- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- to/from/subject collection
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-03-2005 04:49 AM
тАО11-03-2005 04:49 AM
to/from/subject collection
I'd thought about writing some script to watchdog their inboxes but that would be fairly complex, and timing critical since they pop in for mail every few minutes and then evidence is gone.
The sendmail mail.log currently displays To/From and the alias conversions but not subject. My loglevel is set at 16.
I'm trying to find detailed info on LogLevel (what each level does exactly) but having a hard time finding it.
Can someone point me to a resource?
If I can get the log to display Subject line that would do it.
Fred
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-03-2005 05:17 AM
тАО11-03-2005 05:17 AM
Re: to/from/subject collection
What is the client and does your server process it all.
Clearly, even if the mail passes through via a DS relay, the evidence is on your system and can be collected.
I say in general, expand what you look at. I'm not sure upping the loglevel is going to do the job. I may be wrong and sendmail.org is a good place to look at what you can do there.
However, if you use the outlook client, there is a sent mail policy. It can be controlled, and the information here can be processed for checking on acceptable use policy.
If you implement a flexible html based mail client like squirrelmail, there is a sent folder that is stored in the users $HOME/mail directory and you can pull data out of that into a massive file that gets processed later.
You could configure a little daemon to take the files out of /var/spool/mqueue and that would surely get you the subject information you require, along with enough information to track the mail back to its sender.
SEP
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-03-2005 05:27 AM
тАО11-03-2005 05:27 AM
Re: to/from/subject collection
The details of the different log levels are spelled out in this TKB doc:
http://www1.itrc.hp.com/service/cki/docDisplay.do?docLocale=en_US&docId=200000062945191
Pete
Pete
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-03-2005 05:48 AM
тАО11-03-2005 05:48 AM
Re: to/from/subject collection
Since all of their inboxes are right there on the unix server, and sendmail delivers all mail to the inboxes, I think sendmail logging would be the simplest way to track anything.
Pete thanks for that link. My log level is already higher than what's described there but I'll look at sendmail.org for more info.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-03-2005 05:52 AM
тАО11-03-2005 05:52 AM
Re: to/from/subject collection
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-03-2005 06:08 AM
тАО11-03-2005 06:08 AM
Re: to/from/subject collection
I'll have to find something else then, Subject was something that management specifically asked for.
There are only 15 users. I suppose I could run a script which, every 2 minutes or so, scans the user's /var/mail/file, pulling out any To/From/Subject that's new since the last polling.
I could catch 99% of the email that way I suppose, with not too much processing time.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-03-2005 06:12 AM
тАО11-03-2005 06:12 AM
Re: to/from/subject collection
I could have a single script watching the bottom of the sendmail log, and as soon as it sees any mail "RCPT TO" one of my particular users, it could go get the needed info immediately from the /var/mail file for that user. That would be better than trying to determine if the user's mail file has changed since last poll.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-03-2005 06:16 AM
тАО11-03-2005 06:16 AM
Re: to/from/subject collection
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-03-2005 06:18 AM
тАО11-03-2005 06:18 AM
Re: to/from/subject collection
I had too much for lunch, a little sleepy.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО11-03-2005 06:21 AM
тАО11-03-2005 06:21 AM
Re: to/from/subject collection
I'll say this.
The data you seek is not stored in memory, its spooled to disk.
Don't forget to apply for a patent.
SEP
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com