Koozali.org: home of the SME Server
Obsolete Releases => SME 7.x Contribs => Topic started by: piran on December 09, 2006, 01:52:42 PM
-
For one user's email account (incoming) I used to be able to do this
in SME6 but I haven't yet found the similar functionality within SME7;~/
Have I missed something somewhere along the way?
-
For one user's email account (incoming) I used to be able to do this
in SME6 but I haven't yet found the similar functionality within SME7;~/
Have I missed something somewhere along the way?
You could not do this in SME6 either.
-
You could not do this in SME6 either.
I could. That was why I said as such. There was a matrix available
in the server panel into which ticks could be entered to enable or
disable a particular username for some domains or even all of them.
I will try to at least find something from my old SME6, perhaps my
files archive might have the rpm. From your words I am guessing
that it will turn out to be an rpm and not particularly well known.
-
(from my old archived setup notes)
I 'think' this was the one...Rejecting and Allowing Mail
The following is provided by the dungog-mailblocking rpm
The rpm adds rules that are run when mail first connects to the mail server and is very efficient
dungog-mailblocking is a rewrite/combination of dmc-mitel-mailrules and e-smith-domain_mail_user
prior data from e-smith-domain_mail_user is used
prior data from dmc-mitel-mailrules is not
features
more selective event allows saves on every rule change
message entry is optional for rejects, is not needed for accepts
link to view relevent log file with preset filters
restrict the group email address as well as users
NB. pseudonyms are allowed the same domains as the user who recieves the mail
Install & Usage
rpm -Uvh dungog-mailblocking*.rpm
open the server-manger > configuration > E-mail Blocking
Mail Rules
Set rules to allow or deny mail,
eg reject mail from nominated domains
Allow users to send internally but not externally.
Allow rules have precedence over Reject, so you could set other rules to allow some users to send externally.
Domain Mail
Set the domain that a user or group can recieve mail for.
The default is accept mail for all domains.
If you select a domain or domains for a user then mail to other domains is rejected.
Email - Admin blocking panel
Email - Admin blocking rules panel
Email - Admin blocking domain panel
--------------------------------------------------------------------
rpm -Uvh dungog-mailblocking-1.0-3.noarch.rpm
...but I'm not sure.
-
Moving this topic to the SME 7.x contribs forum, it is more appropriate there. Thanks!
-
Thanks byte but I think this is likely to be a dead end thread;~/
The dungog site no longer shows any mailblocking stuff per se,
Charlie's disowned it and I only have a 2yr ancient rpm that probably
doesn't have a hope in hell of working on the fancy new SME7 core.
Not sure how I am going to stop a specific username being apparently
available for spamming on several of my domains hosted on SME7.
It's an important username on the majority of my domains but on
one particular domain it has been radically spammed out. I would
dearly like to withdraw it from view (ie invalid recipient) as I used
to do in similar circumstances on SME6.
-
Have you had a look to see if Dungog has maybe updated the contrib? or maybe pay someone to develop that contrib for the SME 7
-
The dungog site no longer shows any mailblocking stuff per se...
With the very greatest of respect I'm unlikely to be able to afford his tariffs.
-
The mailblocking contrib as it was won't return, sme7 is too different
for your case it may be possible to approach it in a different way
by specifically blocking the bad address
you would do this by ? now i'm guessing ?
adding a fragment with the address to
/var/qmail/control/badrcptto
if this works and the logic can be teased out perhaps the panel could make a return
-
Noted. kruhm has suggested something that looks similar,
I am currently testing this live...
http://forums.contribs.org/index.php?topic=34844.msg151070#msg151070
[postedit] forget that - different issue - just woken up not enough caffeine
-
snoble That was right on target, my thanks;~)
Attempted emails to the single vulnerable user in the one domain
get DENY lines, whereas they succeed to the remainder of my domains.
-
I have also been looking for the old functionality of the mailblocking contrib. Specifically, the ability to limit mail to only the domain you want the particular email address associated with. I realize that it can be accomplished with pseudonyms as mentioned earlier.
It appears that we get that same operation by just deleting the entries in /var/service/qpsmtpd/config/goodrcptto to leave just the entry you want to receive the mail. Of course, during any email-update event this file is overwritten. Maybe someone could add a template similar to the one in the mailblock contrib that rewrote this file with the addresses deselected that you didn't want.
It also seems that in setups with many virtual domains that these other email addresses are also vectors for spam that also have to be dealt with, instead of being rejected early on in the process. If we have fred@domain1.com that we want to get email, then fred@domain2.com, fred@domain3.com, etc. are all getting the same spam, if it makes it through.
-
then fred@domain2.com, fred@domain3.com, etc. are all getting the same spam, if it makes it through.
No. They would all get spam if it was the same user account but you can create an alias for the other two domains and fred would get just one spam mail (none if you implement a decent spam filter).
-
They would all get spam if it was the same user account
No.
In the default configuration, without using pseudonyms, there is only one "fred" on the system, there is no "They". But, fred would get spam addressed to fred@domain1, domain2, domain3 etc.
If you look at goodrcptto you will see fred@domain1, fred@domain2 etc. All of those addresses will accept mail. If you remove the addresses from the other domains that shouldn't receive fred mail, you would only have one spam get through instead of as many as you have domains.
And yes, the spam filtering 7.1 is very good and we see very few spam getting through.
-
No.
In the default configuration, without using pseudonyms, there is only one "fred" on the system, there is no "They". But, fred would get spam addressed to fred@domain1, domain2, domain3 etc.
Sorry. Was thinking the same thing but got confused somwhere in the middle. :D
Well that's what i wanted to tell you.
you can create an alias for the other two domains and fred would get just one spam mail
The rest of my post is ok. You should create a spam inbox and point the other domains to it.
-
after reading this thread, and searching for a method to automagically do the following:
create a user - ie fred
associate his email with only one valid domains
so that if i have domain1, domain2 and domain3
i can say fred@domain1 only is valid
i have no account that i want to associate with fred@domain2 and fred@domain3
i have come to the conclusion this can't be done (out of box).
is this correct?
so if there are 10 users and 3 domains at the moment if i want to achieve this i would need to have a void user or some such user to send the other mail to, and would need to setup at least 18 aliases to ensure all 10 users are only receiving email for there specific domain.
this thread also mentions /var/service/qpsmtpd/config/goodrcptto, which i will have a look at and post back my findings, does anyone know if this is able to be templated?
-
ok, so have had a look at the /var/service/qpsmtpd/config and yep it can be templated- because it is by default! so changing the original file won't get me anywhere as this will quickly be over written when saving anyone of a number of user or mail settings. the structure of the template system is reading db entries, so guessing changing this to include a check for user associated domain /domains is out of my league.
guess its just lots of aliases to be created... :cry:
any easier suggestions greatly appreciated, and i will update this thread with the nfr information soon.
-
this is just a thought off the top of my head, but can't you just delete the pseudonym for the domains you don't want the user to have access too. :?
-
thanks for the thought girkers, but not a pseudonym as such.
just that the user fred by default gets email for fred@domain1, fred@domain2 and fred@domain3. i want a method to specify the domain /s each user is associated with.
i can make a pseudonym to send fred@domain2 and fred@domain3 to another user. but as mentioned this seems like a lot of pseudonyms to create.
will keep looking and maybe talk to my powers that be about getting some $$ together to entice the gurus. what sort of $$ grease the wheels?