Mail Logs

Overview

Evidence: Mail Logs Description: Collect Mail Logs Category: System Platform: linux Short Name: maill Is Parsed: No Sent to Investigation Hub: No Collect File(s): Yes

Background

Linux mail logs record email server activities including message delivery, SMTP transactions, mail relay operations, and email-related errors from services like Postfix, Sendmail, or Exim.

Data Collected

This collector gathers structured data about mail logs.

Collection Method

This collector gathers mail log files from /var/log/mail*, including rotated archives, which contain email server operational logs.

Forensic Value

Mail logs are essential for investigating email-based attacks, spam campaigns, phishing attempts, email exfiltration, and mail server compromise. They provide evidence of email communications and server abuse.

PreviousLogged Users NextMemory Map

Last updated 3 days ago

Was this helpful?