I got a call today from the FBI. The person I spoke to was very nice, if not particularly tech-savvy. She was trying to track down an email message that was forwarded through my server in December of 2001, and would I possibly have a copy of that? She really didn't give me very much information, so I can only surmise that somebody relayed a message through my server in a moment when it was misconfigured, and so the message had been traced back to me. Apart from that, I can't figure out what it had to do with me. I suppose I could get all paranoid about it, and try to figure out who is trying to get dirt on me, but, then, I'm not sure what dirt anybody *could* find on me. Still, it kinda freaked me out, and I'm not entirely sure why. Very unpleasant.
But, seriously, does anybody actually log email messages that pass through their MTA? And if so, why, and how?
===
Clarification: I'm not quite so clueless as to be unaware that most MTAs syslog that a message was received or sent. I'm talking about logging the *body* of the message. That seems like a recipe for a DoS. Just send a few dozen multi-megabyte attachments, and fill up the log volume.
On some systems they are logged by default. Look in /var/log/maillog on RedHat, probably somewhere similar on other systems.
If you want, give me the person's name, and I can check with my contacts to see if this person REALLY does work for FBI...
Of course, it could be the security check for that new job you mentioned on June 04, 2003
Posted by: Moose on June 12, 2003 11:43 PMUm, no, Moose. I'm very aware of /var/log/maillog. I'm talking about the *body* of the message, not the /var/log/maillog entry, which is moderately useless, even if I did have logs that far back.
However, I very intentionally *don't* keep logs that far back, specifically because dear Johnny Ashcroft has given various people entirely too much power to paw through them.
Posted by: DrBacchus on June 13, 2003 06:47 AMWhy would ANYONE keep the body of a message?
Posted by: Moose on June 13, 2003 01:36 PMThat was my original question.
Posted by: DrBacchus on June 15, 2003 09:28 PMThat said, there are steps you Friend Findercan take to make sure your Paris Hilton Nude transition is a smooth one. Google Cellphone listings are based in part on our ability to find you from links Dating Serviceon other sites. To preserve your rank, you will want Buy Viagra Online to inform others who link to Discount Sex Toys you of your change of Online Casino Bonus address. One way to find out who Motorola Ringtones is linking to you is to Sex Dating try a link search. Enter into the Google Buy Levitra search box. You may not find London Hotel every page that links to you with this method, but it should help you Play Casino begin redirecting the links leading to your Adult Finder site. (Please note: we do not serve link queries Cheap Mobiles for all of the sites in our index, so this may not produce Mobile Phones any results for your site.)
Posted by: Stop Smoking on May 5, 2004 10:36 AM