Help to comply with EU2023/1543 and EU2023/1544

Hi,

I received a letter from the ministry of justice that I have to comply with EU2023/1543 and EU2023/1544.
These 2 regulations, as I understand, make it mandatory for me to safe traffic information of my users.
That would mean I have to register all mailing information which they do through my server.

I looked into RSpamd for this, since that has all information I need, but it is only limited to 2/3 days (The history tab), and I am afraid to increase the retention from 2000 rows to 180000 rows to have the 6 months retention I need in minimum. is there a solution in which I can logship the RSPAMd logging to an offsite system where i can store this for a longer time?

 

I have to learn to ask AI.. I am going for option 1 and try that.

 

haven't read the regulations, and not going to... but it sounds similar to the regulation of investigatory powers act in the uk.

here data retention is only required if you receive a specific notice.. (but they'll probably want info from before they issued the notice)
you need to keep the data for 12 months.
you don't need to keep the content just the details on the sender & recipient, and the date & time.

unless these 2 regs are significantly different to that, easiest method to me seems to be to configure the logrotate settings for postfix.
i just create a directory mail-history in /var/log and configure logrotate to compress and move the daily logs in there and keep them for 366 days to cover leap years)

/etc/logrotate.d/postfix:

Code:

/var/log/mail.info
/var/log/mail.warn
/var/log/mail.err
/var/log/mail.log
{
       daily
       dateext
       dateyesterday
       rotate 366
       delaycompress
       sharedscripts
       compress
       missingok
       notifempty
       olddir mail-history
       postrotate
               /usr/lib/rsyslog/rsyslog-rotate
       endscript

}