Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Email Monitoring

From: "Keenan Smith" <kc_smith () clark net>
Date: Tue, 6 May 2003 14:32:44 -0400
I was part of a development team that put together software that does
something very close to what you need.

The software was developed jointly by Excalibur (now Convera after merging
with Intel) and StorageTek.

The software integrates with the Exchange server.  All inbound and outbound
mail traffic is indexed and tossed into a searchable database.

Using Convera's natural language query engine, all email (including
attachments) could be searched using key words or phrases in the body of the
message, the type or number of attachments, the subject line, to, from, cc,
bcc and other meta data.

After indexing, a copy of the message was written to a StorageTek mass
storage device.

The product was created for the financial industry to meet federal reporting
requirements.

I stepped away from the project 5 years ago, but I believe that both the
software/hardware solution and the software only is available from one or
the other of the companies.

That solution may be expensive, I don't know that pricing scheme these days.

I hope that helps.

KC Smith


-----Original Message-----
From: jimmy2600 () hushmail com [mailto:jimmy2600 () hushmail com]
Sent: Tuesday, May 06, 2003 4:34 AM
To: security-basics () securityfocus com
Subject: Email Monitoring




Good Afternoon list,

I've searched Google and the Security focus archives for most of the
day looking for a pointer in the right direction for this one. Its been
discussed but I have not com across a solution.

Now I'm not looking to start a debate on the legal, moral or ethical
implications but just the technical implementations.

I've been asked by a company to set up some kind of email monitoring
software, what they want is to record (save the full email and any
attachments)
mail which is sent to certain domains i.e. competitors, some kind of
alert after such a event should also be sent to a number of senior
executives
in the co.

The mail server is Exchange and they do not want to spend money on software.
At present all inbound mail is scanned by a SMTP proxy that carries out
content and spam checking. It’s a beefy Redhat8.0 box using Spamassasin
and Mimedefang.

What I aim to do is deliver all out bound mail through the proxy and
:

1. Hopefully find some kind of open source implementation that can do
what I want.

2. Hack some kind of filter with Perl.

The second option really isn’t a good one as my programming skills lead
a lot to be desired.

Has anyone got any input on this, am I going down the wrong path or maybe
someone has implemented something similiar?

Any input (apart from big brother type arguments would be greatly
appreciated)

Jim





Concerned about your privacy? Follow this link to get
FREE encrypted email: https://www.hushmail.com/?l=2

Free, ultra-private instant messaging with Hush Messenger
https://www.hushmail.com/services.php?subloc=messenger&l=434

Big $$$ to be made with the HushMail Affiliate Program:
https://www.hushmail.com/about.php?subloc=affiliate&l=427

---------------------------------------------------------------------------
FastTrain has your solution for a great CISSP Boot Camp. The industry's most
recognized corporate security certification track, provides a comprehensive
prospectus based upon the core principle concepts of security. This ALL
INCLUSIVE curriculum utilizes lectures, case studies and true hands-on
utilization
of pertinent security tools. For a limited time you can enter for a chance
to win one of the latest technological innovations, the SEGWAY HT.
Log onto http://www.securityfocus.com/FastTrain-security-basics
----------------------------------------------------------------------------


---------------------------------------------------------------------------
FastTrain has your solution for a great CISSP Boot Camp. The industry's most 
recognized corporate security certification track, provides a comprehensive 
prospectus based upon the core principle concepts of security. This ALL INCLUSIVE curriculum utilizes lectures, case 
studies and true hands-on utilization 
of pertinent security tools. For a limited time you can enter for a chance 
to win one of the latest technological innovations, the SEGWAY HT. 
Log onto http://www.securityfocus.com/FastTrain-security-basics 
----------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: