Dave Johnson wrote:
Hi all
Need some help on an installation. I need to set up a qmail server with
the following configuration
It is a two tier server with 20 users. Five users have full email
access ie. external and internal and the balance only have internal
access.
Will vmoduser -r [EMAIL PROTECTED] stop that user from emailing externally.
I don't think so. All it does is set a flag. You will have to find /
make a patch to qmail-smtp to actually do the restriction. I don't know
where to look for such a thing.
If I was in your situation I would probably setup two qmail servers.
One inside the firewall with all the mailboxes and with qmail-smtp setup
on port 24 and 25. This machine handles internal mail, and all pop/imap
accounts.
The firewall must not pass port 25 traffic in either direction.
The other machine is on the outside of the firewall with port 25 setup
so it only accepts incoming mail. Setup port 24 with qmail-smtp setup
using smtp-auth requiring encrypted passwords to send mail. All mail to
your domain(s) is forwarded with smtproutes to port 24 of the inside
machine.
Unprivileged users use port 25 to the inside mail server, which cannot
access any other mail servers on the Internet because of the firewall.
Privileged users send all mail to port 24 of the outside server, using
authenticated logins.
Now how do you stop them from using webmail accounts on port 80 to
bypass this setup and send email anyway? At least it won't be on the
company domain name...