1POSTPROOF(1)                   postproof Manual                   POSTPROOF(1)
2
3
4

NAME

6       postproof - collect messages from a Postfix mail queue and preserve
7       them as incident
8

SYNOPSIS

10       postproof [-m <msg>] [-M] [-j] [-z] [-p] [-c <config_dir>] [-s] [-v]
11       [-h] [-o <out_dir>] [-n <recipient>] envelope-sender [ envelope-sender]
12

DESCRIPTION

14       postproof is a tool to retrieve and preserve messages from a postfix
15       mail queue. It was created as a tool to preserve evidence after abuse
16       incidents.
17
18       Given a whitespace separated list of one or more envelope-sender
19       addresses postproof will search a Postfix queue for all messages from
20       these senders. It will move all identified messages into Postfix' HOLD
21       queue.
22
23       It will create an incident directory and start preserving evidence. For
24       each message it will preserve a copy of its raw queue file, containing
25       delivery information and message. Postproof will also store all
26       messages into a maildir style directory for later inspection e.g. by a
27       MUA. Finally it will create checksums of all files and write them to a
28       separate file.
29

OPTIONS

31       -m <msg> (optional)
32           Specifies a message on command line. The message will be written to
33           a file named incident.txt within the incident directory.
34
35       -M (optional)
36           Invoke $EDITOR in order to create a message describing the
37           incident. The message will be written to a file named incident.txt
38           within the incident directory.
39
40       -j (optional)
41           Specifies to archive the incident using bzip2.
42
43       -z (optional)
44           Specifies to archive the incident using gzip.
45
46       -p (optional)
47           Specifies to purge each identified message from Postfix' HOLD queue
48           after it has been preserved.
49
50       -c <config_dir> (default: /etc/postfix)
51           Specifies to use <config_dir> to identify the corresponding Postfix
52           queue. All postproof actions will be acted upon messages in that
53           queue. This option is useful for Postfix multiple instance setups.
54
55       -s (optional)
56           Specifies to store messages grouped by envelope-sender. Postproof
57           will create a subdirectory for each envelope-sender. This option is
58           useful only in combination if multiple envelope-senders have been
59           given to postproof.
60
61       -v (optional)
62           Print verbose output during operation.
63
64       -h (optional)
65           Print a help message including short explanations for command line
66           options.
67
68       -o <out_dir> (optional)
69           Specifies a directory out_dir name to which all incident data
70           should be written. If not specified postproof will create a
71           directory made from a timestamp and a random string e.g.
72           2015-02-02_21:56:19.1422910579.c1m9.
73
74       -n <recipient> (optional)
75           Specifies an envelope-recipient to whom an incident notification
76           should be sent.
77

BUGS

79       Please submit BUGS to https://github.com/sys4/postproof/issues.
80

AUTHOR

82       Jörg Zimmermann <jz@sys4.de> wrote the program. Patrick Ben Koetter
83       <p@sys4.de> wrote this man page.
84

RESOURCES

86       postproofs’s home is at https://github.com/sys4/postproof.
87

COPYING

89       Copyright (C) 2015 sys4 AG. Free use of this software is granted under
90       the terms of the GNU General Public License (GPL).
91
92
93
94postproof 0.1                     03/24/2015                      POSTPROOF(1)
Impressum