[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [cobalt-users] Recovering Email for Court Case
- Subject: RE: [cobalt-users] Recovering Email for Court Case
- From: "Robert C. Betzel" <rbetzel@xxxxxxxxxxxxxxxxxxxx>
- Date: Sat Feb 9 09:12:04 2002
- List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>
Thanks for all of the input on this issue. Thankfully this system is
not mine. The customer owns and hosts the system themselves; I just
help from time to time on network and PC issues. I don't think that I
am going to get caught up in this case but you never know. I just
wanted to give them an answer to the can we setup a logging system
question if it was asked. I am amazed by the number of people that
assume that you can with little or no effort recover their deleted email
and files. Again thanks for the input and information.
Thanks
Robert C. Betzel
Infinity Network Solutions, Inc.
PO Box 26426
Macon GA 31221
Toll Free: (866) 475-9510
Phone: (478) 475-9500
Fax: (478) 475-9509
"Where the Possibilities are Endless."
-----Original Message-----
From: cobalt-users-admin@xxxxxxxxxxxxxxx
[mailto:cobalt-users-admin@xxxxxxxxxxxxxxx] On Behalf Of Steve Werby
Sent: Friday, February 08, 2002 1:08 PM
To: cobalt-users@xxxxxxxxxxxxxxx
Subject: Re: [cobalt-users] Recovering Email for Court Case
"Robert C. Betzel" <rbetzel@xxxxxxxxxxxxxxxxxxxx> wrote:
> Is there any way to recover email from a RAQ2 if the user is using
> Netscape or Outlook to download their email and are not leaving a copy
> on the server? We are not backing up the server at all.
No. After a file is deleted from the filesystem, the data still exists
on
the server, but future disk writes will overwrite the data. Most of the
time it's possible to recover data from files a short time after they
were
deleted if the proper steps are taken quickly, but from the sound of it
that
won't help in your situation.
> Also is there any kind of system that can be implemented to allow for
> email recovery?
I'm going to ignore the possibility of changing the type of filesystem
you
run on the RaQ2 because it's not really feasible. For inbound email you
could always setup aliases to copy incoming email on a user by user
basis to
another individual or master mail spool. You just need to edit
Sendmail's
aliases file. And it is possible to set Sendmail to log both inbound
and
outbound email. There are probably other solutions too. Before doing
any
logging or copying of customer email I strongly urge you to consult an
attorney, preferably one specializing in the internet or technology.
For reference, here's what a logged message looks like (the example
below
was an inbound email from the postgresql mailing list for me):
00348 === EXEC procmail -f
gsql-general-owner+M13447@xxxxxxxxxxxxxx -Y -a -d steven-lists
00348 >>> Return-Path: <pgsql-general-owner+M13447@xxxxxxxxxxxxxx>
00348 >>> Received: from postgresql.org (webmail.postgresql.org
[216.126.85.28])
00348 >>> by ns.befriend.com (8.9.3/8.9.3) with ESMTP id MAA00347
00348 >>> for <steve-lists@xxxxxxxxxxxx>; Thu, 9 Aug 2001
12:11:58 -0400
00348 >>> Received: from postgresql.org.org (webmail.postgresql.org
[216.126.85.28])
00348 >>> by postgresql.org (8.11.3/8.11.4) with SMTP id
f79GAnP82600;
00348 >>> Thu, 9 Aug 2001 12:10:49 -0400 (EDT)
00348 >>> (envelope-from
pgsql-general-owner+M13447@xxxxxxxxxxxxxx)
00348 >>> Received: from wildbrain.com ([206.54.55.6])
00348 >>> by postgresql.org (8.11.3/8.11.4) with ESMTP id
f79GAIP82463
00348 >>> for <pgsql-general@xxxxxxxxxxxxxx>; Thu, 9 Aug 2001
12:10:18 -0400 (EDT)
00348 >>> (envelope-from dado@xxxxxxxxxxxxx)
00348 >>> Received: from dadowin [207.44.242.179] by wildbrain.com
[206.54.55.6]
00348 >>> with SMTP (MDaemon.v2.8.7.4.R)
00348 >>> for <pgsql-general@xxxxxxxxxxxxxx>; Thu, 09 Aug 2001
09:14:38 -0700
00348 >>> Message-ID: <005501c120ed$a51a8080$b3f22ccf@dadowin>
00348 >>> From: "dado feigenblatt" <dado@xxxxxxxxxxxxx>
00348 >>> TO: <pgsql-general@xxxxxxxxxxxxxx>
00348 >>> Subject: [GENERAL] webware
00348 >>> Date: Thu, 9 Aug 2001 09:09:18 -0700
00348 >>> MIME-Version: 1.0
00348 >>> Content-Type: text/plain;
00348 >>> charset="iso-8859-1"
00348 >>> Content-Transfer-Encoding: 7bit
00348 >>> X-Priority: 3
00348 >>> X-MSMail-Priority: Normal
00348 >>> X-Mailer: Microsoft Outlook Express 5.00.2919.6700
00348 >>> X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2919.6700
00348 >>> X-MDaemon-Deliver-To: pgsql-general@xxxxxxxxxxxxxx
00348 >>> X-Return-Path: dado@xxxxxxxxxxxxx
00348 >>> Reply-To: dado@xxxxxxxxxxxxx
00348 >>> Precedence: bulk
00348 >>> Sender: pgsql-general-owner@xxxxxxxxxxxxxx
00348 >>>
00348 >>> Does anybody know Webware?
00348 >>> http://webware.sourceforge.net
00348 >>> Any opinions?
00348 >>>
00348 >>> --
00348 >>> Dado Feigenblatt
00348 >>>
00348 >>>
00348 >>>
00348 >>> ---------------------------(end of
broadcast)---------------------------
00348 >>> TIP 4: Don't 'kill -9' the postmaster
00348 === EXEC sh -c
/home/sites/www.befriend.com/listaddict/development/inc/email_parser.php
c
00348 >>> From pgsql-general-owner+M13447@xxxxxxxxxxxxxx Thu Aug 9
12:11:58 2001
00348 >>> Received: from postgresql.org (webmail.postgresql.org
[216.126.85.28])
00348 >>> by ns.befriend.com (8.9.3/8.9.3) with ESMTP id MAA00347
00348 >>> for <steve-lists@xxxxxxxxxxxx>; Thu, 9 Aug 2001
12:11:58 -0400
00348 >>> Received: from postgresql.org.org (webmail.postgresql.org
[216.126.85.28])
00348 >>> by postgresql.org (8.11.3/8.11.4) with SMTP id
f79GAnP82600;
00348 >>> Thu, 9 Aug 2001 12:10:49 -0400 (EDT)
00348 >>> (envelope-from
pgsql-general-owner+M13447@xxxxxxxxxxxxxx)
00348 >>> Received: from wildbrain.com ([206.54.55.6])
00348 >>> by postgresql.org (8.11.3/8.11.4) with ESMTP id
f79GAIP82463
00348 >>> for <pgsql-general@xxxxxxxxxxxxxx>; Thu, 9 Aug 2001
12:10:18 -0400 (EDT)
00348 >>> (envelope-from dado@xxxxxxxxxxxxx)
00348 >>> Received: from dadowin [207.44.242.179] by wildbrain.com
[206.54.55.6]
00348 >>> with SMTP (MDaemon.v2.8.7.4.R)
00348 >>> for <pgsql-general@xxxxxxxxxxxxxx>; Thu, 09 Aug 2001
09:14:38 -0700
00348 >>> Message-ID: <005501c120ed$a51a8080$b3f22ccf@dadowin>
00348 >>> From: "dado feigenblatt" <dado@xxxxxxxxxxxxx>
00348 >>> TO: <pgsql-general@xxxxxxxxxxxxxx>
00348 >>> Subject: [GENERAL] webware
00348 >>> Date: Thu, 9 Aug 2001 09:09:18 -0700
00348 >>> MIME-Version: 1.0
00348 >>> Content-Type: text/plain;
00348 >>> charset="iso-8859-1"
00348 >>> Content-Transfer-Encoding: 7bit
00348 >>> X-Priority: 3
00348 >>> X-MSMail-Priority: Normal
00348 >>> X-Mailer: Microsoft Outlook Express 5.00.2919.6700
00348 >>> X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2919.6700
00348 >>> X-MDaemon-Deliver-To: pgsql-general@xxxxxxxxxxxxxx
00348 >>> X-Return-Path: dado@xxxxxxxxxxxxx
00348 >>> Reply-To: dado@xxxxxxxxxxxxx
00348 >>> Precedence: bulk
00348 >>> Sender: pgsql-general-owner@xxxxxxxxxxxxxx
00348 >>>
00348 >>> Does anybody know Webware?
