Topic: disable one user@onedomain but not same user@otherdomains?

[piran]

For one user's email account (incoming) I used to be able to do this
in SME6 but I haven't yet found the similar functionality within SME7;~/
Have I missed something somewhere along the way?

[CharlieBrady]

For one user's email account (incoming) I used to be able to do this
in SME6 but I haven't yet found the similar functionality within SME7;~/
Have I missed something somewhere along the way?

You could not do this in SME6 either.

[piran]

You could not do this in SME6 either.

I could. That was why I said as such. There was a matrix available
in the server panel into which ticks could be entered to enable or
disable a particular username for some domains or even all of them.

I will try to at least find something from my old SME6, perhaps my
files archive might have the rpm. From your words I am guessing
that it will turn out to be an rpm and not particularly well known.

[piran]

(from my old archived setup notes)
I 'think' this was the one...

Code: [Select]

Rejecting and Allowing Mail
The following is provided by the dungog-mailblocking rpm
The rpm adds rules that are run when mail first connects to the mail server and is very efficient

dungog-mailblocking is a rewrite/combination of dmc-mitel-mailrules and e-smith-domain_mail_user
prior data from e-smith-domain_mail_user is used
prior data from dmc-mitel-mailrules is not
features
more selective event allows saves on every rule change
message entry is optional for rejects, is not needed for accepts
link to view relevent log file with preset filters
restrict the group email address as well as users
NB. pseudonyms are allowed the same domains as the user who recieves the mail

Install & Usage
rpm -Uvh dungog-mailblocking*.rpm
open the server-manger > configuration > E-mail Blocking

Mail Rules
Set rules to allow or deny mail,
eg reject mail from nominated domains
Allow users to send internally but not externally.
Allow rules have precedence over Reject, so you could set other rules to allow some users to send externally.

Domain Mail
Set the domain that a user or group can recieve mail for.
The default is accept mail for all domains.
If you select a domain or domains for a user then mail to other domains is rejected.

Email - Admin blocking panel

Email - Admin blocking rules panel

Email - Admin blocking domain panel
--------------------------------------------------------------------


rpm -Uvh dungog-mailblocking-1.0-3.noarch.rpm
...but I'm not sure.

[byte]

Moving this topic to the SME 7.x contribs forum, it is more appropriate there. Thanks!

[piran]

Thanks byte but I think this is likely to be a dead end thread;~/
The dungog site no longer shows any mailblocking stuff per se,
Charlie's disowned it and I only have a 2yr ancient rpm that probably
doesn't have a hope in hell of working on the fancy new SME7 core.

Not sure how I am going to stop a specific username being apparently
available for spamming on several of my domains hosted on SME7.
It's an important username on the majority of my domains but on
one particular domain it has been radically spammed out. I would
dearly like to withdraw it from view (ie invalid recipient) as I used
to do in similar circumstances on SME6.

[byte]

Have you had a look to see if Dungog has maybe updated the contrib? or maybe pay someone to develop that contrib for the SME 7

[piran]

The dungog site no longer shows any mailblocking stuff per se...

With the very greatest of respect I'm unlikely to be able to afford his tariffs.

[stephen noble]

The mailblocking contrib as it was won't return, sme7 is too different

for your case it may be possible to approach it in a different way
by specifically blocking the bad address

you would do this by ? now i'm guessing ?
adding a fragment  with the address to
 /var/qmail/control/badrcptto

if this works and the logic can be teased out perhaps the panel could make a return

[piran]

Noted. kruhm has suggested something that looks similar,
I am currently testing this live...
http://forums.contribs.org/index.php?topic=34844.msg151070#msg151070

[postedit] forget that - different issue - just woken up not enough caffeine

[piran]

snoble That was right on target, my thanks;~)
Attempted emails to the single vulnerable user in the one domain
get DENY lines, whereas they succeed to the remainder of my domains.

[windy]

I have also been looking for the old functionality of the mailblocking contrib. Specifically, the ability to limit mail to only the domain you want the particular email address associated with. I realize that it can be accomplished with pseudonyms as mentioned earlier.

It appears that we get that same operation by just deleting the entries in /var/service/qpsmtpd/config/goodrcptto to leave just the entry you want to receive the mail. Of course, during any email-update event this file is overwritten. Maybe someone could add a template similar to the one in the mailblock contrib that rewrote this file with the addresses deselected that you didn't want.

It also seems that in setups with many virtual domains that these other email addresses are also vectors for spam that also have to be dealt with, instead of being rejected early on in the process. If we have fred@domain1.com that we want to get email, then fred@domain2.com, fred@domain3.com, etc. are all getting the same spam, if it makes it through.

[bpivk]

then fred@domain2.com, fred@domain3.com, etc. are all getting the same spam, if it makes it through.

No. They would all get spam if it was the same user account but you can create an alias for the other two domains and fred would get just one spam mail (none if you implement a decent spam filter).

[windy]

They would all get spam if it was the same user account

No.
In the default configuration, without using pseudonyms, there is only one "fred" on the system, there is no "They". But, fred would get spam addressed to fred@domain1, domain2, domain3 etc.

If you look at goodrcptto you will see fred@domain1, fred@domain2 etc. All of those addresses will accept mail. If you remove the addresses from the other domains that shouldn't receive fred mail, you would only have one spam get through instead of as many as you have domains.

And yes, the spam filtering 7.1 is very good and we see very few spam getting through.

[bpivk]

No.
In the default configuration, without using pseudonyms, there is only one "fred" on the system, there is no "They". But, fred would get spam addressed to fred@domain1, domain2, domain3 etc.

Sorry. Was thinking the same thing but got confused somwhere in the middle.  

Well that's what i wanted to tell you.

you can create an alias for the other two domains and fred would get just one spam mail

The rest of my post is ok. You should create a spam inbox and point the other domains to it.