of messages per hour. Because of the increasing problems of the tremendous volume of unsolicited commercial email (i.e., spam) and from a significant percentage of email messages being infected with viruses, administrators of MTA's would like to be able to monitor the flow of email messages to the MTA's in an easy and efficient manner in order to take steps to deal with spam and virus infected email messages.
However, traditional mail flow monitoring approaches only allow the administrators to see the overall total flow of email messages into the MTA, and these approaches do not allow the administrators to distinguish between email messages that the administrators want to let into the system served by the MTA (e.g., legitimate email messages from the company's partners and customers) from email messages that the administrators want to avoid, such as spam that often comprises the majority of messages being sent to the MTA or virus infected email messages that can cause significant harm to a company's electronic files and systems.
Furthermore, traditional mail flow monitoring approaches require that administrators analyze old, historical mail flow information, which is inconvenient and only allows the administrators to see what has happened in the past. These approaches restrict an administrator's ability to respond to immediate problems.
In addition, such traditional mail flow monitoring approaches require considerable skill and effort by administrators to process the historical data and analyze the aggregated results to determine whether any trends are present that would be of interest, such as identifying spikes in the volume of incoming email messages that may be indicative of spam or a virus outbreak. Even if administrators are able to successfully analyze the historical data, the administrators still must configure the MTA's to change the manner in which future messages will be processed, such as by manually modifying a configuration file, :which can be cumbersome and inconvenient.
Based on the foregoing, it is desirable to provide improved techniques for monitoring of the flow of email messages to an MTA that can enable the administrator of the MTA to distinguish between desirable and undesirable flow of email messages. Furthermore, there is a need for an approach that allows the flow of email messages to be monitored based on more up to date information and that allows an administrator to easily identify patterns and specify actions to be taken based on that information.