Gordon Messmer wrote: > On 11/08/2009 07:24 AM, Alessandro Vesely wrote: >> On 11/06/2009 02:50 AM, Alexander Erameh wrote: >>>> Is there a way to restrict some local users to sending local Mails >>>> only? That is they cannot send external Mails. >>>> >> Besides implementation concerns, how practical would it be to use >> SMTP AUTH for delivering? For example, rather than SPF-whitelist a >> number of forwarders, it is possible to give them userid/pass with a >> very restrictive policy, for better control. Has anybody tried? > > Network users, including those in "local" networks, can easily be > controlled with AUTH. Just remove the RELAYCLIENT setting from > /etc/courier/smtpaccess/default and "makesmtpaccess". Thereafter, only > clients who have a username and password which the server can > authenticate will be able to relay.
That still stalls at RELAYCLIENT being a yes/no value. Tying it to a policy might result in some additional features; I can recap three: * restrict some local users, as in Alexander's quote above; * whitelist forwarders, as in my quote above; and * protect internal addresses: For example, as an alternative to Courier's outbox, a user may configure her client to store sent mail by adding a bcc:[email protected]. Then the problem is to enforce the policy so that only [email protected] can send mail to her Sent folder. More use cases may come to mind, e.g. guard children's mailboxes, limit a vip's direct reachability, et cetera. Fancy that? ------------------------------------------------------------------------------ Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what's new with Crystal Reports now. http://p.sf.net/sfu/bobj-july _______________________________________________ courier-users mailing list [email protected] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
