[Infrastructures] email to root?

[Christer Bernerus]

We install a mini postfix client on each of our clients to rewrite and 
sent the root mail into a mail list which is read by those of us 
responsible for the infrastucture.
We also modify the GECOS field in /etc/passwd so that the hostname gets 
included in the "from" address.

Finally, we do fix any tendencies of "spamming" from our cron jobs, 
either by fixing any problems promptly, or by filtering the script 
output for any recurring unimportant messages. This is done on a per 
script basis.
We do not filter root mail in the receiving end.

The current result is one daily LogWatch mail from a honeypot machine on 
a 900+ machine installation. Unless something breaks, that is.


Christer Bernerus
Systems infrastructure manager
IT Services
Chalmers University of Technology
Gothenburg / Sweden