My company has been looking at setting up a way to archive all incoming and outgoing email in a searchable and reliable setup. We are running a pretty standard exchange 2003 setup, with a third party spam filter. What I was interested mostly in is something in line with our spam filter that can just catch all email after it has passed the spam filter.
Has anyone had experience with this or, is there an open source product out there I could try?
Thanks in advance.
Here's an off-the-wall answer (it's a good thing that I can't lose too many rep points for posting this, eh?):
If you want to play with an open source project, have a look at Archiveopteryx (http://www.archiveopteryx.org/). It's got a really, really sweet normalized SQL-based data storage schema for email (using PostgreSQL). You could combine it with, say, "fetchmail" and the journaling functionality of Exchange (to dump all incoming and outgoing mail, presumably after your spam filter is done with it, into a single mailbox) to create an SQL-based mail archive that you could report and search against with ODBC-based reporting tools.
Really, you should probably be looking at a commercial mail archiving product. I've played with Archiveoptryx for storing my personal mail, but I have yet to try and spin it up for a Customer. I just think the project is really, really cool... >smile<
We've used Exim as a passthrough SMTP server logging to file and Postgresql for several years. I've given a sketch of our setup here, but we also have some hashing functions to make it valid for legal purposes and of course several backup strategies for the SQL data and related files.
The huge advantage of per-message files is that they are very easily extractable and easy to reinsert into somebody's mail account.