Chapter 9: Content Control, Monitoring, and Filtering

Overview

If everything seems under control, you’re just not going fast enough.

—– Mario Andretti

Many administrators want some way to control and monitor the content of e-mail flowing through their servers; others don’t want it, but have a requirement for content monitoring and control thrust on them. Although most messaging users (me included) hate the idea of some administrator or program rooting through their mail, the sad fact is that such rooting is sometimes necessary or even desirable. Being able to scan, monitor, and control the content of messages—not just their routing—can help uncover, or even prevent, corporate espionage; misappropriation of time, equipment, or money; sexual harassment; and a variety of other misdeeds. These tools can be used proactively or reactively, depending on the legal, political, and technical environment. In this chapter, I explain how you can perform several common tasks that fall into this category:

• Adding disclaimers or other boilerplate text to outbound Simple Mail Transfer Protocol (SMTP) mail

• Scanning the information store for messages you specify

• Using message tracking to follow the flow of messages through your system

• Using message journaling to capture copies of messages sent by or to mailboxes in specified mailbox stores

• Filtering inbound or outbound content to screen, block, or copy mail that meets specified criteria

Most of these tasks can be accomplished with Microsoft Exchange’s built-in tools; some, like inbound and outbound content filtering, require third-party utilities. I don’t discuss any particular tool in great depth, but I do describe how they work and what to look for when evaluating a solution.