[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [suse-security] Mail Control
> The server's eth0 points to LAN, eth1 points to ADSL Modem .. They
> have no access directly to internet.. all the connection passes
> through the Suse server.
> One of the PC is sending mail, and I want to count how many e-mail
> that PC sending out at what time, and to whom, and if possible I want
> to check/see the content of the e-mails.
--> you could run "tcpdump" on the SuSE server. A command like
tcpdump -U -w buffer.dat -i eth0 src <IP_of_sending_PC> and port 25
would write all STMP (port 25) traffic from one specific IP to a file.
If you parse this file, you see at least sender (From), receiver (To)
and the time of the email. The email content must be there as well but
it is coded in some way.
Am Hasenberg 26 office: Institut für Atmosphärenphysik
D-18209 Bad Doberan Schloss-Straße 6
Tel. ++49-(0)38203/42137 D-18225 Kühlungsborn / GERMANY
Email: schoech@xxxxxxxxxxxx Tel. +49-(0)38293-68-102
WWW: http://armins.cjb.net/ Fax. +49-(0)38293-68-50
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here