Mail interception with IMAP server

Policy configuring

To enable this policy open “Filters -> Policies -> System policies -> Mail grabber” and check the “Policy is enabled” checkbox.


Fill in your IMAP-server parameters.



Only e-mails from the “Inbox” folder are intercepted.

After enabling the policy the incoming e-mails are intercepted and get into the “Mail” event type without the username.


Policy operating can be checked on the server by running the command

staffcop grab --password=XXXXX --today

Configure Exchange server for the interception to work

Create an mail account which will be the source of information.

../_images/imap_policy_4.png ../_images/imap_policy_5.png

The created account must have the following settings:

  • General: Don’t display in the list of addresses.

  • Account functions: Limitations on the message size.

  • Set the maximum message size to be 0 kb.

../_images/imap_policy_6.png ../_images/imap_policy_7.png ../_images/imap_policy_8.png

Configure mail interception rules

../_images/imap_policy_9.png ../_images/imap_policy_13.png

Don’t forget to enable IMAP protocol in the settings of Exchange

../_images/imap_policy_10.png ../_images/imap_policy_11.png

And launch the corresponding services