Exchange traffic monitoring
Results 1 to 5 of 5

Thread: Exchange traffic monitoring

Hybrid View

  1. #1
    Senior Member Blunted One's Avatar
    Join Date
    Dec 2005
    Posts
    183

    Exchange traffic monitoring

    I had a quick question for Anti-Online community.

    I have been asked if it is possible to monitor email traffic. But not just the normal individuals, but the distribution aliases. Is this possible and is there a good program or way out there to do this. I have been trying some monitoring software before, but it usually is limited to individual users and their traffic and who they correspond with.

    I wanted something to monitor the traffic sent between all the different aliases on the exchange server. Is there a best method for this? Perhaps something built into MS Exchange?
    It's not a war on drugs it's a war against personal freedoms!

  2. #2
    Senior Member
    Join Date
    Oct 2001
    Posts
    748
    It depends on what you want to track. Do you just need to know who sent an email to certain distribution lists? Do you need the subject, the attachments, the body of the message? You can use the message tracking logs, that will give you who sent the message, recipients, time, subject(this can be toggled).

    But if you want to journal the complete message that is not really possible on a distribution list. You can general everything received to mailboxes, but not DL's.

    There is traffic analysis software available for exchange, but that will just give you an idea of who sent how many messages, and who received what messages. Not the actual content of the message.

  3. #3
    Master-Jedi-Pimps0r & Moderator thehorse13's Avatar
    Join Date
    Dec 2002
    Location
    Washington D.C. area
    Posts
    2,883
    Make your own custom monitoring scripts.

    PERL + Exchange logs = Custom monitoring info.

    --TH13
    Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
    Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden

  4. #4
    Senior Member Blunted One's Avatar
    Join Date
    Dec 2005
    Posts
    183
    Good idea...if only I could make a monitoring script for the exchange distribution lists.

    Basically what I have been told by the directors is that they want to see what distribution alias gets the most traffic. I am sure knowing who is sending to what dist. alias would also be beneficial. I have tried the monitoring programs for exchange, but as was said before they only monitor the users and who they are sending to internally and externally, but not about what distributions aliases they are sending too or which dist. aliases are getting the most traffic.

    No need to see what is in the message just the traffic usage sent to and from each dist. alias. Thanks for the ideas though.
    It's not a war on drugs it's a war against personal freedoms!

  5. #5
    Senior Member
    Join Date
    Oct 2001
    Posts
    748
    If you turn on message tracking you will be able to determine who is receiving mail, and what distribution lists are receiving the most email. Tracking logs can be used to determine the highest volume of senders, as well as the largest recipient. You will have to filter the data yourself. Distribution lists show up just like normal recipients. The best way to determine this is to make sure your distribution lists all have a similiar email handle. For instance append all distribution lists with "dl-". Then you could very easily use message tracking logs to find the highest receiving distribution list.

    MS also has a tool called MTLanalyzer.exe that will run some basic canned reports on the tracking logs. You may have to contact MS support to get a copy of it. We got it from our alliance engineer.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides