Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1444
Views
0
Helpful
7
Replies

Delete mail message information from logs according MID

igor.karasik
Level 1
Level 1

‎02-25-2009 06:16 PM

Hi,
I am interesting if any way exists to delete specific message (according MID) from IronPort mail logs .
The problem: VIP user send mail message with very sensitive information (in message subject) and we want to delete this specific message from any IronPort logs, because our HelpDesk have access to message tracking and we really don't want that HelpDesk can see subject (even accidentally)

Thanks.

Labels:
0 Helpful
7 Replies 7

kyerramr
Level 1
Level 1

‎02-26-2009 03:46 AM

This can be achieved by connecting to the appliance interface through ftp and verify the log file containing this MID and delete this file from the box.

0 Helpful

igor.karasik
Level 1
Level 1

‎02-26-2009 04:12 AM

Do you mean mail_logs folder ?

Do message tracking take information from this folder ?

Thanks

0 Helpful

Donald Nash
Level 3
Level 3

‎02-26-2009 04:12 PM

I'm going to point out the obvious here and say that if the information is sensitive then it shouldn't be in the subject line. It should be in the message body only, and the message body encrypted. Trying to delete evidence after the fact is a losing battle. You have to delete the entire log file, and thus lose all the other valuable logging information as well. And I'm fairly certain that this does not remove it from the message tracking database.

0 Helpful

igor.karasik
Level 1
Level 1

‎02-27-2009 01:15 PM 

I'm going to point out the obvious here and say that if the information is sensitive then it shouldn't be in the subject line. .


Yes, I know.

But sometimes VIP persons don't think twice before sending sensitive information in mail subject :-(

Anyway, I deleted entire log file from mail_logs and now message tracking doesn't find this message.

0 Helpful

Donald Nash
Level 3
Level 3

‎02-27-2009 04:21 PM 

But sometimes VIP persons don't think twice before sending sensitive information in mail subject

Ah, so this was an actual problem that needed remediating, rather than a hypothetical situation.

You know, VIPs get away stuff that would get peons like us in trouble. Too bad they can't be held to the same standard of accountability.

Anyway, I deleted entire log file from mail_logs  and now message tracking doesn't find this message.

That surprises me, but I'm glad it worked for you.

0 Helpful

kyerramr
Level 1
Level 1

‎03-10-2009 01:24 AM

Also, another way to do this is delete the tracking db.

Note: This would delete all the tracking info.

xxxxxx> diagnostic


Choose the operation you want to perform:
- RAID - Disk Verify Utility.
- DISK_USAGE - Check Disk Usage.
- NETWORK - Network Utilities.
- REPORTING - Reporting Utilities.
- TRACKING - Tracking Utilities.
[]> tracking


Choose the operation you want to perform:
- DELETEDB - Reinitialize the tracking database.
- DEBUG - Gather debug information.
[]> deletedb

0 Helpful

igor.karasik
Level 1
Level 1

‎03-10-2009 07:37 AM

Thanks 1

0 Helpful
Customers Also Viewed These Support Documents