Monitoring of Internal Emails within an Organisation
More than 70% of email traffic is internal email that is internal users sending email to other internal users. Securing and monitoring of emails should be enforced similar to the reasons you would secure inbound and outbound emails. The following details some of the reasons you need to to ensure emails have been safeguarded:
- Spreading of viruses and other threats
- Hate mail, sexual harassment, abuse, bullying, and inappropriate emails exchanged between employees
- Illegal activities between employees
- Spreading of confidential data - HR records, etc.
You should be filtering internal email for malicious threats, and for monitoring and auditing purposes such as legal requirements.
To monitor internal email some anti-spam security vendors provide a plug in as an add on to their anti-spam email gateway security solutions. For example with Clearswift's MIMEsweeper software, you can purchase a plugin and install this on the Exchange server. The plugin will capture any internal email transferred from one mailbox to another mailbox on the Exchange server. The plugin will be able to capture emails and redirect emails to the anti-spam security solution for scanning.
Without a plugin, at least in the case for Clearswift, this cannot be done because internal email is transferred from one mailbox to another. This is all done within the Exchange server, and why email never hits the anti-spam security gateway. The anti-spam firewall tends to sit on the perimeter to scan inbound and outbound email.
Further Reading
Wikipedia's guide to Email