Re: outgoing email monitoring



Your problem is a lot more complicated than it would appear at first glance. What you want is every email to be delayed for a few hours from when it is sent so they can be examined. Most mailers (including exchange) have a configuration that can be modified as to when the MTA will send all queued messages, but this is not what you are looking for since a person could send a message 1 minute before the delivery time. Further complicating matters is the possible use of a free webmail service, ssh, scp, ftp, or im. All of which all files to go through without being seen by your mail server.

To make your network leak proof you essentially need a central proxy that all internet traffic goes through. You can work on tuning the policy of the proxy server to only allow communication via the corporate email system. Once you get to that point then you can worry about configuring your mail system for delayed delivery and archiving of all sent mail. Additionally, if you are setting up a new mail system I would make sure that the system is authenticating the sender (as opposed to just making sure the from meets an @company.com template) so it's 100% known exactly who sent the email.

Geoff

Sent from my BlackBerry wireless handheld.

-----Original Message-----
From: Matt Miller <madmillerx@xxxxxxxxx>
Date: Tue, 01 May 2007 22:01:39
To:security-basics@xxxxxxxxxxxxxxxxx
Subject: outgoing email monitoring

hi list.
I need a solution to monitor the flow of outgoing email traffic for data
leak/security concerns. The two objectives that i have are:
-monitoring and reporting - who sends, how many and where to?
-possibility to temporarily put outgoing all e-mail on hold for
reviewing by admin/user and releasing for delivery.

Any suggestions?
Thanks

Matt


Relevant Pages

  • RE: Re : outgoing email monitoring
    ... Subject: Re: outgoing email monitoring ... I am not sure which mail server you are using ... Profitez des connaissances, des opinions et des expériences des internautes sur Yahoo! ...
    (Security-Basics)
  • RE: outgoing email monitoring
    ... When I used websense to filter emails, I had the company lawyer check out the process, added a new adenuim to the acceptable user aggreement, and send the adenuim to all user. ... Subject: outgoing email monitoring ... I need a solution to monitor the flow of outgoing email traffic for data ...
    (Security-Basics)
  • RE: outgoing email monitoring
    ... It offers very strong reporting features ... and it can also give you the ability to enforce difference policies on ... Subject: outgoing email monitoring ... I need a solution to monitor the flow of outgoing email traffic for data ...
    (Security-Basics)