Search

Wednesday, March 30, 2011

MailScanner Mail Archiving

System administrators usually face requests from user departments to retrieve backups of incoming or even outgoing emails.  The MailScanner provides some powerful options to archive both incoming and outgoing emails to email, directory or mbox files.
 
To turn on mail archiving, we use the 'Archive Mail' option.  It accepts a archive destination or a ruleset file as value.  For example:
 
Archive Mail = %rules-dir%/archive.rules
 
Ruleset allows more control on which and how emails are archived.  In the ruleset below.
 
FromOrTo:    user1@yourdomain.com    /var/spool/mailarchive/_DATE_.mbox
 
* Emails sent to user2@yourdomain.com will be bcc to backupemail@yourdomain.com.
* Emails originated from or sending to user1@yourdomain.com will be archived as one mbox file per day in /var/spool/mailarchive.  The _DATE_ token will be replaced with current day in yyyymmdd format.  There are other tokens available: _HOUR_, _TOUSER_, _TODOMAIN_, _FROMUSER_, _FROMDOMAIN_.
* Note that mbox file is created when 'Missing Mail Archive Is = file' is specified in the MailScanner.conf.  Otherwise, ms assumes that the location is a directory and archives emails as queue files under it.
 
To make changes effective, we need to restart MailScanner. 
service sendmail stop
service MailScanner stop
service MailScanner start
 
We stop sendmail manually to ensure that it is brought up by MailScanner so that ms can intercepts and filters emails before the smtp daemon.

2 comments:

  1. Hi,

    You seem to know about MailScanner Mail Archiving.

    I have my Archive Mail setup using ruleset in mailscanner and it works.

    My setup is when anyone from *@yahoo.com send to my email server it will archive it to journal@mydomain.com and of course to the recipient.

    Below is my archive.rules setting

    archive.rules
    From: *@yahoo.com journal@mydomain.com

    The problem is I want anything from *@yahoo.com only forward to journal@mydomain.com and stop it from sending to the recipient. Because right now anything from *@yahoo.com will be send to recipient and one to journal@mydomain.com(Of course this is how mail archiving work)

    The reason why I want this is because someone is sending rubbish email to us from yahoo.com and we want to filter the email from yahoo.com first before we release the email to the recipient.

    Do you have any idea how to do this?

    Thanks,
    Christian
    christian@tssb.com.my

    ReplyDelete
  2. Hi Christian,
    I think you use can a procmail rule like below:
    :0
    * ^From.*someone.i.dont.like@somewhere.org
    /dev/null

    Thanks,
    Derek

    ReplyDelete