Results 1 to 5 of 5

Thread: Email snooping

  1. #1
    Newbie
    Join Date
    Aug 2008
    Posts
    4

    Question Email snooping

    I have an opportunity to use Untangle for web/protocol filtering/reporting. To complete the solution, I need to be able to give the management team the ability to see the contents of emails being sent and received by their organization so that they can address any HR issues presented by abuse of the acceptable use policy.

    Anyone know of any solutions for Untangle or third party add-ons or software related or unrelated to Untangle? I've already implemented Spector360 for other customers and found that Spector360's resource consumption is unacceptable for this particular customer so scratch Spector360 off the list.

    Anyone got any ideas? Thanks!

  2. #2
    Untanglit
    Join Date
    Mar 2009
    Posts
    23

    Default

    You don't provide any details about what you use for email. Do you have an Exchange server? Is everyone using Google or some off site Pop3 provider? Different answers for different scenarios.

    Exchange, for example, will let you invisibly "CC" all incoming/outgoing emails for an entire mail store to a mailbox on another mail store. Or do the same for an individual user. Or you can just grant someone full access to another users mailbox. Or, or, and or There are a lot of options depending on what you specifically want to do. The downside to fiddling in such a way is that you need to document and manage all the changes, and the security implications of them.

    There are stand alone products that you can relay all your incoming and outgoing email through that avoid having to mess with your email system or your firewall. They are also designed with an emphasis on long term storage and indexing rather than real time delivery. You can maintain them in house, or purchase them as a hosted service.

    For example, a quick Google search of "email archiving" came up with GFI.com's MailArchiver. (Remember, Google is your friend!) This is something I'll be looking at within the next month or two for a client of mine. If it works as advertised, it will turn email into a "mine-able" information source. Management could search for "ProductA" or "CustomerB" and get an idea of whether ProductA is generating a lot of queries, or see who, exactly, has been talking to CustomerB. Or, addressing your issue, just as easily search for EmployeeC or ReporterX and see exactly who they've been talking to.

    I took a quick look at Specter360, and wow, unless there was a need to develop a criminal case against an employee I don't know I'd want to do any work for a company that felt the need to spy at that level. There's compliance, archiving, and datamining, and then there's just straight up paranoia. The work environment at such a place must just be horrible. I'm a sysadmin, not the Gestapo.

    Anyway, for further information on configuring Exchange or mail archiving products, Google is your friend

    Z.

  3. #3
    Master Untangler
    Join Date
    Aug 2008
    Posts
    112

    Default

    I just deployed mailarchiva at a client's due to an employee suspected of selling company information. turns out the suspect was innocent (at least of sending info from the office via email) but the boss is happy to see everything going on now. It uses the journaling feature of Exchange as well as many other servers too. It is reasonably easy to set up.
    Enterprise version manages multiple instances of the email on the server better (ie the open source solution gets 1 email for each person the receives the same message, enterprise version recognizes and store single instance).
    Search on it could be a little better but great for large volume storage and way easier than managing the single exchange journalling account to look for messages.
    D.

  4. #4
    Newbie
    Join Date
    Aug 2008
    Posts
    4

    Default

    Zanthexter,

    I am not looking for mail archiving. This customer of mine is using a POP3 solution and practically wants to be a gestapo about it. I don't like it either but the customer is always right. Spector360 is a hog and does much more than the customer needs. I need to have a solution that intercepts emails sent and received by users and possibly archive it for HR purposes. Many users at this office abuse the technology and the owners of the company are becoming more and more concerned. I do not want to have to install software like Spector360 and bog down the whole network with all of that traffic and processing. I would prefer to be able to intercept POP3/SMTP traffic at the Untangle box and be able to index the mail so that the HR employees can search through the mail for offending phrases and keywords. That would be the idea scenario. If that is not doable, I can resort back to Google which is what I used before posting the previous message. I was not able to find anything satisfatory with Google originally so that is why I posted here. I guess it's back to Googling for me. Thanks anyways for taking the time to look into my issue.

  5. #5
    Untangle Ninja juank's Avatar
    Join Date
    Aug 2007
    Location
    Athens
    Posts
    1,474

    Default

    Mailarchiva is probably what you need. Install it on a box between your UT and your network.
    --------------------------------
    Juan Machado
    --------------------------------

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2