WARNING: Monitoring someone’s email may or may not be legal where you and/or your client live and/or work. Please consult a competent attorney before following these instructions to monitor email.
This seems to be a pretty common need… and one I actually use, though for a much more boring and benign reason. For our purposes, though, let’s say your client, Mr. Jones, owns Jones’ Enterprises and has his company email set up on a cPanel box under your control. Mr. Jones approaches you one day and says that he’s suspicious that one of his employees, Jason Badboy, is engaging in unethical practices under the Jones’ business name. He wants to be copied on every incoming and outgoing mail that Jason Badboy is sending from or receiving to his work email account so he can see what’s going on.
Well, as with most things in cPanel or life, there are multiple ways to do this, but let’s do things as simply and inexpensively as possible for now, though, ok?
REQUIREMENTS
cPanel Version 11.28 or higher
SpamAssassin
Exim
TO AUTOMATICALLY COPY EVERY OUTGOING EMAIL
1. SSH in and log in as root to the server
2. Now you’ll create a copy of Exim’s system-wide filter file so that cPanel can’t overwrite the changes you’re about to make:
cp /etc/cpanel_exim_system_filter /etc/cpanel_exim_system_filter_custom
3. Now, we need to edit the file we just made. I use nano, but you can use vi or whatever text editor you like:
nano /etc/cpanel_exim_system_filter_custom
4. Now we’re going to add the rules that will do the dirty work. Basically, the logic goes like this: “IF this is the first time the system is processing this email AND it is an email being sent FROM Jason Badboy, THEN place a copy of the email as a new message in MR. JONE’S inbox.” To add these rules, go to the very bottom of the file you just opened in Step 3 and add the following at the very end (substitute the correct information for my example info in red):
if first_delivery
and (“$h_from:” contains “jasonbadboy@jonesenterprise.com“)
and not (“$h_X-Spam-Checker-Version:” begins “SpamAssassin”)
then
unseen deliver “mrjones@jonesenterprise.com“
endif
(Note: confused about the “SpamAssassin” part? That’s in there because email in the cPanel setup is actually “processed” twice– once with and once without SpamAssassin. If we didn’t filter this out, Mr. Jones would get two copies of each email Jason sent.)
5. Save and exit the file you just edited. You can log out of your SSH session now, too, if you want.
6. Now, because we created a custom Exim filter file, we need to tell cPanel to start using that file instead of the default one. LOG IN to WHM as ROOT.
7. In WHM, navigate to Service Configuration >> Exim Configuration Editor, then click on the Filters tab.
8. In the “System Filter File” setting, click the radio button next to the text box so you can enter your own setting instead of accepting the default. In the box, type the following:
/etc/cpanel_exim_system_filter_custom
9. Now for the hard part: scroll down to the bottom of the page and click “Save“. cPanel will save and automatically restart Exim. Congratulations, you’re done with OUTGOING email for this task! Now, on to Incoming mail…
TO AUTOMATICALLY COPY EVERY INCOMING EMAIL
1. Support for this part of the task is actually already built-in to cPanel. It’s called a Forwarder and it exists in your clients’ cPanel already. To set it up, first LOG IN TO WHM AS ROOT, then go to Account Information >> List Accounts.
2. Find the domain you need to work with, click the cPanel Icon next to the domain name and you’ll be transferred into the user’s cPanel. Under the “Mail” heading, click “Forwarders“, then click “Add Forwarder” on the next page.
3. Fill in the user to be monitored on the first blank (jasonbadboy@jonesenterprises.com) and fill in the user who will do the monitoring on the second blank (mrjones@jonesenterprises.com). Click “Add Forwarder” and you’ll be done!
You’ve now set up both INCOMING and OUTGOING mail monitoring as your client desired.
I hope this post helped you out. I’d love to hear your comments below; if you have any suggestions for new tips or tricks, post those in the comment section as well!
I wasn’t able to get this working…I ended up using the tutorial below which is a little like yours but with the part in /etc/exim.conf that is required for this to work properly:
http://www.thecpaneladmin.com/copy-outgoing-email-on-a-cpanel-server-with-exim/
Hmmm, I just checked my /etc/exim.conf and the parts you reference in the other post are not there, yet my filter works just fine.
Maybe something in our system configurations are different? If anyone else here has tried these instructions and they also failed, let me know so I can research the difference.
Is there a way to get a copy of the outgoing mail without SSH?
Using only the default Cpanel X to do it? My Cpanel version is 11.30.3.
I am facing the same situation as the story you mentioned.
Unfortunately, you must be the administrator of the server in question and you must have SSH access and be able to log in as the “root” user in order to do this. There is no way under a shared hosting cPanel to set this up right now. I feel your pain; back when I was a shared hosting customer myself, I was upset to learn that this seemingly easy request was not built into the cPanel system.
Well, I had to buy a vps to do this.
But here is the thing, when I login as root using SSH, there is no “/etc/” folder.
Any guess on that?
Oh yea, I found it. Had to go back a folder.
I’ll try this to see if it works.
Working. Thanks a lot
This was great. A nice simple explanation and sample. I implemented right away as I wanted all faxes that staff sent out to our internet fax supplier to be dropped into a central public shared folder. This – and a bit of procmail – worked a charm.
Thanks.
Pingback: Saving away outgoing emails in Exim | SMR Freelancing