Can we log all incoming email messages in Puremessage Linux ?

Hi dcstech,

You can certainly do this but you need to use a new UI called the Groups interface.  This interface has functionality to search Mail Logs - including all messages and not just quarantined messages.

By default groups can be accessed via:  https://server:28443/groups

Before you can login you will need to create a superuser account.  Super users can search the logs/quarantine for any email:

pmx-user --add --username Joe --fullname "Joe Bloggs" --email joebloggs@mydomain.tld --passphrase sophos --superuser

The groups interface is also highly configurable.  You can create accounts that can only see e-mail sent to particular domains.  You can also allow users to configure lists and banners, so you can delegate tasks to people without allowing them access to the full Manager UI.  For more details:

http://pmx.sophos.com/docs/pmx/Latest/en/pmdocs/concepts/AdmGroups.html

Hope this helps,

Tom.

does this apply only in Puremessage v6, or can we do it on version 5.6 too ?

Sure this feature was also available in PMX5.   Setup should be pretty much the same - for your purposes you just need to create the superuser account and then you can use this interface to search quarantine and logs.

If you want to go more complex and create restricted accounts, I'd recommend to follow the tutorial to create groups and assign users to those groups.  The online help for pmx5.6 is here:

http://pmx.sophos.com/docs/pmx/Legacy/5.6/pmdocs/concepts/AdmGroups.html

Let me know if there are any issues.

Tom.

Well we tried that, but we get absolutely no results when we search for logs (and not for quarantine)

the fact that Log Search Index  is stopped, is relevant or not ? (we can't make it start)

Hi dcstech,

Ah, if logsearch index is not running then you won't get new search results.  This service must be running on any server that is processing mail.

Do you get an error when running (as pmx):  pmx-logsearch-index start

You can also check: pmx-logsearch-index status

Thanks,

Tom.

Even though you asked about the Web UI, it's possible to check the logs from the command line as well. This of course is dependant on how you have your sysloging set up, however *most* Linux varients are simialr:

1. /var/log/mail.log (or something close to this name) - Logs all the MTA traffic. By default Sophos is using Postfix though Sendmail is an option too

2. /opt/pmx/var/log/message_log - Logs all the PureMessage Interaction

You have to remember that the sequence of events is thus: MTA->PMX->MTA->[Mailbox | Relay] which means you will see two entries in the MTA log.

Erric

Well, as i see, we can't get Logsearch to work as we haven't selected Postfix mail transfer agent during installation .

Hi dcstech,

I see, yes unfortunately you can only use logsearch if Postfix is the MTA.  If you're using a different MTA then you can still search the raw logs manually as Erric suggested, but not via the GUI.

Thanks,

Tom.

I realize it can be hard for anyone to switch MTAs, especially if you have many people experienced with Sendmail, however as a Sendmail refugee of 4+ years now I believe it's worth the effort to make the move.  :-)

Erric