Hi Zimbra Customers, Partners & Friends,
Did you know that Zimbra has a Legal Intercept for Law Enforcement feature? This is used to obtain copies of email messages that are sent, received or saved as drafts from targeted accounts. Intercepted messages are sent to a designated
shadow email address. Legal Intercept can be configured to send the complete content of the message or to send only the header information. When a targeted account sends, receives or saves a draft message, an intercept message is automatically created to forward copies of the messages as attachments to the specified email address.
In this post, we will cover setting the Legal Intercept via the Admin Console and via the command line.
Configuring Legal Intercept via Admin Console
In Zimbra 9 and above you can configure the Legal Intercept feature on accounts via the Admin Console: Accounts→Advanced→Legal Intercept
Once configured, emails received and sent from the account will now also be copied to the Legal Intercept address.
More configuration options and enabling Legal Intercept on a Class of Service (COS) can be done via
zmprov on the command line.
Configuring Legal Intercept via the Command Line Using zmprov
You can use
zmprov to configure Legal Intercept on a Class of Service or for individual accounts. The following attributes are used to configure the feature.
Intercepted messages are sent to this address. When this attributes is empty, legal intercept is off. You can have multiple recipients for an intercepted message.
The default is False. Change to True to have only the message headers sent, not the message body.
Used to construct the From: header content used in the intercept message. The default is Postmaster@<address.com>
The template used to construct the subject line the intercept message should show. The default subject line reads Intercept message for email@example.com [intercepted message subject]
The template used to construct the body of the intercept message. The default message is Intercepted message for firstname.lastname@example.org. Operation=[type of message], folder=[folder], folder ID=[#].
The following parameters can be used in the From, Subject and Body templates to modify the default intercept message.
Domain of the account being intercepted.
Address being intercepted.
Subject of the message being intercepted.
Operation that the user is performing,
Name of the folder to which the message was saved.
ID of the folder to which the message was saved.
Used for formatting multi-line message bodies.
Command line examples:
If enabling by COS, type:
zmprov gac #to list all CoS'es zmprov mc <cosname> zimbraInterceptAddress account@intercept_example.gov
If enabling by account, type:
zmprov gaa #to list all accounts zmprov ma email@example.com zimbraInterceptAddress account@intercept_example.gov
Allowing a domain or delegated administrator to use Legal Intercept
The below blogs describe how you can create a delegated or domain administrator to delegate administrative tasks.
In you want the enable the delegated administrator to configure Legal Intercept from the Admin Console UI you can add the rights via the command line as the user
zimbra as follows:
zmprov grr domain example.com usr firstname.lastname@example.org set.account.zimbraInterceptAddress zmprov grr domain example.com usr email@example.com set.account.zimbraInterceptSendHeadersOnly
delegated-admin with your actual domain and account.
Your Zimbra Team