Logging the message body from an MTA

Jez Hancock jez.hancock at munk.nu
Thu Jun 17 17:09:54 PDT 2004

On Thu, Jun 17, 2004 at 11:22:44PM +0000, Lonnie Santella wrote:
> I need to log the message body of incoming and outgoing messages on my 
> FreeBSD 5.2.1 Release server. I'm running Exim right now, but I really 
> don't have a preference of MTA. The main thing is I need to facilitate the 
> logging of message bodies.
> I don't want to flood you with too many details, but we want to archive 
> messages (including message body) to a MySQL database, so that we can 
> quickly run queries and review messages from months/years ago - no matter 
> who's mailbox it ended up in.
> To accomplish this, we need to <first> log the message body somehow... 
> anyhow... then commit the logs to the MySQL database.
> I'd settle for learning how to do the first step. I've read through Exim 
> docs and Sendmail docs, as well as various newsgroups - plenty of info on 
> logging various data - but nothing on message bodies. I posted a message to 
> the Exim news group - but no luck there.
> I'm not set on Exim - I just want to log message bodies. Any help or a push 
> in the right direction would be GREATLY appreciated.

If it helps, there's a reply on the exim-users list about archiving all
email passing through the mta 'unseen'.  I'll paste the relevant parts,
for the whole thread you might want to check out the MARC mailing list
archives - you should be able to find the thread by searching on the
subject line or one of the other identifying headers.

As for the rest of your problem, no doubt it's been done before of
course, the hard part is finding out how :P  The exim list is worth
checking out if you decide to go down that route, the people on that
list are very knowledgeable and it has probably been done before.

Here is the mail in question re archiving messages anyway:

>From exim-users-admin at exim.org Wed Apr 14 17:41:01 2004
To: exim-users at exim.org
Subject: RE: [Exim] Archive Email
In-Reply-To: <E1BDal0-0006q2-St at zion.killmyboss.com>
Message-ID: <Pine.LNX.4.51.0404141544530.23408 at amnesiac.narpes.com>
References: <E1BDal0-0006q2-St at zion.killmyboss.com>
List-Help: <mailto:exim-users-request at exim.org?subject=help>
List-Post: <mailto:exim-users at exim.org>
List-Subscribe: <http://www.exim.org/mailman/listinfo/exim-users>,
	<mailto:exim-users-request at exim.org?subject=subscribe>
List-Id: A user list for the exim MTA <exim-users.exim.org>
List-Archive: <http://www.exim.org/pipermail/exim-users/>
Date: Wed, 14 Apr 2004 16:34:59 +0000 (GMT)

Add a router, before the routers that would normally deal with
incoming mail for the domain(s) in question.

  driver = redirect
  verify = false
  expn = false
  domains = ${lookup{$domain}lsearch{/etc/exim/mailarch}{$domain}fail}
  data = ${lookup{$domain}lsearch{/etc/exim/mailarch}}
  file_transport = address_file
  pipe_transport = address_pipe
  unseen = true
  repeat_use = false

Add lines in /etc/exim/mailarch (any other name could be used
instead) for the domains in question:

domain1: mail-archive at domain1, archive at otherdomain.com
domain2: /home/customer/mail/domain2
domain3: "|procmail -m /etc/procmailrcs/domain3-arch"


On Tue, 13 Apr 2004, fxpbackup.com wrote:

> Could you give me more specifics on that? I really haven't done anything
> with exim beyond setting up mailscanner / clamAV and fixing some cPanel
> induced bugs.
> http://www.FXPBackup.com
> Encrypted Backup Hosting
> Dedicated Servers
> -----Original Message-----
> From: A. Wik [mailto:aw at narpes.com]
> Sent: Tuesday, April 13, 2004 8:46 PM
> To: exim-users at exim.org
> Subject: Re: [Exim] Archive Email
> On Tue, 13 Apr 2004 neo at fxpbackup.com wrote:
> > I need to find a simple way to either forward a copy of all
> > emails for a domain to a specific account or to actually copy the
> > message files themselves within the server to a storage area for
> > ongoing archiving. More and more businesses are requesting this
> > for legal purposes and I have yet to find a way to do it in Exim
> > itself.
> I do something like that using the "unseen = true" router option
> for for keeping archives of some mailing lists I run.
> -aw

Jez Hancock
 - System Administrator / PHP Developer

http://jez.hancock-family.com/  - Another FreeBSD Diary
http://ipfwstats.sf.net/        - ipfw peruser traffic logging

More information about the freebsd-questions mailing list