apt get life

Life around technology

  • Technology
    • Guides
    • Linux
    • Development
      • Laravel
    • Misc
    • Raspberry Pi
  • Writing
  • Crafts
    • Crochet
    • Model Making
    • Painting
  • Privacy Policy
You are here: Home / Archives for auditing

Auditing Postfix, Adding sender BCC to monitor outgoing email

2010/10/31 by sudo Leave a Comment

copy sent mail to inbox in postfix

My scenario is this: A customer has hosted email with me, and they had a problem with one of their members of staff. They suspected he was emailing confidential information to third parties. As a result they wanted all emails inbound and outboud forwarded to one of their senior managers for review without the member of staff knowing. I run a system using postfix, so it’s quite simple to setup the inbound redirects.

Inbound Redirects (aliases) in postfix

Inbound redirects in postfix should be very straight forward. You’ll already have a /etc/postfix/virtual file.

Edit the /etc/postfix/virtual file and find the email account you want. Then change the line so has the detectives mailbox after the suspects. My file looks like the example, but depending on your setup it might be slightly different. The important thing is to leave the suspect in both places and simply add a comma followed by your detectives details in the same format.

#Emails to this address #Go to these inboxes (seporate by comma)
suspect@domain.com suspect@domain.com, detective@domain.com

Save the file, you might need to run the postfix reload command to make this work.

Inbound Redirects (aliases) in Courier MTA

Courier MTA operates in a similar way when setting up inbound redirects, so I thought I’d detail that for you too. You’ll need to edit /etc/courier/aliases/domain.com so make a backup for it first!

Edit /etc/courier/aliases/domain.com and find the line with suspect@domain.com in it. The way this file works is that it takes the email address on the left and sends it to the place on the right, in my case that’s the Maildir folder for that user

#Emails to this address #go to these folders
suspect@domain.com suspect, detective

You’ll probably need to restart the mta in order for it to recognise the new entries file.
Update: You’ll need to run makealiases to get this to work!

Outbound Auditing sender BCC in postfix

This doesn’t work on older versions. We will need to edit the /etc/postfix/main.cf file and create a /etc/postfix/sender_bcc file. As always make a backup of the files we’re editing first, incase it all goes wrong! (cp /etc/postfix/main.cf /etc/postfix/main.cf.old)

Edit the /etc/postfix/main.cf file and add the line:
sender_bcc_maps = hash:/etc/postfix/sender_bcc

Create the file /etc/postifx/sender_bcc

#emails from #BCC to
suspect@domain.com detective@domain.com

You then need to run the commands:
postmap /etc/postfix/sender_bcc
postfix reload

Filed Under: Guides, Technology Tagged With: auditing, email, Postfix

Recent Posts

  • Disable iLO on HP Microserver Gen8
  • Ubuntu Desktop 24.04 Change Wallpaper Settings
  • Customising Ubuntu Desktop 24.04
  • Remove domains from Let’s Encrypt using Certbot
  • Install Jetbrains Toolbox on Ubuntu 22.04

Tags

API auditing crochet data recovery debian debudding development Dingo API docker email Getting started with Laravel 5 & Dingo API hard drive health HP Microserver KVM Laravel larvel 5 lenovo Linux Minion mint netgear nas networking network shares php PHP development Postfix raspberry pi review samba security SMART smartctl smartmontools smb testing traefik ubuntu ubuntu 18.04 ubuntu 20.04 ubuntu 22.04 ubuntu server vagrant Virtual machines xdebug xubuntu

© Copyright 2015 apt get life