Koozali.org: home of the SME Server
Obsolete Releases => SME Server 8.x => Topic started by: cb-wizard on January 05, 2014, 07:25:46 PM
-
Hi,
Client requires internal email only for most users, selected few to send and receive external email.
Is this possible and how do we configure it?
Thanks
cb-wizard
-
I fear that it is not possible, when you create an account, automatically you have an email, a samba, a ftp account....all allowed to send and receive external emails
However if you turn your server to a "private server and gateway" mode you can have your emails only on the local network....ether external or internal, sorry not both
I know that there is a NFR raised to allow the sysadmin to decide if the user can have a emailbox : http://bugs.contribs.org/show_bug.cgi?id=4374
I understand that it could be useful but no options in the server-manager
-
According to DB_Variables_Configuration#Miscellaneous_Other_DB_Variables (http://wiki.contribs.org/DB_Variables_Configuration#Miscellaneous_Other_DB_Variables) and Email#Disable_mail_to_a_user_from_an_external_network (http://wiki.contribs.org/Email#Disable_mail_to_a_user_from_an_external_network) you can control this behavior using the 'Visible' property:
db accounts setprop username Visible internal ; signal-event email-update
- Make an email address invisible from outside? (see http://forums.contribs.org/index.php?topic=36302.0)
db accounts setprop pseudonym Visible internal ; signal-event email-update
- Make an pseudonym email address invisible from outside
And here's a command to set 'Visible=internal for all of your users:
db accounts show | awk -F "=" '/\=user/ {print $1}' |while read USER; do db accounts setprop $USER Visible internal; done
However, this seems to only affect /var/qmail/control/badrcptto - denying external delivery to your users but allowing outbound emails:
http://forums.contribs.org/index.php?topic=40449.5
There may be a way to get the behavior you're looking for using the 'check_badmailfromto' plugin:
http://wiki.contribs.org/SME_Server:Documentation:Technical_Manual:Booklet#How_to_block_email_from_one_address_to_another_address_with_check_badmailfromto_plugin
-
Good shot mmccarn, i have written your comment in the wiki, i can learn everyday with you guys
http://wiki.contribs.org/Email#Disable_mail_to_a_user_from_an_external_network
I'm still thinking that we could provide a nfr about this, the behaviour to allow or not an account to get mails.
-
cb-wizard, stephdl et al
I'm still thinking that we could provide a nfr about this, the behaviour to allow or not an account to get mails.
There is another way to control user accounts to prevent them from sending any emails.
If you put a users email address in
/var/qmail/control/badmailfrom
This will stop them sending email messages (both locally & externally).
The E-mail WBL panel supports this in the Black List section, in the qmail badmailfrom field.
Obviously intended to block external users from sending spam etc, but it will also block internal users.
Note this only reads the senders email address, so if they spoof their address (change it to something else in the email client that is acceptable to sme server) then they will still be able to send emails. Most users would not know that.
Use this in combination with setting the Visible internal property for that user & I believe that will stop them sending or receiving email messages, both locally & externally.
Unfortunately there is no simple answer (that I know of) to the original question of "allow internal only email for some users & internal & external for other users". I think that may require Postfix or similar.
Actually there may be some ways to achieve what is desired (ie internal mail only & no external), but you will need to experiment & test a bit etc.
See this thread
http://forums.contribs.org/index.php?topic=40449.5
& read it all particularly the last few posts, Charlie has some good pointers what to try.