We have zimbra (postfix) doing this, It works but isn't so polished. Im sure Exim can do the same.
Cybernerd raised this issue in another thread I started.
We have IMs disabled most of the time, however this would be worthwhile anyway. So any suggestions how to tackle the problem?Also with moodle it's worth having some content filter on the email side - any instant messages the student sends through moodle should get caught by the email filter
I'm currently using Ubuntu 6.06 LTS + Exim as my mailhub. So any solution needs to plug into that somehow.
I wonder if it might be better to put the content filter on the moodle server, rather than the student email server, since it is the moodle server sending the message.
btw - moodle does have very good logging facility for tracing students messages, we are required to do this from time to time.
Yes, something more generic on my mail gateway might be worthwhile, so it catches:
external <-> kids
moodle <-> kids
mailman <-> kids
btw, how do you inspect email thats only going internally in Zimbra?
The method I posted does inspect internal email on zimbra, it sits in the postfix queue and if a mail 'passes' the filter then putmail will drop it back into the queue as normal. It inspects anything entering or leaving any account on the zimbra machine, so its a blanket catchall approach. (staff are on a separate box and can curse as much as they like).
securus? I know it costs money, but it does the job. I found some horrible e-mails yesterday :S
I didn't have a filter in place but I had to deal with an email bully today...
It started with a few emails to the teacher account which got progressively more abusive and included another email to a child which got a lot more attention.
So, out came my mailscanner logs (I'm running ConfigServers MailScanner inc' FE on a CPanel server) and presto I could see the headers for the mails but unfortunately no IP's as it was localhost because of webmail as the sender.
So, tracked the times and went into the raw access logs in apache and worked back until I found the IP and times... It was made easier by the number of emails and time spread over which they were sent.
From that I ID'd the IP to their ISP... phoned the ISP... no help at all... and thought.. darn "dead end"...
Then brainwave from a very helpful individual so I started checking to see if the IP had been used for other accounts.. Of course!... So checked back and found a different account used normally for another child..
Granted dynamic IP's would have made it harder to track but there was hits either side of the abuse with the supposedly legit account so I think proof enough.
Anyway, all well and good but this could have been very difficult to resolve or prove... Is there anything that can track this sort of thing better without the manual nightmare?
There are currently 1 users browsing this thread. (0 members and 1 guests)