Topic: Blocking certain users

[Billy]

I need to block certain SME users from being able to send external email. They should only be able to send and receive mail from users on the internal network.

Is this possible?

[Byte]

You could use IPTABLES

[Charlie Brady]

Byte wrote:

> You could use IPTABLES

No you couldn't. That would block all mail, not mail based on recipient address.

Selectively blocking relaying for particular local IP addresses would be possible using a custom template for /etc/tcprules/tcp.smtp. Forcing a particular workstation to have a fixed IP address can be done via the hosts table.

Charlie

[Byte]

not even adding something like this


    $OUT .= "    /sbin/iptables --append Forward$AllowLocals " .
"-s ! 192.168.1.78 -d 0/0 -p tcp --dport
25 -j denylog\n";

I know its alot to do if you have alot of users but they might not

[Alejandro Lengua]

Charlie, do you have any sample or url that could point to us?

I plan to have some users email accounts restricted to the local domain,
however in my case SME will be only an email server and another computer (another Linux distro also) will be the firewall.