Storing/Quaranting certain outbound emails

[Jason Williams]

>I think you're looking for the "Archive Mail" option. You set up a ruleset
>like you specified, something like:
>
>FromOrTo:       *@domain.com     /home/youraccount/mail/suspicious
>or
>FromOrTo:       *@domain.com     /home/youraccount/suspicious
>then
>FromOrTo:       default         no
>
>Depending whether your IMAP server stores its mailbox files under
>/home/youraccount (uw-imap) or /home/youraccount/mail (dovecot). That way
>you can use any IMAP client to browse through the archive.
>
>I've never tested sending it to /var/spool/mail/youraccount, but in theory
>that would mean you'd be able to read it using any e-mail account on the
>system.
>
>Another way that just popped into my head would be to send it to a file,
>and then formail -s sendmail youraccount at yourdomain.com that file on a
>regular basis, then delete it.
>
>So if you think about it, there are quite a few ways you could accomplish
>what you need.

Hmm. Since we are not running IMAP, but pop right now, that shake things up
at all?
Secondly, im using MailWatch and was trying to see if I could tie that in
so I could view it through the web interface.

Lastly, the other thing I need to figure out is, once we store the mail,
take a look at it and decide it's ok to be sent, how do I "release" it
without any extra headers or stuff being added to the mail so it appears
that it came from the original user, and the mail was not tampered with...

Have some work cut out for me it seems.

Thanks,

Jason

-------------------------- MailScanner list ----------------------
To leave, send    leave mailscanner    to jiscmail at jiscmail.ac.uk
Before posting, please see the Most Asked Questions at
http://www.mailscanner.biz/maq/     and the archives at
http://www.jiscmail.ac.uk/lists/mailscanner.html