Privacy violation:Scalix sendmail logging with mail contents

[erikw_nl]

Hi,

Due to our network provider, we had a problem with outgoing email (they thought it is nice to block port 25).
This resulted in an enormous mail queue.
It was impossible to find any logging within scalix to diagnose the problem, only " ls -altr /var/spool/mqueue" showed that something was wrong with mail queueing. Also SAC stayed happy and insisted that there was " No log information available" , also at the queues section " Internet Mail Gateway" said " No messages in this queue"...

After reading several posts on this subject, adding " DEBUG_LOG=TRUE" in /var/opt/scalix/kh/s/sys/smtpd.cfg would turn on sendmail logging. So the DEBUG_LOG parameter was entered, and smtpd restarted with omoff/omon.

Now there is a file " /var/opt/scalix/kh/s/tmp/smtpd-SMTP.log" that shows some smtp logging.
In this file also the Content of the mail is stored. This is really bad, what the sysadmin needs is a log of the mail traffic, like good old sendmail, and not the mail contents. I think this kind of behaviour is in violation with several privacy regulations.
Questions:
1) Is it possible to get sendmail style of mail traffic logging without the mails themselves.
2) Why does SAC not reveal any logging or what so ever ?. Except for creating users this tool seems to be not usable for analysis of scalix problems.

Thx in advance.

Erik

[gren]

What you are probably asking for is audit logging which by default is off

See omconfaud.

I would recommend at least :

omconfaud rtr 13 ld 13 unix 13 pop3 13
omconfaud -a imap 13 smtpd 13

audit records (in text) then goes to /var/opt/scalix/??/s/logs/audit

On the privacy issues. If these files are world readable, then that is a problem, but I doubt if they are. Once you have privileged access to the mail store machine, you can see the same data in a number of ways from network sniffing to looking at the mailstore files.

Regards,
Gren.

[erikw_nl]

Hi Gren,

Thx for the hints, i will try them to see what the effect is.

The issue on reading email of other users is important.

There is a big difference between hacking, i.e. sniffing or deliberately reading some else email as sysadmin, or being forced to read someone else's email because some outgoing smtp problem is being diagnosed.

Actions in the first category are in violation with company policies.
If I tell my boss there is a possibility that in case of mail problems there is a probability that i will read his email, i can guess what his answer wil be.

So it is very important that sendmail debugging information is available to the sysadmin, without email contents.

Erik

[kanderson]

Hi Erik.

As was already said, clearly what you're after is auditing. This shows some basic information about messages as they are being passed through the server.

The logging you turned on is for debugging purposes, and it's the same as using wireshark, or some other sniffer. This isn't there so you can follow a message through the queue, it's there so that if a message goes corrupt while going through a queue, you have the entire conversation so you can debug it. This is just easier to use than wireshark.

Note that the smtp you have turned on will not log all emails, only ones travelling over smtp. So internal user to internal user would not be captured, as an example.

Kev.