1

Topic: Restricting access of outgoing E-mails for every users and monitoring

======== Required information ====
- iRedMail version: iRedMail Pro - v1.9.0 (LDAP)
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): LDAP
- Linux/BSD distribution name and version: CentOS 6.3 Final
- Related log if you're reporting an issue:

Hi,

I think this would be very much I am asking... But I need to accomplish this anyhow.

Can we have some sort of scenario where one person is assigned and he checks / verifies every outgoing (Specially) and incoming E-mails? The person only do authorizing E-mails to go out outside organization.

Normal User's outgoing E-mails > Person who is authorized to send outside > Outside organization

Can this be happen on iRedMail?

2

Re: Restricting access of outgoing E-mails for every users and monitoring

As far as i know, no existing (open source) tools match your request. It's more like a procedure/audit related issue, not a technical issue.

Personally, i think it should work this way:

1. HOLD all in/out emails for this user in Postfix queue, and store the mail queue ID in SQL server (or whatever you want). This can be done with Cluebringer.

2. Write your own program to read raw email message hold in Postfix queue and return info you want. for example, mail subject, sender, recipient, mail body, etc.

NOTE: It's safe to read raw message in Postfix queue directory directly, but not recommend to modify it.

3. Show info returned by your program to the person who does audit. If mail is allowed, release/deliver the email with command 'postsuper' and 'postqueue'.

Just a sample procedure.

3

Re: Restricting access of outgoing E-mails for every users and monitoring

can we install Cluebringer straight away on iRedMail server or it will require specific configurations towards iRedMail?

4

Re: Restricting access of outgoing E-mails for every users and monitoring

New iRedMail release will install Cluebringer and drop support for Policyd-1.8 (no distribution uses it).
Currently, we need some addition SQL records to achieve global white/black/greylisting in Cluebringer, those SQL records are available in (next release of) iRedMail source code.