Home page logo

basics logo Security Basics mailing list archives

RE: Email appliance that keeps detailed logs and full archive of all emails?
From: "sietze" <sietze () sistemaseuropeos com>
Date: Thu, 11 Dec 2003 12:25:32 +0100


You might want to have a look a MDaemon (only for Windows) from www.altn.com
Apart from a lot of other good things it offers the possibility to keep an
archived copy of every message that passes through the system.
(The original message gets an additional header indicating the existence of
the archived copy, and for legal reasons it might be useful to inform the
users of the exitence of the archive.)

There are also good log analyzers fir MDaemon for historic analysis.



-----Mensaje original-----
De: Mark G. Spencer [mailto:mspencer () evidentdata com]
Enviado el: martes 2 de diciembre de 2003 23:48
Para: security-basics () securityfocus com
Asunto: Email appliance that keeps detailed logs and full archive of all

Hello all,

I had a scenario recently where getting access to the full text
of an email sent from a corporate network six months back would
have been extremely useful.

Of course I got hit with Murphy's Law, and the email did not
exist in any current email store nor did it exist in the backups.

I see that lots of email appliances are big into anti-spam and
anti-virus, but what about functionality for incident response?
The ideal mix of features for me would be something extremely
fast that can handle being at an inbound/outbound choke point
for up to 20,000 users, keeping detailed logs of all activity
and also a full archive of all emails inbound or outbound.

Any ideas?




  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]