The client had a email policy and requested mail sniffing feature to be implemented in Qmail. My personal moral standpoint doesn't matter here and explained below is just the technology feasibility for sniffing all outgoing and incoming mails in a Qmail server.
It's quite easy to sniff mails using "QUEUE_EXTRA" and "QUEUE_EXTRALEN" as explained elsewhere on the Internet. This solution will help to setup an sniff account to view all outgoing and incoming mails. But this solution is not smart enough, so it will even copy all the marked mails. The sniff account will become clogged with many similar mails. The best solution would be to club the above sniff method with "eliminate-dups". This method will ensure that your sniff account will have a single unique copy of marked mail.
Sniff Method:
Open Qmail source file extra.h and modify QUEUE_EXTRA and QUEUE_EXTRALEN as mentioned below.
QUEUE_EXTRA here has sniff@domainname.com. Please replace that with your sniff acount name and your domain name.
QUEUE_EXTRALEN 22 is the length of your email account name + 2(T,/0). sniff@domainname.com length is 20 and when you add + 2, its 22. Difficult math :).
#vi /usr/src/qmail/qmail-1.03/extra.h
############################################
#ifndef EXTRA_H
#define EXTRA_H
#define QUEUE_EXTRA "Tsniff@domainname.com\0"
#define QUEUE_EXTRALEN 22
#endif
############################################
Save the file.
I already had a Qmail production server and so i needed to stop it to enable this feature.
#qmailctl stop
#cd /usr/src/qmail/qmail-1.03/
Compile the changes
#make setup check
Eliminate Duplicates Method:
#tar xzvf eliminate-dups-2.2.tar.gz
#cd eliminate-dups-2.2
#make -f Makefile.dist Makefile
#make
Recent perl version will complain about missing NDBM. To fix this problem comment out the line "use NDBM_File;".
#vi eliminate-dups.pl
#use NDBM_File;
Now you are ready to install eliminate-dups.
#make install
The installation should proceed without any glitch.
Now you need to create a file named as ".qmail" in your /root directory. Whack yourself if you forget to replace sniff@domainname.com with your sniff account name.
#cd /root
#vi .qmail
| eliminate-dups mailhash
&sniff@domainname.com
Save the file.
Now you need to create another file named as ".qmail-maildir" in your /root directory.
#vi .qmail-maildir
./Maildir/
Now start Qmail and shamelessly spy on others.
#qmailctl start
3 comments:
You can also do this with the qmail-taps patch if you want more control over the messages you log. Or if you want even more control you can get the extended qmail taps patch from my blog http://patchlog.com/patches/qmail-taps-extended/
I already knew about the qmail-taps patch. Your extended patch sounds good too. I would definitely give your patch a try one day.
Mine is a setup which is heavily patched. I prefered this method cause it won't mess up anything and it solved my simple need.
Do not use qmail-tap patch with out knowing that about revert process because I tried same patch and my server gone crashed But I tried this process on my test server and it works.
Post a Comment