How would I limit all users from attaching files over a certain size?
Is there more documentation about how to configure the server other than the administration guide?
Thank you.
Limit attachment size
Moderators: ScalixSupport, admin
-
ScalixSupport
- Scalix
- Posts: 5503
- Joined: Thu Mar 25, 2004 8:15 pm
Here is something that might help you.
Regards,
Matthew
Support
---------------------------
Setting up Internet Mail Restrictions
Goal
Quite often, a company wants to control which users can send and receive messages from the Internet and, as well, control the size of permissible inbound and outbound internet messages. Since all message at some point route through the service router, the means to accomplish this will occur by implementing filtering rules that are applied to the service router.
Background
Each Scalix mailbox, when created, contains a service level number (default is 0) which can be revealed with the omshowu command:
[root@moby root]# omshowu -n "Frank Thompson"
Authentication ID: u108@moby.scalix.field
User Name : Frank Thompson /CN=Frank Thompson
MailNode : moby
Internet Address : "Frank Thompson" <fthompson@moby.scalix.field>
System Login : 64540
Password : unset
External authentication only: NO
Admin Capabilities : NO
Mailbox Admin Capabilities : NO
Language : C
Virtual Vault : Enabled (default)
Mail Account: Unlocked
Last Signon : Never.
Receipt of mail : ENABLED
Service level : 0
Excluded from Tidying : NO
Restricting Inbound Internet Mail
Create a ruleset file in the /var/opt/scalix/rules directory. For this example we will name the file “noinetrcv” – the contents of which are as follows.
RECIPIENT-SERVICE-LEVEL=14 ORIGINATOR="*/Internet" ACTION=REJECT
SIZE=5000 ACTION=REJECT NDN-INFO="Message too large"
The logic from the first line: if the message came from the Internet, and it’s destination recipient within Scalix has a service level of 13, then reject the message. The logic of the second line: if a message arrives that is over 5000 Kbytes, it will be rejected and non-delivery notification stating “Message too large” is sent to the originator. This ruleset file then needs to be applied to the local mailnode(s) to be enabled.
# ommodrt –m mailnode –d noinetrcv
By default all users will have a service level value of 0, so to apply this rule to specific users you simply need to change their service level value to 14.
# ommodu –o “Al Alpha” –s 14
Restricting Outbound Internet Mail – MAPI users
Create a ruleset file in the /var/opt/scalix/rules directory. For this example we will name the file “noinetsnd” – the contents of which are as follows.
SENDER-SERVICE-LEVEL=13 ACTION=REJECT
SIZE=5000 ACTION=REJECT NDN-INFO="Message too large"
The logic from the first line: if the sender had a service level of 13, reject the message (block sending). The logic from the second line: if the message is sent is 5000K bytes or more, reject the message and send a non-delivery notification stating “Message too large” to the originator. This ruleset file should be applied to the Internet route.
# ommodrt –m internet –d noinetsnd
Note – you could apply the ruleset file to the “internet,tnef” or any other route using the ommodrt command.
Similarly, you need to implicitly set the users to this service level in order to have the rule applied when they attempt to send to the Internet.
# ommodu –o “Bob Beta” –s 13
Lastly, you must restart the service router in order for all these changes to be invoked.
# omoff -d 0 sr
# omon sr
[/img]
Regards,
Matthew
Support
---------------------------
Setting up Internet Mail Restrictions
Goal
Quite often, a company wants to control which users can send and receive messages from the Internet and, as well, control the size of permissible inbound and outbound internet messages. Since all message at some point route through the service router, the means to accomplish this will occur by implementing filtering rules that are applied to the service router.
Background
Each Scalix mailbox, when created, contains a service level number (default is 0) which can be revealed with the omshowu command:
[root@moby root]# omshowu -n "Frank Thompson"
Authentication ID: u108@moby.scalix.field
User Name : Frank Thompson /CN=Frank Thompson
MailNode : moby
Internet Address : "Frank Thompson" <fthompson@moby.scalix.field>
System Login : 64540
Password : unset
External authentication only: NO
Admin Capabilities : NO
Mailbox Admin Capabilities : NO
Language : C
Virtual Vault : