I was hoping someone can help me with issue that I am having for some time now. Basically I want to collect email headers from every mail that come in to the company. The idea behind is that I can track conversation in my SIEM solution, so that i can find out if someone has enter a conversation that was not supposed to. And some other BEC related scams.
The only thing I found was some Queue trn logs that are internal excahnge logs, that are not really helpfull (a lot of noise).
My question is, if there is a way to collect those headers on the server side. Any third party tool/script/logfile, anything.
Will be very greatefull for any information.
Best wishes.