-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 9 Jun 00, at 8:40, OK 2 NET - André Paulsberg wrote:
> I belive that is just what i could NOT do, since only some users
> should be stopped from getting mail from these domains / users.
Yeah, that's how I read the original question, too.
Let me add a few generic comments:
There are three places where you can stop the mail: The first one
is inside qmail-smtpd (it refuses to accept the mail altogether), the
second one is in qmail-queue or its wrapper (after seeing the whole
e-mail, your qmail replies with 5xx (permanent error) code), the
third one is in user's .qmail (qmail accepts the mail, and then
generates a bounce and sends it back).
You can see how the bandwidth demands grow with each model
(with #1, you don't get to see a piece of the message; with #2, you
accept it; with #3, you accept it and send it back).
You may want to stop mail from certain users to certain users for
bandwidth reasons - then #1 is probably your option. Or you may
want to protect your users from seeing what they don't want to (but
you don't need to care about bandwidth).
If you want to block uncoditionally from certain people, #1 (or #2)
are just fine; however, if you want to block according to the whole
pair "sender-receiver", you are in trouble; such a database of all
disallowed "sender-receiver" pair will be too large for any practical
purposes, and would be painful to maintain. (You'd also have to
patch qmail-smtpd, but that part is minor.)
Therefore it seems that your option is to filter the mail in user's
.qmail file. (It generally requires that the user volunteers - unless on
your setup, the user can't control his .qmail files.) The overall idea
is to put
|bouncesaying "I don't want to talk to you" [ -r .badsenders] &&
grep --line-regexp --quiet --ignore-case "$SENDER" .badsenders
(that all one one line) before the normal delivery instruction, ie.
./Maildir/
(The file ~/.badsenders contains addresses of refused senders, one
per line.)
(You may also do a similar line for ~/.badsenderdomains.)
(You may also want to test that the ~/.bad* are owned by the
addressee of the mail and are not group- or world-writable - and
temporarily defer mail otherwise.)
Hope this makes sense.
-----BEGIN PGP SIGNATURE-----
Version: PGP 6.0.2 -- QDPGP 2.60
Comment: http://community.wow.net/grt/qdpgp.html
iQA/AwUBOUCH9FMwP8g7qbw/EQI7QQCgyQFuL3YHUDe5mi5gWmVJ6IhsX2YAnirV
W1+P9Gwp+NSyQ2QxEcU7hLGb
=KxqM
-----END PGP SIGNATURE-----
