Advanced NetFlow Traffic Analysis - email monitoring Archivestag:blog.tmcnet.com,2012-01-03:/advanced-netflow-traffic-analysis//1642012-03-07T00:43:18ZEmail Monitoring Software: Email Reportingtag:blog.tmcnet.com,2012:/advanced-netflow-traffic-analysis//164.482702012-01-20T13:31:06Z2012-03-07T00:43:18ZEmail monitoring and email reporting is an important proactive responsibility that is not addressed in some companies. Who are the top email senders and receivers. What are the top domains sending or receiving emails? What are the top email subjects...Michael Pattersonhttp://blog.tmcnet.com/advanced-netflow-traffic-analysis/
Why is It Important to monitor email traffic? There are several reasons listed below:
Email Troubleshooting
Was the mail server sending and receiving emails at a specified time and who was receiving them?
Who is sending non-deliverable or bounce back emails and who is the intended recipient?
What expired email addresses are still receiving messages and from whom?
Who is receiving "delayed email" messages from the mail server and how often does this occur?
What mail accounts are used the most or the least?
Email Marketing
When marketing campaigns are emailed out, how many messages have been sent so far?
Who received the email and who did they forward it to?
Report on what social networking sites send the most mail and to whom.
Are select employees/departments constantly sending/receiving emails to certain addresses or domains?
Mail and Network Traffic Details
NetFlow traffic analysis may indicate that the mail server is causing a lot of traffic, but who is sending or receiving all the messages? Mailinizer provides the details.
What sales and support people communicate the most via email and is it work related?
Overall, how many messages are sent and received for a specified time frame?
Routine email monitoring helps ensure better security, business continuity and at the same time improve Exchange organization performance. Routine reports to check include, but are not limited to:
Senders by message and order by count or size
Receivers by message and order by count or size
Domains (sending and receiving) and order by count or size
Conversations (Sender to Receiver) and order by count or size
Conversations with Subject (Sender to Receiver) and order by count or size
Popular Email Subjects and order by count or size
Email Volume and order by count or size
One of the keys to reporting is filtering. Good filtering allows you to narrow in on the data you need to investigate specific issues. Good filtering is crucial when mining email data and reporting on Microsoft Exchange email traffic. A good system empowers email tracking to identify specific account activity or delivery issues.
Mailinizer competitors include Promodag and MailMeter and others. Although I’m not familiar with all of the MailMeter problems or Promodag problems, I can tell you what the short comings are of Mailinizer. It doesn’t have direct access to the actual contents of the email. It is narrowly focused on reporting on where the email came from and where is it going and is limited to the details that Microsoft exports to the event log. The reporting however, is the best I’ve seen and should be part of every server room monitoring solution.
What is interesting about Mailinizer is it’s unique ability to handle large scale Microsoft Exchange email environments through the use of IPFIX technology. What is IPFIX? IPFIX is is used on each mail server to export details about each email received by the mail server. Similar to how NetFlow exports communication details on a router, Mailinizer uses IPFIX to treat email conversations like flows. Check out this Mailinizer video. Whatever email reporting solution you decide on, make sure you are routinely looking at proactive reports. Most solutions will automatically email them to you on a regular basis.