Dave Johnson wrote:
Hi all
Need some help on an installation. I need to set up a qmail server with the following configuration
It is a "two tier" server with 20 users. Five users have full email access ie. external and internal and the balance only have internal access.
Will vmoduser -r [EMAIL PROTECTED] stop that user from emailing externally.
I don't think so. All it does is set a flag. You will have to find / make a patch to qmail-smtp to actually do the restriction. I don't know where to look for such a thing.
If I was in your situation I would probably setup two qmail servers.
One inside the firewall with all the mailboxes and with qmail-smtp setup on port 24 and 25. This machine handles internal mail, and all pop/imap accounts.
The firewall must not pass port 25 traffic in either direction.
The other machine is on the outside of the firewall with port 25 setup so it only accepts incoming mail. Setup port 24 with qmail-smtp setup using smtp-auth requiring encrypted passwords to send mail. All mail to your domain(s) is forwarded with smtproutes to port 24 of the inside machine.
Unprivileged users use port 25 to the inside mail server, which cannot access any other mail servers on the Internet because of the firewall.
Privileged users send all mail to port 24 of the outside server, using authenticated logins.
Now how do you stop them from using webmail accounts on port 80 to bypass this setup and send email anyway? At least it won't be on the company domain name...
