Reading other peoples mails?

Questions and answers about how to do stuff
Post Reply
Jbravo
Posts: 2
Joined: 28 Mar 2022 14:39

Reading other peoples mails?

Post by Jbravo »

I've just been made aware of a situation where the kids on the help desk can read everyone's emails when they pass thru an eFa gateway. I think they do this by clicking on the "Path to message" link in the GUI.
My question here is, can this be stopped? Should eFa even store HAM messages that are successfully relayed to company mailservers at all?
User avatar
pdwalker
Posts: 1553
Joined: 18 Mar 2015 09:16

Re: Reading other peoples mails?

Post by pdwalker »

That is correct. Admins can read email that has been saved in the system.

There are several possible solutions:

1/ don't net untrustworthy people manage your mail gateway or have admin access to your mail gateway

2/ change the code to disable the view message functionality in the gui. See here for an example of how to do this: viewtopic.php?t=2749

I think this would make a good feature request for new MailScanner versions

As for whether efa should store HAM - that entirely depends on the administrators of the system. I store the HAM, because some ham is spam, and I want to train the system when it doesn't get it right.

Another advantage is a "poor man's backup". Should there ever be an issue in my real mail server, I have access to the last 30 days of mail that I could potentially resend to my user/users should I need to.

Anyway, if those kids are untrustworthy, disable the mail viewing functionality, but keep in mind it will be reenabled when eFa updates because the changed files will be overwritten.

Let us know what you decide to do.
Jbravo
Posts: 2
Joined: 28 Mar 2022 14:39

Re: Reading other peoples mails?

Post by Jbravo »

Thanks for responding.

I have a similar setup as described in that thread you referenced. Except there was no security breach. Here when people want attachments/emails released from the queue they open a ticket. This ticket gets routed to the helpdesk and they evaluate why it's not allowed and take action accordingly.
I think granting everybody access to eFa to release their own mails is not a very wise idea as to many people wont care why it was stopped to begin with.
Properly trained helpdesk staff is another matter.

Usually I do trust the helpdesk staff but having this ability could be very tempting for some to abuse.

I will change the code and disable the link. I will flag the anacron "Updates applied" emails from my eFa boxes so I can make sure this feature does not get reactivated.

One last thing. Can I stop eFa from storing HAM completely?
User avatar
pdwalker
Posts: 1553
Joined: 18 Mar 2015 09:16

Re: Reading other peoples mails?

Post by pdwalker »

Yes, I see where you are coming from.

> One last thing. Can I stop eFa from storing HAM completely?

Absolutely! In your mailscanner configuration file, search for the following entry:

Code: Select all

Non Spam Actions =
In my system, I set it to "store deliver header "X-Spam-Status:No"" which means store a copy of the message, deliver the message, and set an X header that the email client can use for filtering. Remove "store" if you don't want to save the message.

You may also want to look at the following as well

Code: Select all

Spam Actions =
High Scoring Spam Actions =
The mailscanner configuration file is really well documented, and tells you all the settings you can use with those options.
Post Reply