A situation arose at work where I was asked to log a copy of ALL incoming/outgoing email. This wasn't because
management wanted to spy on the employees. Management thought it would be good if we could provide an email archive
that users could search through if the documents and memos if our electronic library were inadequate.
I know all about After searching the news groups I found a lot of people asking the same question, but no one had a satisfactory answer.
Here is the msgidruleset.m4 file
you will need to place into the sendmail-8.9.3/cf/feature directory.
Now add the following line to your site-config.mc
file.
FEATURE(msgidruleset)
Here is what my site-config.mc file looks like.
VERSIONID(`@(#)mcst-config.mc Shane B. Milburn 04/21/1999')
After you create your site-config.mc file, use the m4 program to generate your sendmail.cf file. In /usr/local/src/sendmail-8.9.3/cf/cf you would use "m4 ../m4/cf.m4 site-config.mc > sendmail.cf". This would create a sendmail.cf in the cf directory. You can either move this file into /etc/mail/ or invoke sendmail with the "-C" option to test.
There is a catch to all of this logging. Depending on the amount of mail that goes through the system /var/mail/copyuser can get quite large. Since I needed to make an archive through which a user must parse, it made sense to rotate the file daily. This allowed the user to grep a particular day's email rather than a week or a month's worth of email. At the end of the week I tared the files into a weekending.MMDDYYYY.tar
file and wrote it to 8mm. Before you implement an email archive, make sure your company has a policy about privacy issues and who actually owns the email sent to/from your server.
I can't really give you any long term "performance vs disk space" stats. Just after I figured out how to log all incoming and outgoing email, Management decided that they no longer wanted an archive and I had to remove it. Oh well...atleast it
gave me a chance to dig deep into the bowels of the sendmail rulesets. :-)
If you have any questions, comments, improvements please email me at
[email protected].
[1] http://www.harker.com/sendmail/copyuser.html
me to put an entry in /etc/mail/aliases that copied the archive for every email we recieved. He wanted to capture
everything INCOMING and OUTGOING and he wanted it to be transparent to the users.
Until I came across a posting from Robert
Harker that listed a feature he called "copyuser"[1].
This appeared to be
what I needed. After installing it and doing some testing, I found that it was missing a few things. Harker's version logged all external messages but it did not log any messages that were sent local. So I made some modifications to log a copy of ALL local and external mail to an account called "copyuser."
Here's the original article
from ;login with some examples and explainations. (*Note: there were a few minor typos in the original article. Use the files below if you are trying to set this up.)
VERSIONID(`@(#)This configuration logs ALL email to copyuser.')
OSTYPE(solaris2)
FEATURE(use_cw_file)dnl
FEATURE(relay_entire_domain)dnl
FEATURE(always_add_domain)
FEATURE(rbl)
MAILER(smtp)
MAILER(local)
FEATURE(msgidruleset)
[2] Sendmail 2nd Edition, by Bryan Costales with Eric Allman, January
1997.
[3] Newgroup: comp.mail.sendmail
[
Previous
5 Sites
|
Previous
|
Next
|
Next 5
Sites
|
Random
Site
|
List Sites
]