From owner-freebsd-stable@FreeBSD.ORG  Fri Oct  6 20:26:54 2006
Return-Path: <owner-freebsd-stable@FreeBSD.ORG>
X-Original-To: freebsd-stable@freebsd.org
Delivered-To: freebsd-stable@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id E80FB16A40F
	for <freebsd-stable@freebsd.org>; Fri,  6 Oct 2006 20:26:54 +0000 (UTC)
	(envelope-from cswiger@mac.com)
Received: from smtpout.mac.com (smtpout.mac.com [17.250.248.186])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 7F44343D7E
	for <freebsd-stable@freebsd.org>; Fri,  6 Oct 2006 20:26:46 +0000 (GMT)
	(envelope-from cswiger@mac.com)
Received: from mac.com (smtpin07-en2 [10.13.10.152])
	by smtpout.mac.com (Xserve/8.12.11/smtpout16/MantshX 4.0) with ESMTP id
	k96KQjL8023535; Fri, 6 Oct 2006 13:26:45 -0700 (PDT)
Received: from [17.214.13.96] (a17-214-13-96.apple.com [17.214.13.96])
	(authenticated bits=0)
	by mac.com (Xserve/smtpin07/MantshX 4.0) with ESMTP id k96KQhep021085; 
	Fri, 6 Oct 2006 13:26:44 -0700 (PDT)
In-Reply-To: <4762624a0610061311i7f7cd11eo853029537e75dda7@mail.gmail.com>
References: <4762624a0610061300u4e31b378oaf1eb9a732913c16@mail.gmail.com>
	<4526B6CE.7030601@mikestammer.com>
	<4762624a0610061311i7f7cd11eo853029537e75dda7@mail.gmail.com>
Mime-Version: 1.0 (Apple Message framework v752.2)
Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed
Message-Id: <8DB156ED-709C-4854-B203-62C57AA8F9F1@mac.com>
Content-Transfer-Encoding: 7bit
From: Chuck Swiger <cswiger@mac.com>
Date: Fri, 6 Oct 2006 13:26:42 -0700
To: Dominik Zalewski <kobazik@gmail.com>
X-Mailer: Apple Mail (2.752.2)
X-Brightmail-Tracker: AAAAAA==
X-Brightmail-scanned: yes
Cc: freebsd-stable <freebsd-stable@freebsd.org>
Subject: Re: Capture all incoming/outgoing email messages
X-BeenThere: freebsd-stable@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Production branch of FreeBSD source code <freebsd-stable.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>, 
	<mailto:freebsd-stable-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-stable>
List-Post: <mailto:freebsd-stable@freebsd.org>
List-Help: <mailto:freebsd-stable-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>,
	<mailto:freebsd-stable-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 06 Oct 2006 20:26:55 -0000

On Oct 6, 2006, at 1:11 PM, Dominik Zalewski wrote:
> I just want to capture all smtp/pop3 traffic in packets level.

OK:

   tcpdump -w /var/log/mailarchive.dump -s 0 port smtp or port pop3

But be aware that you should disclose the existence of this mail  
monitoring to all users, consult your local laws about electronic  
wiretapping, or both.  In some countries or states, doing the above  
without notification and/or the permission of at least one party is  
likely to be against the law...

[ This probably belongs on freebsd-questions@, or in a discussion  
with your lawyer. ]

-- 
-Chuck