Hi guys,

As managers and directors of the companies are getting more acquainted about the Internet use (and abuse) inside their companies, they want to have more and more control over what employees can and cannot do on the Internet.


Now, the director of one of the companies I give support asked me to set a bunch of e-mail accounts as internal-only, i.e., they can send e-mail internally but cannot send or receive external e-mails.

As I reconized that his need probably will also be desired for a lot of other companies, I think it's worth to discuss here which would be the most appropriate manner to achieve this feature with Qmail and Vpopmail.


THE IDEAL SCENE:

The ideal scene for me would be if vpopmail could provide a means for doing this. To set the internal-only account I'd like to end up going to Qmailadmin, editing the properties of some user account, and just checking the new check-box: "( ) Internal-only account";

I have no idea of how this could be implemented by vpopmail. Can someone out there imagine something?


IDEAS:

Until now, the only thing that occurs to me in order to accomplish this, is to edit (manually) the famous /var/vpopmail/tcp.smtp file and laboriously add a bunch of IP addresses, of each internal-only user, unsetting the RELAYCLIENT variable for each one of them. This would prevent the users from sending e-mails to external domains. But they could receive external e-mails (althouth they would not be able answer the e-mails).

Or, suddenly, I could set the IPs of all internal-only user's machines inside a specified IP range, and I would disable RELAYCLIENT just for this range. I should explain this change to my customer, and they should follow the IP range specification. Still, I would be relying on tcp.smtp file to accomplish this.

Further ideas?


Regards,
-------------------------------------------------
Bruno Negrao - Support Analyst
Engepel Teleinformática. 55-31-34812311
Belo Horizonte, MG, Brazil

Reply via email to