What is Communications Data?
Ian G Batten
I.G.Batten at ftel.co.uk
Tue, 12 Nov 2002 08:37:03 +0000
On Mon, 11 Nov 2002, Watkin Simon wrote:
> > From: Bruno Postle [mailto:bruno@postle.net]
> > Sent: 09 November 2002 15:44
> >
> > Indeed, Simon is displaying a certain lack of clue about email.
>
> Quite possibly :-)
>
> > Email headers fall into three categories, none of these are
> > involved in
> > (smtp) email routing:
>
> Probably I should have said e-mail logs not headers?
Yes. What's in the logs of email is traffic data, without any
question. I don't know about stuff like Exchange, but in the Unix world
the only thing pulled out of the header to go into the logs is the
message id. So Simon's mail appears in my logs as:
Nov 11 17:36:46 gABHajsh005603: from=<ukcrypto-admin@chiark.greenend.org.uk>,
size=2718, class=-60, nrcpts=1,
msgid=<012438016373D411A0F300508BBD04A5022EB8FB@L01EB006>, proto=ESMTP,
daemon=MTA, relay=mail@chiark.greenend.org.uk [193.201.200.170]
Nov 11 17:36:47 gABHajsh005603: Milter add: header: X-Razored: ok
Nov 11 17:36:49 gABHajsh005603: Milter add: header: X-Virus-Scanned: by
amavisd-milter (http://amavis.org/)
Nov 11 17:36:50 gABHajsh005603: Milter add: header: X-Spam-Status: No,
hits=-0.6
required=5.0\n\ttests=SUBJ_ENDS_IN_Q_MARK,EXCUSE_16,AWL\n\tversion=2.31
Nov 11 17:36:50 gABHajsh005603: Milter add: header: X-Spam-Level:
Nov 11 17:36:54 gABHajsh005603: to=igb@imap, delay=00:00:08, xdelay=00:00:04,
mailer=esmtp, pri=141137, relay=imap.ftel.co.uk. [172.16.2.14], dsn=2.0.0,
stat=Sent (gABHao6j006017 Message accepted for delivery)
Note that the From: and To: are not logged, but the envelope MAIL FROM and RCPT
TO are. So, for example, had the message also been sent to people not on this
site, that information is not in the logs.
ian