SMTP logger
#1
Scooby Regular
Thread Starter
Join Date: Aug 2001
Location: wakefield
Posts: 2,082
Likes: 0
Received 0 Likes
on
0 Posts
anyone know of any smtp logging type software that will log internal-internal mails from a specific smtp address ??
don't say exchange
free/shareware would be better
cheers
shunty
don't say exchange
free/shareware would be better
cheers
shunty
#2
Moderator
iTrader: (5)
Join Date: Nov 2001
Location: Not all those who wander are lost
Posts: 17,863
Received 0 Likes
on
0 Posts
Congratulations on the 10,000th post in the Computer Related Forum
Aside from that, I have absolutely no idea what you are talking about, but good luck in your quest
Later, Dunk
Aside from that, I have absolutely no idea what you are talking about, but good luck in your quest
Later, Dunk
#4
Scooby Regular
Thread Starter
Join Date: Aug 2001
Location: wakefield
Posts: 2,082
Likes: 0
Received 0 Likes
on
0 Posts
hello Dunky mate.....I have to ask Chris for me prize then
Chris, firstly, where's me prize??
secondly, we use VISP pop3 unix mail (don't ask, we are moving to exchange 2003 soon) anyway, mimesweep & websense can monitor inbound & outbound mail BUT it doesn't see internal-2-internal, as it's only pop3 mail not full mapi services.
The mimesweep server site in front of the mail server, so internal-internal mail doesn't go through this box...hence no monitoring available.
shunty
Chris, firstly, where's me prize??
secondly, we use VISP pop3 unix mail (don't ask, we are moving to exchange 2003 soon) anyway, mimesweep & websense can monitor inbound & outbound mail BUT it doesn't see internal-2-internal, as it's only pop3 mail not full mapi services.
The mimesweep server site in front of the mail server, so internal-internal mail doesn't go through this box...hence no monitoring available.
shunty
#5
No logging options on the VISP POP3 software then?
Here's a shot. Have your POP3 clients send our their mail via Windows 2000 Pro desktop with IIS + SMTP installed. This is configured just to forward all the mail onto the VISP server (just set an IP addy in the Smart Hosts box). Enable logging on the SMTP connector on the W2000 box.
Clients still collect their mail from the VISP box as normal.
Over to somebody else to come up with something better....
Chris.
PS. Prize hey? Erm, urm, I'll get back to ya
[Edited by ChrisB - 7/28/2003 1:39:02 PM]
Here's a shot. Have your POP3 clients send our their mail via Windows 2000 Pro desktop with IIS + SMTP installed. This is configured just to forward all the mail onto the VISP server (just set an IP addy in the Smart Hosts box). Enable logging on the SMTP connector on the W2000 box.
Clients still collect their mail from the VISP box as normal.
Over to somebody else to come up with something better....
Chris.
PS. Prize hey? Erm, urm, I'll get back to ya
[Edited by ChrisB - 7/28/2003 1:39:02 PM]
#6
Scooby Regular
Thread Starter
Join Date: Aug 2001
Location: wakefield
Posts: 2,082
Likes: 0
Received 0 Likes
on
0 Posts
No logging options on the VISP POP3 software then? some, but only very basic & we don't look after this system
that's a good recommendation Chris, but just not practical (also puts another failure point in the system & means installing iis & smtp service.
Really I need to use the VISP (unix) system & log from the source.
Exchange 2003 bl00dy hurry up!!
cheers anyway
shunty
that's a good recommendation Chris, but just not practical (also puts another failure point in the system & means installing iis & smtp service.
Really I need to use the VISP (unix) system & log from the source.
Exchange 2003 bl00dy hurry up!!
cheers anyway
shunty
Trending Topics
#8
Scooby Regular
Thread Starter
Join Date: Aug 2001
Location: wakefield
Posts: 2,082
Likes: 0
Received 0 Likes
on
0 Posts
hello andrew mate, see all we needed was a sandal wearing, pony tail geezer on the job
so what does that command do & what additional commands can be used to identify specific users??
thanks for your help
shunty
so what does that command do & what additional commands can be used to identify specific users??
thanks for your help
shunty
#9
No sandals or pony tail, could probably do with a shave tho
You should be able to grep the log
grep "user@host" /var/log/maillog | more
you can replace that with their IP as well.
if you want to look at a particular message in details grep for it's id which look something like "6D5E73C2" in the log.
Edit to say it's not a command it's a logfile, do the above or simple "more /var/log/maillog" to see it all.
[Edited by Andrewza - 7/28/2003 2:20:31 PM]
You should be able to grep the log
grep "user@host" /var/log/maillog | more
you can replace that with their IP as well.
if you want to look at a particular message in details grep for it's id which look something like "6D5E73C2" in the log.
Edit to say it's not a command it's a logfile, do the above or simple "more /var/log/maillog" to see it all.
