Tracking users
Scot L. Harris
webid at cfl.rr.com
Wed Aug 10 00:50:37 UTC 2005
On Tue, 2005-08-09 at 20:30, AragonX wrote:
> <quote who="Scot L. Harris">
> We have a great acceptable usage policy. The problem is, management is
> hesitant to enforce it. They want concrete proof that the persons who's
> computers are constantly being infected is being done by the person the
> computer is assigned to.
>
> We are using Sendmail and procmail for our mail system. Squirrelmail uses
> imap, I don't know if that makes tracking where the email was sent from
> easier or harder?
>
Then you should be able to use something like milter-bcc to get copies
of any messages sent through your MTA. As I mentioned previously users
can circumvent your MTA by a variety of methods. You can block SMTP
going out of your network except for your MTA server. But it becomes
more difficult to block users from using other email systems such as
gmail or hotmail to get thing sent from inside your network. The use of
anonymous proxies is just one way. You will also need to block ssh
tunneling and similar methods from originating from within your
intranet. Of course it is a good idea to block all outbound
protocols/ports except for those you need for business.
More information about the fedora-list
mailing list