* From: Matt .
Sherek @
plym .
fingerhut .
com (Matt Sherek)
* To: Firewalls-Digest @
GreatCircle .
COM
* Subject: Monitoring E-mail traffic through firewall
*
* All,
* Does anyone know of a good way to monitor E-mail traffic to users
* on your network?
* I'm looking for something that will tell me:
*
* To From Size Time
*
* something like that.
*
* Any help would be appreciated.
I've already read the flame to this posting, and I agree that it's
uncalled for. The information above is very useful for charging
back users/departments against channel utilization, and if you've
got all of your mail going out a single gateway (what a concept ;),
then that's the best place to measure it. You can also use the data
for other things like: if someone who's just put in their two week
notice is starting to mail Size:Big_Megabyte messages, or is increasing
the frequency of their smaller messages, that is a red flag IMO.
My suggestion is to write a perl script that parses the (e.g., Sun 4.1)
/var/log/syslog file on some periodic basis. Everything you want is there.
(a different) Richard
Follow-Ups:
|
|