[Edited by Andrewza - 7/28/2003 2:20:31 PM]
#10
Scooby Regular
Thread Starter
Join Date: Aug 2001
Location: wakefield
Posts: 2,082
Likes: 0
Received 0 Likes
on
0 Posts
stephen,
agreed, it is very quick, but functionality is very limited afaik.
please bear in mind that I am not a unix person
Unless the person who built this mail system for us hasn't shown me the available options, what exactly can it do apart from basic pop3 mail & groups then??
shunty
agreed, it is very quick, but functionality is very limited afaik.
please bear in mind that I am not a unix person
Unless the person who built this mail system for us hasn't shown me the available options, what exactly can it do apart from basic pop3 mail & groups then??
shunty
#13
Scooby Regular
I'd edited it to show maillog examples too:
Jul 28 15:46:52 irc sendmail[84120]: h6SDkqDT084120: from=AN50fwYBAQAEHvYB9QAAAAAEAAAY/A@somedomain.com, size=10570, class=0, nrcpts=1, msgid=<2087407087-1463792638-1059397656@somedomain.com>, relay=root@localhost
Jul 28 15:46:53 irc sendmail[84121]: h6SDkqhC084121: from=<AN50fwYBAQAEHvYB9QAAAAAEAAAY/A@somedomain.com>, size=10570, class=0, nrcpts=1, msgid=<2087407087-1463792638-1059397656@somedomain.com>, proto=ESMTP, daemon=MTA, relay=smmsp@localhost [127.0.0.1]
Jul 28 15:46:53 irc sendmail[84120]: h6SDkqDT084120: to=user@irc.ircnet.dk.procmail, ctladdr=AN50fwYBAQAEHvYB9QAAAAAEAAAY/A@somedomain.com (0/0), delay=00:00:01, xdelay=00:00:01, mailer=relay, pri=31089, relay=localhost [127.0.0.1], dsn=2.0.0, stat=Sent (h6SDkqhC084121 Thank you for using AT&ME)
Jul 28 15:46:54 irc sendmail[84123]: h6SDkqhC084121: to=steven@cotton.dk, delay=00:00:02, xdelay=00:00:01, mailer=esmtp, pri=40586, relay=some.mta.dk. [213.237.53.18], dsn=2.0.0, stat=Sent (h6SDkro3019278 Message accepted for delivery)
[Edited by stevencotton - 7/28/2003 2:51:38 PM]
Jul 28 15:46:52 irc sendmail[84120]: h6SDkqDT084120: from=AN50fwYBAQAEHvYB9QAAAAAEAAAY/A@somedomain.com, size=10570, class=0, nrcpts=1, msgid=<2087407087-1463792638-1059397656@somedomain.com>, relay=root@localhost
Jul 28 15:46:53 irc sendmail[84121]: h6SDkqhC084121: from=<AN50fwYBAQAEHvYB9QAAAAAEAAAY/A@somedomain.com>, size=10570, class=0, nrcpts=1, msgid=<2087407087-1463792638-1059397656@somedomain.com>, proto=ESMTP, daemon=MTA, relay=smmsp@localhost [127.0.0.1]
Jul 28 15:46:53 irc sendmail[84120]: h6SDkqDT084120: to=user@irc.ircnet.dk.procmail, ctladdr=AN50fwYBAQAEHvYB9QAAAAAEAAAY/A@somedomain.com (0/0), delay=00:00:01, xdelay=00:00:01, mailer=relay, pri=31089, relay=localhost [127.0.0.1], dsn=2.0.0, stat=Sent (h6SDkqhC084121 Thank you for using AT&ME)
Jul 28 15:46:54 irc sendmail[84123]: h6SDkqhC084121: to=steven@cotton.dk, delay=00:00:02, xdelay=00:00:01, mailer=esmtp, pri=40586, relay=some.mta.dk. [213.237.53.18], dsn=2.0.0, stat=Sent (h6SDkro3019278 Message accepted for delivery)
[Edited by stevencotton - 7/28/2003 2:51:38 PM]
#14
Scooby Regular
Thread Starter
Join Date: Aug 2001
Location: wakefield
Posts: 2,082
Likes: 0
Received 0 Likes
on
0 Posts
ahh, ok then.
I got this back from the unix guy who supports the visp software:
"That might well work on an old-style Sendmail log file, but Qmail log processing is usually a little more complex.
You can get grep for windows, I believe, though, or just open the file in Wordpad and search for the user you’re after (or even use MS Excel – which will, I think tabulate the file)."
he has said he could mail me the logfile every day, but that's a bit messy. Would have been better if he could have given me a search facility on the web front end, referencing the smtp address of the intended monitor.
shunty
I got this back from the unix guy who supports the visp software:
"That might well work on an old-style Sendmail log file, but Qmail log processing is usually a little more complex.
You can get grep for windows, I believe, though, or just open the file in Wordpad and search for the user you’re after (or even use MS Excel – which will, I think tabulate the file)."
he has said he could mail me the logfile every day, but that's a bit messy. Would have been better if he could have given me a search facility on the web front end, referencing the smtp address of the intended monitor.
shunty
#15
Scooby Regular
There is a qmail-analog for Qmail that may do what you need (I haven't tried personally), alternatively there's this Perl script that will parse them for you (perhaps!) - you'll still need the logfile locally though, unless you can run it remotely and have the results mailed to you?
Thread
Thread Starter
Forum
Replies
Last Post
Bazil_SW
Engine Management and ECU Remapping
24
21 September 2015 11:55 PM
Nicks VR4
Computer & Technology Related
1
03 November 2003 11:10 AM
DazV
Computer & Technology Related
8
03 July 2003 12:01 AM
Dr Hu
Computer & Technology Related
9
30 January 2003 01:00 PM