At 12:22 2002-12-16 -0800, Doug Hubbell did say:
Thanks for the responses!!
Please read them.
I use the "procmailrc" as a GLOBAL for all of the email address in my
company and NOT single individual accounts. I am trying to do an
INTERNAL EMAIL AUDIT:
Don't simply refer to it as "procmailrc" -- the global procmailrc file is
referred to by it's default path (unless you've hacked procmail):
/etc/procmailrc
User procmailrcs (as used by procmail when running as an LDA) are:
~/.procmailrc
ALL email that was sent by a "selected" user will be forwarded to an
"internal email auditor" of my choice.
Herein lies your problem - you're redelivering a message through the local
mail system, and your conditions would match on subsequent sends.
In your /etc/procmailrc, try:
# the LOGNAME compared here needs to be the hosted account where the mail is
# being forwarded. This isn't necessarily the same as the _email_ address to
# which you forward - it is the local username ONLY.
:0
* ! LOGNAME ?? ^diont$
{
:0c
# Person being audited for all outgoing messages
* ^From(_dot_)*dhubbell(_at_)tecategroup(_dot_)com
# Email Auditor that gets a copy of ALL outgoing emails sent by
# employee.
! diont(_at_)tecategroup(_dot_)com
}
Then, when the forwarded message is being processed on behalf of the
recipient of the forwarded copy, the rule will not be invoked. This method
works so long as the copy is being forwarded to a local user (and
obviously, if you're having loop problems, it is). The method of adding an
"X-Loop:" is more traditionally accepted.
I want this forward to be decided and implemented by my "procmail", and
not by the client. This audit will be enforced and analyzed on suspicious
employees abusing the email privileges.
Sounds more like you'll need to investigate rulesets within your
MTA. Sendmail can be configured to invoke programs (including procmail)
when it is processing messages being *SENT*, but that isn't common.
:0 c
# Person being audited for all outgoing messages
* ^From(_dot_)*dhubbell(_at_)tecategroup(_dot_)com
# Email Auditor that gets a copy of ALL outgoing emails sent by
employee.
! diont(_at_)tecategroup(_dot_)com
In this example, as a test, I sent from "dhubbell(_at_)tecategroup(_dot_)com"
to
"luser(_at_)tecategroup(_dot_)com".
Note that unless you've hacked your MTA, procmail is only invoked for
*RECEIVED* messages -- if said user is *SENDING* mail to persons *OUTSIDE*
of your domain, you will not match those messages.
Hoping that a message that was sent by dhubbell(_at_)tecategroup(_dot_)com would be
forwarded diont(_at_)tecategroup(_dot_)com(_dot_) This gets stuck in a loop and bounces
out of sight!
For the reasons already explained - you are setting up a mail loop. Please
re-read the suggestions advising you to insert and check for a loop
indicator: "X-Loop:"
I am not sure, but I'll bet it has something to do with me using a
single procmailrc for my entire domain.
You're still not being clear on what "domain" constitutes - one account on
a server, or the entire server, comprising multiple accounts, none of which
is simplified by the fact that you're referring to a "global" procmailrc,
but not indicating that it is indeed /etc/procmailrc (which would mean
domain=server, rather than domain=account).
# Spy Outgoing Emails (Begin)
:0 c
* ^From(_dot_)*dhubbell(_at_)tecategroup(_dot_)com
! diont(_at_)tecategroup(_dot_)com
# Spy Outgoing Emails (END)
See my comment above about "outgoing" messages.
---
Sean B. Straw / Professional Software Engineering
Procmail disclaimer: <http://www.professional.org/procmail/disclaimer.html>
Please DO NOT carbon me on list replies. I'll get my copy from the list.
_______________________________________________
procmail mailing list
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail