[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-users] Recovering Email for Court Case
- Subject: Re: [cobalt-users] Recovering Email for Court Case
- From: "Steve Werby" <steve-lists@xxxxxxxxxxxx>
- Date: Fri Feb 8 17:00:39 2002
- List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>
"Robert C. Betzel" <rbetzel@xxxxxxxxxxxxxxxxxxxx> wrote:
> Is there any way to recover email from a RAQ2 if the user is using
> Netscape or Outlook to download their email and are not leaving a copy
> on the server? We are not backing up the server at all.
No. After a file is deleted from the filesystem, the data still exists on
the server, but future disk writes will overwrite the data. Most of the
time it's possible to recover data from files a short time after they were
deleted if the proper steps are taken quickly, but from the sound of it that
won't help in your situation.
> Also is there any kind of system that can be implemented to allow for
> email recovery?
I'm going to ignore the possibility of changing the type of filesystem you
run on the RaQ2 because it's not really feasible. For inbound email you
could always setup aliases to copy incoming email on a user by user basis to
another individual or master mail spool. You just need to edit Sendmail's
aliases file. And it is possible to set Sendmail to log both inbound and
outbound email. There are probably other solutions too. Before doing any
logging or copying of customer email I strongly urge you to consult an
attorney, preferably one specializing in the internet or technology.
For reference, here's what a logged message looks like (the example below
was an inbound email from the postgresql mailing list for me):
00348 === EXEC procmail -f
gsql-general-owner+M13447@xxxxxxxxxxxxxx -Y -a -d steven-lists
00348 >>> Return-Path: <pgsql-general-owner+M13447@xxxxxxxxxxxxxx>
00348 >>> Received: from postgresql.org (webmail.postgresql.org
[216.126.85.28])
00348 >>> by ns.befriend.com (8.9.3/8.9.3) with ESMTP id MAA00347
00348 >>> for <steve-lists@xxxxxxxxxxxx>; Thu, 9 Aug 2001
12:11:58 -0400
00348 >>> Received: from postgresql.org.org (webmail.postgresql.org
[216.126.85.28])
00348 >>> by postgresql.org (8.11.3/8.11.4) with SMTP id f79GAnP82600;
00348 >>> Thu, 9 Aug 2001 12:10:49 -0400 (EDT)
00348 >>> (envelope-from pgsql-general-owner+M13447@xxxxxxxxxxxxxx)
00348 >>> Received: from wildbrain.com ([206.54.55.6])
00348 >>> by postgresql.org (8.11.3/8.11.4) with ESMTP id f79GAIP82463
00348 >>> for <pgsql-general@xxxxxxxxxxxxxx>; Thu, 9 Aug 2001
12:10:18 -0400 (EDT)
00348 >>> (envelope-from dado@xxxxxxxxxxxxx)
00348 >>> Received: from dadowin [207.44.242.179] by wildbrain.com
[206.54.55.6]
00348 >>> with SMTP (MDaemon.v2.8.7.4.R)
00348 >>> for <pgsql-general@xxxxxxxxxxxxxx>; Thu, 09 Aug 2001
09:14:38 -0700
00348 >>> Message-ID: <005501c120ed$a51a8080$b3f22ccf@dadowin>
00348 >>> From: "dado feigenblatt" <dado@xxxxxxxxxxxxx>
00348 >>> TO: <pgsql-general@xxxxxxxxxxxxxx>
00348 >>> Subject: [GENERAL] webware
00348 >>> Date: Thu, 9 Aug 2001 09:09:18 -0700
00348 >>> MIME-Version: 1.0
00348 >>> Content-Type: text/plain;
00348 >>> charset="iso-8859-1"
00348 >>> Content-Transfer-Encoding: 7bit
00348 >>> X-Priority: 3
00348 >>> X-MSMail-Priority: Normal
00348 >>> X-Mailer: Microsoft Outlook Express 5.00.2919.6700
00348 >>> X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2919.6700
00348 >>> X-MDaemon-Deliver-To: pgsql-general@xxxxxxxxxxxxxx
00348 >>> X-Return-Path: dado@xxxxxxxxxxxxx
00348 >>> Reply-To: dado@xxxxxxxxxxxxx
00348 >>> Precedence: bulk
00348 >>> Sender: pgsql-general-owner@xxxxxxxxxxxxxx
00348 >>>
00348 >>> Does anybody know Webware?
00348 >>> http://webware.sourceforge.net
00348 >>> Any opinions?
00348 >>>
00348 >>> --
00348 >>> Dado Feigenblatt
00348 >>>
00348 >>>
00348 >>>
00348 >>> ---------------------------(end of
broadcast)---------------------------
00348 >>> TIP 4: Don't 'kill -9' the postmaster
00348 === EXEC sh -c
/home/sites/www.befriend.com/listaddict/development/inc/email_parser.phpc
00348 >>> From pgsql-general-owner+M13447@xxxxxxxxxxxxxx Thu Aug 9
12:11:58 2001
00348 >>> Received: from postgresql.org (webmail.postgresql.org
[216.126.85.28])
00348 >>> by ns.befriend.com (8.9.3/8.9.3) with ESMTP id MAA00347
00348 >>> for <steve-lists@xxxxxxxxxxxx>; Thu, 9 Aug 2001
12:11:58 -0400
00348 >>> Received: from postgresql.org.org (webmail.postgresql.org
[216.126.85.28])
00348 >>> by postgresql.org (8.11.3/8.11.4) with SMTP id f79GAnP82600;
00348 >>> Thu, 9 Aug 2001 12:10:49 -0400 (EDT)
00348 >>> (envelope-from pgsql-general-owner+M13447@xxxxxxxxxxxxxx)
00348 >>> Received: from wildbrain.com ([206.54.55.6])
00348 >>> by postgresql.org (8.11.3/8.11.4) with ESMTP id f79GAIP82463
00348 >>> for <pgsql-general@xxxxxxxxxxxxxx>; Thu, 9 Aug 2001
12:10:18 -0400 (EDT)
00348 >>> (envelope-from dado@xxxxxxxxxxxxx)
00348 >>> Received: from dadowin [207.44.242.179] by wildbrain.com
[206.54.55.6]
00348 >>> with SMTP (MDaemon.v2.8.7.4.R)
00348 >>> for <pgsql-general@xxxxxxxxxxxxxx>; Thu, 09 Aug 2001
09:14:38 -0700
00348 >>> Message-ID: <005501c120ed$a51a8080$b3f22ccf@dadowin>
00348 >>> From: "dado feigenblatt" <dado@xxxxxxxxxxxxx>
00348 >>> TO: <pgsql-general@xxxxxxxxxxxxxx>
00348 >>> Subject: [GENERAL] webware
00348 >>> Date: Thu, 9 Aug 2001 09:09:18 -0700
00348 >>> MIME-Version: 1.0
00348 >>> Content-Type: text/plain;
00348 >>> charset="iso-8859-1"
00348 >>> Content-Transfer-Encoding: 7bit
00348 >>> X-Priority: 3
00348 >>> X-MSMail-Priority: Normal
00348 >>> X-Mailer: Microsoft Outlook Express 5.00.2919.6700
00348 >>> X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2919.6700
00348 >>> X-MDaemon-Deliver-To: pgsql-general@xxxxxxxxxxxxxx
00348 >>> X-Return-Path: dado@xxxxxxxxxxxxx
00348 >>> Reply-To: dado@xxxxxxxxxxxxx
00348 >>> Precedence: bulk
00348 >>> Sender: pgsql-general-owner@xxxxxxxxxxxxxx
00348 >>>
00348 >>> Does anybody know Webware?
00348 >>> http://webware.sourceforge.net
00348 >>> Any opinions?
00348 >>>
00348 >>> --
00348 >>> Dado Feigenblatt
00348 >>>
00348 >>>
00348 >>>
00348 >>> ---------------------------(end of
broadcast)---------------------------
00348 >>> TIP 4: Don't 'kill -9' the postmaster
00348 === EXEC sh -c /home/sites/dev.befriend.com/web/phpcgi/slurp
00348 >>> From pgsql-general-owner+M13447@xxxxxxxxxxxxxx Thu Aug 9
12:11:58 2001
00348 >>> Received: from postgresql.org (webmail.postgresql.org
[216.126.85.28])
00348 >>> by ns.befriend.com (8.9.3/8.9.3) with ESMTP id MAA00347
00348 >>> for <steve-lists@xxxxxxxxxxxx>; Thu, 9 Aug 2001
12:11:58 -0400
00348 >>> Received: from postgresql.org.org (webmail.postgresql.org
[216.126.85.28])
00348 >>> by postgresql.org (8.11.3/8.11.4) with SMTP id f79GAnP82600;
00348 >>> Thu, 9 Aug 2001 12:10:49 -0400 (EDT)
00348 >>> (envelope-from pgsql-general-owner+M13447@xxxxxxxxxxxxxx)
00348 >>> Received: from wildbrain.com ([206.54.55.6])
00348 >>> by postgresql.org (8.11.3/8.11.4) with ESMTP id f79GAIP82463
00348 >>> for <pgsql-general@xxxxxxxxxxxxxx>; Thu, 9 Aug 2001
12:10:18 -0400 (EDT)
00348 >>> (envelope-from dado@xxxxxxxxxxxxx)
00348 >>> Received: from dadowin [207.44.242.179] by wildbrain.com
[206.54.55.6]
00348 >>> with SMTP (MDaemon.v2.8.7.4.R)
00348 >>> for <pgsql-general@xxxxxxxxxxxxxx>; Thu, 09 Aug 2001
09:14:38 -0700
00348 >>> Message-ID: <005501c120ed$a51a8080$b3f22ccf@dadowin>
00348 >>> From: "dado feigenblatt" <dado@xxxxxxxxxxxxx>
00348 >>> TO: <pgsql-general@xxxxxxxxxxxxxx>
00348 >>> Subject: [GENERAL] webware
00348 >>> Date: Thu, 9 Aug 2001 09:09:18 -0700
00348 >>> MIME-Version: 1.0
00348 >>> Content-Type: text/plain;
00348 >>> charset="iso-8859-1"
00348 >>> Content-Transfer-Encoding: 7bit
00348 >>> X-Priority: 3
00348 >>> X-MSMail-Priority: Normal
00348 >>> X-Mailer: Microsoft Outlook Express 5.00.2919.6700
00348 >>> X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2919.6700
00348 >>> X-MDaemon-Deliver-To: pgsql-general@xxxxxxxxxxxxxx
00348 >>> X-Return-Path: dado@xxxxxxxxxxxxx
00348 >>> Reply-To: dado@xxxxxxxxxxxxx
00348 >>> Precedence: bulk
00348 >>> Sender: pgsql-general-owner@xxxxxxxxxxxxxx
00348 >>>
00348 >>> Does anybody know Webware?
00348 >>> http://webware.sourceforge.net
00348 >>> Any opinions?
00348 >>>
00348 >>> --
00348 >>> Dado Feigenblatt
00348 >>>
00348 >>>
00348 >>>
00348 >>> ---------------------------(end of
broadcast)---------------------------
00348 >>> TIP 4: Don't 'kill -9' the postmaster
--
Steve Werby
President, Befriend Internet Services LLC
http://www.befriend.com/