Hi,
I have a gateway/firewall running FreeBSD 6.1 -release . I would like to
capture all incoming and outgoing email messages to archive them. Is there
is any tool available out there ? I mean a proxy,sniffer or any other
solution.
Thanks in advance,
Dominik
2006/10/6, Eric <heli@mikestammer.com>:> > Dominik Zalewski wrote: > > Hi, > > > > I have a gateway/firewall running FreeBSD 6.1 -release . I would like to > > capture all incoming and outgoing email messages to archive them. Is > there > > is any tool available out there ? I mean a proxy,sniffer or any other > > solution.>> > >>there are ways in postfix and probably most other MTAs to make a copy of > >>things as they are handled by the SMTP engine. check out the howtos on > >>postfix.org or google a little and you should have plenty to go on. > >> > >>EricI know most of MTAs can do it but I dont want users to use local MTA for outgoing emails, plus this solution is just for outgoing emails , what about pop3 ? I just want to capture all smtp/pop3 traffic in packets level. Dominik
On Friday 06 October 2006 23:11, Dominik Zalewski wrote:> 2006/10/6, Eric <heli@mikestammer.com>: > > Dominik Zalewski wrote: > > > Hi, > > > > > > I have a gateway/firewall running FreeBSD 6.1 -release . I would like > > > to capture all incoming and outgoing email messages to archive them. Is > > > > there > > > > > is any tool available out there ? I mean a proxy,sniffer or any other > > > solution. > > > > > >>there are ways in postfix and probably most other MTAs to make a copy > > >> of things as they are handled by the SMTP engine. check out the > > >> howtos on postfix.org or google a little and you should have plenty to > > >> go on. > > >> > > >>Eric > > I know most of MTAs can do it but I dont want users to use local MTA for > outgoing emails, plus this solution is just for outgoing emails , what > about pop3 ? > I just want to capture all smtp/pop3 traffic in packets level.man tcpdump(1) particularly the -r, -w options and the "port" primitive. -- patrick
On Oct 6, 2006, at 1:11 PM, Dominik Zalewski wrote:> I just want to capture all smtp/pop3 traffic in packets level.OK: tcpdump -w /var/log/mailarchive.dump -s 0 port smtp or port pop3 But be aware that you should disclose the existence of this mail monitoring to all users, consult your local laws about electronic wiretapping, or both. In some countries or states, doing the above without notification and/or the permission of at least one party is likely to be against the law... [ This probably belongs on freebsd-questions@, or in a discussion with your lawyer. ] -- -Chuck
On Fri, Oct 06, 2006 at 10:11:17PM +0200, Dominik Zalewski wrote:> I know most of MTAs can do it but I dont want users to use local MTA for > outgoing emails, plus this solution is just for outgoing emails , what about > pop3 ? > I just want to capture all smtp/pop3 traffic in packets level.Try mailsnarf from the dsniff package. -- Regards, Richard.
On Fri, Oct 06, 2006, Dominik Zalewski wrote:>Hi, > >I have a gateway/firewall running FreeBSD 6.1 -release . I would like to >capture all incoming and outgoing email messages to archive them. Is there >is any tool available out there ? I mean a proxy,sniffer or any other >solution.If the gateway/firewall handles all mail and is running postfix, adding ``always_bcc = address'' to the main.cf file will cause all mail going through postfix to have a blind carbon copy sent to that address. I don't know if one can do something as we do on Linux boxes where the gateway/firewall/NAT box traps all outgoing port 80, rerouting it through squid which allows caching and access controls for the entire network. Bill -- INTERNET: bill@Celestial.COM Bill Campbell; Celestial Systems, Inc. UUCP: camco!bill PO Box 820; 6641 E. Mercer Way FAX: (206) 232-9186 Mercer Island, WA 98040-0820; (206) 236-1676 URL: http://www.celestial.com/ ``We maintain that the very foundation of our way of life is what we call free enterprise,'' said Cash McCall, "but when one of our citizens show enough free enterprise to pile up a little of that profit, we do our best to make him feel that he ought to be ashamed of himself." -- Cameron Hawley
I have a commercial spam-blocking tool that runs on FreeBSD which can do this (along with interdicting all your spam for you.) Its not freeware tho - its a product. -- -- Karl Denninger (karl@denninger.net) Internet Consultant & Kids Rights Activist http://www.denninger.net My home on the net - links to everything I do! http://scubaforum.org Your UNCENSORED place to talk about DIVING! http://genesis3.blogspot.com Musings Of A Sentient Mind On Fri, Oct 06, 2006 at 10:00:40PM +0200, Dominik Zalewski wrote:> Hi, > > I have a gateway/firewall running FreeBSD 6.1 -release . I would like to > capture all incoming and outgoing email messages to archive them. Is there > is any tool available out there ? I mean a proxy,sniffer or any other > solution. > > Thanks in advance, > > Dominik > _______________________________________________ > freebsd-stable@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-stable > To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org" > > > %SPAMBLOCK-SYS: Matched [@freebsd.org+], message ok