On Thu, 05 May 2005, ARiF made the net somewhat safer by saying:
Hello, I have a question, and I do not know if this is the right mailling list. I have a LAN of 10 Win98 PC, 1 Suse Squid, Samba, Masquare (iptables) and Gateway server.. The server's eth0 points to LAN, eth1 points to ADSL Modem .. They have no access directly to internet.. all the connection passes through the Suse server. One of the PC is sending mail, and I want to count how many e-mail that PC sending out at what time, and to whom, and if possible I want to check/see the content of the e-mails. Since there is no local mail server, I can not copy/re-direct any incoming and outgoing mails. Anyways, is there a way to solve my problems. I can check the packets but I want to see what the pc is sending out..
Setup Postfix on the gateway and start parsing its logfile. There's a great maillog parser for Postfix, pflogsumm.pl that does (almost) exactly what you want (without the content checking). Having Postfix n the gateway also serves in viruschecking (much better to do it there then on a (Windows) client) and spamfiltering. I have no idea why you even have to ask for such obvious advice. Theo -- Theo v. Werkhoven Registered Linux user# 99872 http://counter.li.org ICBM 52 13 26N , 4 29 47E. + ICQ: 277217131 SUSE 9.2 + Jabber: muadib@jabber.xs4all.nl Kernel 2.6.8 + See headers for PGP/GPG info. Claimer: any email I receive will become my property. Disclaimers do not apply.