On 2013-08-07, Marcin Gryszkalis <[email protected]> wrote: > Hi > I wonder if it's possible to disconnect all active sessions for given > authenticated user. > > It would be used to close sessions used by accounts stolen by spammers.After > detecting unusual rate of mails from one account I lock it in database, freeze > all suspiciousmails in queue, send alert to postmasterand close all imap/pop3 > sessions (with `doveadm kick user@`) - I'd like to close all SMTP sessions as > well (and do it quick!) but I don't know how to find them. Unfortunately > process_info log (like viewed by exiwhat) doesn't include authentication info. [...] > Can you advise different/better approach?
Does it matter if they can connect if having connected they can't submit any mail? can you add a conditon in the PREDATA, MAIL and/or RCPT acls that checks for a flag-file ( eg: /home/$auth_user/.allowed-to-send ) how does dovecot indicate a user has been banned, exim can probably check for that condition before accepting the email. -- ⚂⚃ 100% natural -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
