Select Page

Saving copies of all email using Exim

I’ve often seen questions on lists by people who want to save all incoming and outgoing mail on a specific server in an archive, this is usually due to some auditor requesting it or corporate legal types requesting it.

The Exim documentation says it can be done but does not give examples neither does any of the two Exim books, the mailing lists are short of working examples and Google does not help either! Eventually came across a russian language site that had a working setup so I figured I’d document it here in English.

The basic idea is I want a maildir made that has sub folders for each user containing incoming and outgoing mail.

You’ll need to use 2 types of Exim configuration, one being a System Filter and one being a Shadow Transport.

Handling outgoing mail is done using the system filter, I’ll set this up to only affect mail matching domain.com. In the main Exim configuration configure the basics of system wide filters by simply adding the following to the top section:

system_filter = /etc/exim/systemfilter.txt
system_filter_directory_transport = local_copy_outgoing

This defines the file where the filter will live as well as a transport that will be used to delivery the mails created by the filter. You could potentially use one of your existing transports, I like using a separate one for clarity, in your transports section add the local_copy_outgoing:

local_copy_outgoing:
driver = appendfile
delivery_date_add
envelope_to_add
return_path_add
group = exim
user = exim
mode = 0660
maildir_format = true
create_directory = true

NOTE: This is using user exim and group exim, you want to adjust it for your local needs.

Now simply create the filter in /etc/exim/systemfilter.txt:

if $sender_address_domain is domain.com
then
unseen save /var/mail/domain.com/mailarchive/.${tr{$sender_address}{.}{_}}.outgoing/
endif

This filter will save the mail in a maildir under /var/mail/domain.com/mailarchive/ the mailbox for a name.surname@domain.com user will be name_surname@domain_com.outgoing using this format means most IMAP clients will display it nicely since .’s tend to confuse them a bit. You can adjust this to taste.

Incoming mail is easier, Exim provides a shadow_transport facility that lets you call another transport for each local delivery, this transport will get a copy of the mail and its result won’t affect the further deliver of the actual email, perfect for calling vacation type commands or doing this kind of mail copying.

My needs are only for intercepting mail that reaches the Maildir’s so I’ll only need to hook into my address_directory transport, if you have other needs like intercepting actual real unix account emails then you can hook into the local_delivery transport using the same method. My address_directory transport looks like the one below, the last 2 lines are the important ones.

address_directory:
driver = appendfile
create_directory
delivery_date_add
directory_mode = 770
envelope_to_add
maildir_format
return_path_add
shadow_transport = local_copy_incoming
shadow_condition = ${if eq {$domain}{domain.com}{yes}{no}}

This calls a transport called local_copy_incoming to deliver the copy of the email, just add the following into your transports again adjusting user id, group id and file paths to your liking. This will do the file name expansion in a similar format I’m just using a slightly more complex form of the text replace here as a different example of things you can do, end result is the same.

local_copy_incoming:
driver = appendfile
directory = /var/mail/domain.com/mailarchive/ \
.${tr {$local_part}{.}{_}}@${tr {$domain}{.}{_}}.incoming/
delivery_date_add
envelope_to_add
return_path_add
group = exim
user = exim
mode = 0660
maildir_format = true
create_directory = true

NOTE: The above line that ends in “\” is a continuation onto the next, remove the “\” and join the two lines in your config.

You can now restart your Exim server, if you’ve done it all right and created the main Maildir where this all live under your incoming and outgoing mail for domain.com will all be saved on a per user basis.

Buran

When I was in Sydney around 2000 there was a Russian protype space shuttle on display, before then I didn’t even know something like it existed.
It was called Buran which means blizzard or snowstorm in russian. The specific one on display there never left the athmosphere it was just a test vehicle for the aero dynamics etc but the program did get a craft up in space and back down to earth safely.


