procmail
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Forwarding Inside the SAME domain question

2002-12-16 16:58:12
from [Doug Hubbell] [Permanent Link] 
SEAN!!!

Most excellent!

THAT WORKED!!!!!

Thanks for explaining this to me.

Doug Hubbell

*******************  This WORKS! ************************ BEGIN
# Global procmailrc Outgoing Email Audit!  By Sean B. Straw /
Professional Software Engineering
:0
* ! LOGNAME ?? ^diont$
{
         :0c
         # Person being audited for all outgoing messages
         * ^From(_dot_)*dhubbell(_at_)tecategroup(_dot_)com
         # Email Auditor that gets a copy of ALL outgoing emails sent by
         # employee.
         ! diont(_at_)tecategroup(_dot_)com
}
*******************  This WORKS! ************************ END

-----Original Message-----
From: procmail-admin(_at_)Lists(_dot_)RWTH-Aachen(_dot_)DE
[mailto:procmail-admin(_at_)Lists(_dot_)RWTH-Aachen(_dot_)DE] On Behalf Of 
Professional
Software Engineering
Sent: Monday, December 16, 2002 1:59 PM
To: procmail(_at_)Lists(_dot_)RWTH-Aachen(_dot_)DE
Subject: RE: Forwarding Inside the SAME domain question


At 12:22 2002-12-16 -0800, Doug Hubbell did say:

Thanks for the responses!!


Please read them.


I use the "procmailrc" as a GLOBAL for all of the email address in my 
company and NOT single individual accounts.  I am trying to do an 
INTERNAL EMAIL AUDIT:


Don't simply refer to it as "procmailrc" -- the global procmailrc file
is 
referred to by it's default path (unless you've hacked procmail):
         /etc/procmailrc

User procmailrcs (as used by procmail when running as an LDA) are:
         ~/.procmailrc


ALL email that was sent by a "selected" user will be forwarded to an 
"internal email auditor" of my choice.


Herein lies your problem - you're redelivering a message through the
local 
mail system, and your conditions would match on subsequent sends.

In your /etc/procmailrc, try:

# the LOGNAME compared here needs to be the hosted account where the
mail is # being forwarded.  This isn't necessarily the same as the
_email_ address to # which you forward - it is the local username ONLY.
:0
* ! LOGNAME ?? ^diont$
{
         :0c
         # Person being audited for all outgoing messages
         * ^From(_dot_)*dhubbell(_at_)tecategroup(_dot_)com
         # Email Auditor that gets a copy of ALL outgoing emails sent by
         # employee.
         ! diont(_at_)tecategroup(_dot_)com
}

Then, when the forwarded message is being processed on behalf of the 
recipient of the forwarded copy, the rule will not be invoked.  This
method 
works so long as the copy is being forwarded to a local user (and 
obviously, if you're having loop problems, it is).  The method of adding
an 
"X-Loop:" is more traditionally accepted.


I want this forward to be decided and implemented by my "procmail", and
not by the client.  This audit will be enforced and analyzed on

suspicious 

employees abusing the email privileges.


Sounds more like you'll need to investigate rulesets within your 
MTA.  Sendmail can be configured to invoke programs (including procmail)

when it is processing messages being *SENT*, but that isn't common.


       :0 c
# Person being audited for all outgoing messages
        * ^From(_dot_)*dhubbell(_at_)tecategroup(_dot_)com
# Email Auditor that gets a copy of ALL outgoing emails sent by 
employee.
        ! diont(_at_)tecategroup(_dot_)com

  In this example, as a test, I sent from 
"dhubbell(_at_)tecategroup(_dot_)com" 
to "luser(_at_)tecategroup(_dot_)com".


Note that unless you've hacked your MTA, procmail is only invoked for 
*RECEIVED* messages -- if said user is *SENDING* mail to persons
*OUTSIDE* 
of your domain, you will not match those messages.


Hoping that a message that was sent by dhubbell(_at_)tecategroup(_dot_)com 
would 
be
forwarded diont(_at_)tecategroup(_dot_)com(_dot_)  This gets stuck in a loop 
and bounces



out of sight!


For the reasons already explained - you are setting up a mail loop.
Please 
re-read the suggestions advising you to insert and check for a loop 
indicator: "X-Loop:"


I am not sure, but I'll bet it has something to do with me using a 
single procmailrc for my entire domain.


You're still not being clear on what "domain" constitutes - one account
on 
a server, or the entire server, comprising multiple accounts, none of
which 
is simplified by the fact that you're referring to a "global"
procmailrc, 
but not indicating that it is indeed /etc/procmailrc (which would mean 
domain=server, rather than domain=account).


# Spy Outgoing Emails (Begin)

       :0 c
       * ^From(_dot_)*dhubbell(_at_)tecategroup(_dot_)com
       ! diont(_at_)tecategroup(_dot_)com

# Spy Outgoing Emails (END)


See my comment above about "outgoing" messages.


---
  Sean B. Straw / Professional Software Engineering

  Procmail disclaimer:
<http://www.professional.org/procmail/disclaimer.html>
  Please DO NOT carbon me on list replies.  I'll get my copy from the
list.


_______________________________________________
procmail mailing list
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail


_______________________________________________
procmail mailing list
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  clearing MATCH, dman
Next by Date:  Newbie Problem with Nesting Actions, Jeff Borders
Previous by Thread:  RE: Forwarding Inside the SAME domain question, Professional Software Engineering
Next by Thread:  Problems with procmail and exim, saf
Indexes:  [Date] [Thread] [Top] [All Lists]