As managers and directors of the companies are getting more acquainted
about the Internet use (and abuse) inside their companies, they want to
have more and more control over what employees can and cannot do on the
Now, the director of one of the companies I give support asked me to set a
bunch of e-mail accounts as internal-only, i.e., they can send e-mail
internally but cannot send or receive external e-mails.
As I reconized that his need probably will also be desired for a lot of
other companies, I think it's worth to discuss here which would be the most
appropriate manner to achieve this feature with Qmail and Vpopmail.
THE IDEAL SCENE:
The ideal scene for me would be if vpopmail could provide a means for doing
this. To set the internal-only account I'd like to end up going to
Qmailadmin, editing the properties of some user account, and just checking
the new check-box: "( ) Internal-only account";
I have no idea of how this could be implemented by vpopmail. Can someone
out there imagine something?
Until now, the only thing that occurs to me in order to accomplish this, is
to edit (manually) the famous /var/vpopmail/tcp.smtp file and laboriously
add a bunch of IP addresses, of each internal-only user, unsetting the
RELAYCLIENT variable for each one of them. This would prevent the users
from sending e-mails to external domains. But they could receive external
e-mails (althouth they would not be able answer the e-mails).
Or, suddenly, I could set the IPs of all internal-only user's machines
inside a specified IP range, and I would disable RELAYCLIENT just for this
range. I should explain this change to my customer, and they should follow
the IP range specification. Still, I would be relying on tcp.smtp file to
Bruno Negrao - Support Analyst
Engepel Teleinformática. 55-31-34812311
Belo Horizonte, MG, Brazil