I am helping a school and they have told me they need to keep an archive of all email through the site for a short period of time. They also need to delete email after a period of time. In the mean time this email needs to be available for review by authorized persons. (In practice actually doing this is *extremely* rare.)
Could the kind souls here point me in the right direction? They currently implement this policy by methods that make my eyes bleed and needs replacement. Here is what I am thinking. I have a machine (Debian stable) that is available for this purpose. I am thinking that I will generate a list of all valid email addresses (can do this automatically and keep updated by cron) and route those listed addresses through a transport map to a single pseudo user. Then for that pseudo user I will use procmail to write all incoming messages to a single combined maildir format folder. Then file management is easy since I can simply run a 'find' command to delete messages older than a configured value. To browse the messages one could use a mail client and authorize as that user. I have been searching around and keep running into catch-all configurations. But I think I do not want to set up a catch-all. I am not trying to create a honeypot. The machine itself generates its own administrative email to root and so forth and I would like that email to be delivered normally. Plus invalid email should be bounced normally. So I am thinking a transport map with all valid email addresses listed. But I am sure this has been a process that has been put into place many times before by many different people. Is there any wisdom that you might want to share? Any hints on good ways to do this? Thanks, Bob
