>
>I know this may not be relevant to this mailing list, but I thought there is
>a lot of guys on the list who are worth consulting!
>
>I have been asked to provide a solution for mail monitoring. This is to
>say use of filters and scanning for phrases such as "Confidential .."
>This goes for both ascii and binary ( Non-encrypted data! ).
>By filter I mean use of filter or perl script, awk , etc and identification of
>attachments. The solutions I have come across are modification of programs
>such as "Sendmail" to write everything to a folding log file ( or pipes, etc ).
>which will be used by filters as input ...
>
>Another option which has still kind of puzzled me ( Suggested ) to use
something
>with protocol conversion capability ( such as pp + isode ) which provides hooks
>for pre / post processing .
>
>
>Is there anyoune out there who has done something in this area ?
>
>Any info, alternatives is greatly appreciated.
>
>Please send reply to the firewalls or direct to saeid .
sadeghi @
cellnet .
co .
uk
>The reply to the header address most likely will go to the microsoft mail
>account which I don't often chech!
>
One thought that springs to mind is to modify the smapd code (part of the
TIS fwtk). If you ran smap/smapd on your external mail gateway then it
collects all incoming/outgoing mail. You could modify smapd to delve into
the contents of the mail looking for your key phrases.
One problem with this sort of approach occurs when the mail is encrypted, of
course.
What is the legal situation with regard to screening email?
Cheers
Peter
THE INTERNET CONNECTION LTD | Internet security consultancy
29 Pointers Hill | Firewalls and security auditing
Westcott | Web servers configured and managed
Dorking |
RH4 3PF | pcurran @
ticl .
co .
uk
Follow-Ups:
|
|