00348 >>> http://webware.sourceforge.net
00348 >>> Any opinions?
00348 >>>
00348 >>> --
00348 >>> Dado Feigenblatt
00348 >>>
00348 >>>
00348 >>>
00348 >>> ---------------------------(end of
broadcast)---------------------------
00348 >>> TIP 4: Don't 'kill -9' the postmaster
00348 === EXEC sh -c /home/sites/dev.befriend.com/web/phpcgi/slurp
00348 >>> From pgsql-general-owner+M13447@xxxxxxxxxxxxxx Thu Aug 9
12:11:58 2001
00348 >>> Received: from postgresql.org (webmail.postgresql.org
[216.126.85.28])
00348 >>> by ns.befriend.com (8.9.3/8.9.3) with ESMTP id MAA00347
00348 >>> for <steve-lists@xxxxxxxxxxxx>; Thu, 9 Aug 2001
12:11:58 -0400
00348 >>> Received: from postgresql.org.org (webmail.postgresql.org
[216.126.85.28])
00348 >>> by postgresql.org (8.11.3/8.11.4) with SMTP id
f79GAnP82600;
00348 >>> Thu, 9 Aug 2001 12:10:49 -0400 (EDT)
00348 >>> (envelope-from
pgsql-general-owner+M13447@xxxxxxxxxxxxxx)
00348 >>> Received: from wildbrain.com ([206.54.55.6])
00348 >>> by postgresql.org (8.11.3/8.11.4) with ESMTP id
f79GAIP82463
00348 >>> for <pgsql-general@xxxxxxxxxxxxxx>; Thu, 9 Aug 2001
12:10:18 -0400 (EDT)
00348 >>> (envelope-from dado@xxxxxxxxxxxxx)
00348 >>> Received: from dadowin [207.44.242.179] by wildbrain.com
[206.54.55.6]
00348 >>> with SMTP (MDaemon.v2.8.7.4.R)
00348 >>> for <pgsql-general@xxxxxxxxxxxxxx>; Thu, 09 Aug 2001
09:14:38 -0700
00348 >>> Message-ID: <005501c120ed$a51a8080$b3f22ccf@dadowin>
00348 >>> From: "dado feigenblatt" <dado@xxxxxxxxxxxxx>
00348 >>> TO: <pgsql-general@xxxxxxxxxxxxxx>
00348 >>> Subject: [GENERAL] webware
00348 >>> Date: Thu, 9 Aug 2001 09:09:18 -0700
00348 >>> MIME-Version: 1.0
00348 >>> Content-Type: text/plain;
00348 >>> charset="iso-8859-1"
00348 >>> Content-Transfer-Encoding: 7bit
00348 >>> X-Priority: 3
00348 >>> X-MSMail-Priority: Normal
00348 >>> X-Mailer: Microsoft Outlook Express 5.00.2919.6700
00348 >>> X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2919.6700
00348 >>> X-MDaemon-Deliver-To: pgsql-general@xxxxxxxxxxxxxx
00348 >>> X-Return-Path: dado@xxxxxxxxxxxxx
00348 >>> Reply-To: dado@xxxxxxxxxxxxx
00348 >>> Precedence: bulk
00348 >>> Sender: pgsql-general-owner@xxxxxxxxxxxxxx
00348 >>>
00348 >>> Does anybody know Webware?
00348 >>> http://webware.sourceforge.net
00348 >>> Any opinions?
00348 >>>
00348 >>> --
00348 >>> Dado Feigenblatt
00348 >>>
00348 >>>
00348 >>>
00348 >>> ---------------------------(end of
broadcast)---------------------------
00348 >>> TIP 4: Don't 'kill -9' the postmaster
--
Steve Werby
President, Befriend Internet Services LLC
http://www.befriend.com/
_______________________________________________
cobalt-users mailing list
cobalt-users@xxxxxxxxxxxxxxx
To Subscribe or Unsubscribe, please go to:
http://list.cobalt.com/mailman/listinfo/cobalt-users