Wikipedia has an entry on the Buran in general, it mentions this specific Buran:

The OK-GLI test vehicle was fitted with four jet engines mounted at the rear (the fuel tank for the engines occupied a quarter of the cargo bay). This Buran could take off under its own power for flight tests, in contrast to the American Enterprise test vehicle, which was entirely unpowered and relied on an air launch.
After the program was cancelled, OK-GLI was stored at Zhukovsky Air Base, near Moscow, and eventually bought by an Australian company, Buran Space Corporation. It was transported by ship to Sydney, Australia via Gothenburg, Sweden โ€” arriving on February 9, 2000 โ€” and appeared as a static tourist attraction under a large temporary structure in Darling Harbour for a few years.
Visitors could walk around and inside the vehicle (a walkway was built along the cargo bay), and plans were in place for a tour of various cities in Australia and Asia. The owners, however, went into bankruptcy, and the vehicle was moved into the open air, where it suffered some deterioration and vandalism.

Click the image above for my set of photos I took there.

Exim Vacation Messages

I hate vacation messages but business people tend to want them. They’re easy to do by the user on Exchange but it’s a bit harder on pure IMAP/POP based services since it’s not all integrated into one with the mail client.

Exim can do vacation messages using its Autoreply Transport. It supports all the usual stuff like only notifying a specific sender once every couple of days etc.

To get this going requires two bits of config, first you need a router. Routers in the exim configuration is processed top-down as they appear in the config file, so you’ll want to put the vacation handling above any localuser handling, virtual hosting etc.

A sample router is shown below, it’s for local users and they just have to put a .vacation file in their home directory to activate the functionality, the .vacation file should contain the text they want mailed. You can easily adapt the location of this to be in your virtual mail hierarchy by changing the file locations below:

uservacation:
driver = accept
domains = +local_domains
require_files = $home/.vacation
# do not reply to errors or lists
condition =  ${if or { \
{match {$h_precedence:} {(?i)junk|bulk|list}} \
{eq {$sender_address} {}} \
} {no} {yes}}
# do not reply to errors or bounces or lists
senders = ! ^.*-request@.*:\
! ^bounce-.*@.*:\
! ^.*-bounce@.*:\
! ^owner-.*@.*:\
! ^postmaster@.*:\
! ^webmaster@.*:\
! ^listmaster@.*:\
! ^mailer-daemon@.*:\
! ^root@.*
no_expn
transport = uservacation_transport
unseen
no_verify

You’ll notice that it does not autoreply to certain people, the kind of from addresses that mailing lists typically use, it will also ignore bounce messages.

Once you have the router configured you’ll need a transport, this will call the autoreply transport and do the hard work. It will use a Berkley style database in ~/.vacation.db to store the list of people it has contacted in the last 14 days. Users can just delete this file if they want to reset it all.

uservacation_transport:
driver = autoreply
file = $home/.vacation
file_expand
once = $home/.vacation.db
# to use a flat file instead of a db specify once_file_size
#once_file_size = 2K
once_repeat = 14d
from = $local_part@$domain
to = $sender_address
subject = "Re: $h_subject"

That should do it, in a virtual domain setup you could easily integrate this into a web interface that maintains the text files required, there are other features like a standard prefix before each vacation message etc, refer to the Exim Documentation for details on these.

Apple Goodies

Over the last few days I’ve come across a couple of really spiffy mac related apps, I just have to share.
If you’re a del.icio.us user you’ve probably wanted better integration between the Mac and del.icio.us, enter Delibar it sits in your menu bar and provides convenient drop down access to your bookmarks.


Some more del.icio.us related goodies, this time to integrate your search results into Spotlight, now I’m not a big Spotlight user but this might just get me to use it. Delimport will suck down all your bookmarks regularly and let you find them using spotlight, it searches tags, descriptions, headings etc.
I’ve previously linked to some Firefox Intel Mac builds, they’ve been lagging a bit and not getting updates but it seems now there will be regularly nightlys for Firefox, you can get them here. They’re fast, looks pretty and are tracking the head so they’re essentially 2.0 betas. So far I’m happy with mine, even my extensions worked which is surprising.

For users on Laptops and older Macs they might be running out of drive space, not a problem on my nice 150Gig SATA disk so I did not try these instructions but if you’re having problems have a look at this blog post that might help. Essentially default OS X installs comes with support for every language known to man (including Klingon!?) it also installs tons of printer drivers, removing these will clear up several Gigs worth.