Bradley Brown wrote:
> Postfix 2.1 probably won't be out for
>
>>a few months yet, but many people run the interim snapshot releases.
>>
>
>
> How stable are the snapshots usually?
From what I hear on the postfix mailing list, they're pretty good.
Some people do use them in production environments. I'm just too lazy.
I would say we have a moderate to
> light amount of email traffic... a few hundred messages a day perhaps.
> Bradley
>
If it is only a few hundred messages a day and you don't have the
always_bcc_maps feature yet, I'd be very tempted to take the easy way
out and just turn on always_bcc = snoopy@your.tld. You might want to
set up two accounts. One for the incoming server and one for the
outgoing server. Make them ones you know, but ones that don't look
obvious, just in case someone else finds a way to go snooping around
stuff. You probably don't want those addresses in any company-wide
directory, for instance. Make sure you can send and receive mail
within your domain and from outside your domain with those accounts
before you turn on the bcc. You don't want EVERY message coming in and
out of your company to generate a bounce and tell the person sending it
that it couldn't be delivered to someone no one knows is there. I often
test with a hotmail or other disposable account.
Then make the one-line change in each server's /etc/postfix/main.cf.
always_bcc = insnoop@your.com
always_bcc = outsnoop@your.com
Then on each server do "postfix reload". If the volume of mail gets too
big you'll need to start dealing with getting it off the machine you're
using to read it. I'm assuming you're not leaving a copy on the server,
if you do, your daily disk utilization just doubled. I'm thinking the
sorting and searching tools in most mail readers would come in handy.
When I was admining email systems paid for with other people's money, I
always hated reading other people's mail. I was afraid of learning
things I'd rather not know. Even now, when the only mail system I run
only handles mail for my family, I stay out of their mail. But,
sometimes, it needs to be done. The always_bcc strategy might have an
advantage at layer 8. You can tell your boss, "I figured out how to
read all of that person's mail---I'll read EVERYONE's mail." It's even
more intrusive, but somehow seems more fair. Maybe your boss gets some
good jokes.
From a technical standpoint I think this will work. The politics are
up to you. I think it is pretty low risk, but where I work now I
wouldn't be allowed to do it during working hours. Do I need to mention
that you should do something like "cp main.cf main.cf.whew!"? Also,
give some thought to how this might impact aspects of your technology
environment of which I am ignorant. Give some thought to the
possibility that I might just be ignorant. Take a look at man cleanup.
always_bcc is in the miscellaneous section. Google always_bcc. I'm
guessing you're like me, and I hate crashing servers.
Hope you don't find out anything you didn't want to know,
Greg
This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 19:14:49 EDT