thane wrote: > Hello all, > I am setting up a server that will mostly be used by people logging on via > ssh and performing tasks on the local machine. I would like to restrict > certain users to only sending email to other users on the same host. > > How would I most easily accomplish this?
Best is to not *have* shell accounts, other than, say 3 admin folks. Anyone who can su to 'root' can undo whatever you have done. Even 'ordinary' shell-account holders can usually drop their own smtp code into place. Essentially all of the interpreted languages have several available. and - at the end of the day, anyone who needs to do so can telnet to a distant server and manually send a message. It isn't hard to do. OTOH, if it is only 'accident's' you wish to reduce: Remove, change perms, or repoint calls to the applicable MTA binaries. Use 'wall' or a local-only message handling service instead of a full-blown MTA. 'Gross case' could be an instance of (for example) Exim that they *could* call, but one whose user DB included only the accounts in question, was not bound to an external port, had only the system/local router & transport (no remote smtp). Simple case would be to use an editor to create a message, save it to common storage, grant the addressee read privileges. > Would this be better performed by > forcing some settings on the email client (mutt)? > Beetle-tracking. Far less likely to be able to retain control of those than an MTA/substitute, and neither approach is bullet-proof. Anyone with the means to ssh-in to the server also has, by implication, the hardware to support either webmail (borrowed gear) or his own workstation-resident MUA-of-choice. Ergo, we don't use system accounts for mail at all - even between and among themselves. Instead, we put what we need into the virtual user DB like anyone else, and/or use unrelated mail services entirely. HTH, Bill -- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
