Controlling mail relay with ACL

[JacobLeaver]

Hello, I'm a complete noob to scalix, but when I evaluated affordable exchange alternatives for a small company I consult for, it seemed like a good fit.

The company wants to have to classes of users, staff at HQ that have "real" internet email, and a class for clerks and such, that can only send within scalix.

I figured nodes and ACL restrictions on services would work, but if I lock down the unix service to a single node, it seems to interrupt inter-node communication (one way only). I then tried setting ACL restrictions on the sendmail service, but that didn't seem to limit anything.

There's probably a really, really simple way to do what I want that I've overlooked in the docs, but I sure could use a hand!

Jacob

[Valerion]

I did something similar at one of my clients. Firstly, for incoming mail I made the mail address hard to guess (invalid_address_1@domain jumps to mind). Since the user cannot send out, no-one will no his address, and internal people just get his X.400 address.

Then I wrote a routing rule file that triggers on SENDER_SERVICE_LEVEL that just bounces the mail if a user matches a certain SL (eg. 10) and attached it to the UNIX route. Any user I set to DL 10 will be unable to send mail outwards.

[JacobLeaver]

Thanks for the suggestion. I have to admit, I did see service level, and I have tested using the service level in a filter to prevent sending mail. However, service level is per-user, and there doesn't seem to be a gui way to set it. The folks I am dealing with need to be able to setup thier own mail accounts, definitely without console access. I guess I could write some sort of script, if that's really the only way to prevent outbound email.

Jacob