I've dug through the archives, and don't see if this has been answered anywhere
before:
We're running a honeypot and are hoping to switch over to opensmtpd. The
concept of this honeypot is that I'd like to capture all of the email that is
sent to it, regardless of the recipient. I'd like to capture everything for
analysis. Currently our very primitive set up is:
Install Mail Server:
- sudo apt-get install opensmtpd
- server name is: inbound.ourdomain.com
- root and postmaster recipient: mailin123 #this is an account
that exists on the server
- vi /etc/smtpd.conf
o comment out line: listen on localhost
o comment out line: table aliases file...
o comment out line: accept for local...
o comment out line: accept for any...
o add line: listen on eth0 port 25 hostname
inbound.ourdomain.com
o add line: max-message-size 50M
o add line: accept from any for any virtual { "@" => mailin123
} deliver to maildir "/mail"
This config works for single recipient emails.
Question: currently if I send an email with a to: address of [email protected],
and a CC: addresses of [email protected] and [email protected], the system
currently writes three files that are identical with the exception of the
Delivered-To: line. Is it possible to have all three of those files combined in
to one file with 3 Delivered-To lines?
Ultimately I don't want to run the email through our analytics 3 times, I only
want to process it once.
Thanks,
- Al
The OTC Group, 1-888-438-1682 [email protected]
5-4350 Castleton Road, London, ON N6N 0A3
You may unsubscribe at any time by visiting
http://portal.caslcure.com/unsubscribe/otc.agilson
All unsubscribe requests are handled within 10 days of receipt.
