procmail
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Can I Do this?

2003-07-25 07:32:30
from [Scott Miller] [Permanent Link] 
What I did was told the authorities that I could capture incoming with no
problem, but if they wanted me to reconfigure my entire system to capture
outgoing mail, then they were going to have to hire someone to come in and
help me with it.

I'll review your answer below, however, and see if it's viable to implement
in the near future.

Scott

----- Original Message ----- 
From: "Shashank V. Kolhatkar" <sv(_dot_)kolhatkar(_at_)idbi(_dot_)co(_dot_)in>
To: <procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE>
Sent: Friday, July 25, 2003 5:50 AM
Subject: Re: Can I Do this?



Hi Boss,

I was eagerly waiting for the responses you would get for your query.

Looks like experts have given their opinion and what all we know is
sendmail/procmail's inbound email capturing is very strong; it is good
enough if the TO or one of the TO/cc addresses belongs to your office's (on
LAN) email address BUT emails just bounce or untraceable if those are for
your enterprise's WAN or internet.


Let me tell you about myself, I am a newbie in sendmail/procmail, I have

Linux/sendmail/procmail and outlook express 5.0 at clients and I have been
facing similar scenario. Earlier I thought it was BCC route then the 8 bit
header route some 1 is sending information outside people which is costing
my organization.


I have developed work around way for this problem at which most of the

experts are going to scoff/laugh though it requires final touches.


it is some what like this.
---------------------------

any email which leaves your LAN has to be in a queue (mailq), be it 8 bit

header mail or bcc or wan/internet mail. So in sendmail.cf set MinQueueAge
to 6m,

Set DeliveryMode to deffered.  Now every email has to ferment in a queue.

I have tested this and it works fine.


Now run a shell which mailq | grep 'culprit'sID' | cut -c1-8  which will

give you Q-ID of culprit's email being fermented in the queue.

Next is cp *Q-ID from /var/spool/mqueue to a specific location.
autorun the above shell using 'at' command at interval of 5 minutes.

This way I have captured almost all the communication of culprit.
Only problem is, well I feel guilty of slowing down my email server due to

these over heads.

Truely speaking I am still touching up the settings to avoid mail delivery

as although 6 minutes delay is set, it is more than 30 minutes.


I shall be happy if experts do help us in touching up sendmail.cf for this

requirement.


Thanking you all for reading thru this un conventional solution,
best regards

ShashankK



_______________________________________________
procmail mailing list
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail



_______________________________________________
procmail mailing list
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Logging TO field, Birl
Next by Date:  Re: How can I properly detect and handle wrapping?, James Burlington
Previous by Thread:  Re: Can I Do this?, Shashank V. Kolhatkar
Next by Thread:  Procmail globel filter, Shahid Mahmood
Indexes:  [Date] [Thread] [Top] [All Lists]