Grep -i -I -Z -r -l -f /Users/admin/Desktop/grep-patterns.txt /Volumes/Data/kerio/mailserver/store/mail//user.name/ | xargs -I /Volumes/Data/Email\ Discovery/201707/ The command I came up with to to this is (all on one line) Then, I used this as a list of search terms for grep and passed the filenames that matched to rsync to copy them to another folder, retaining the existing folder structure.Ģ1 GB of results later, someone who isn’t me now has their work cut out for them to go through the emails. The limitation of this is that it’s a raw text search, I’m not doing any Base 64 decoding nor am I decoding any file formats in attachments, so it’s really only searching the headers and body of the email, not any attachments.įirst, I created a text file with a list of the keywords – one per line. I resorted to searching and gathering the raw. It was desirable to retain the folder structure, however the emails were spread across a large number of folders across 3-4 different user accounts. I recently had a client with a huge amount of email stored in Kerio Connect and they needed to perform discovery against some mailboxes with a lot of email in them.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |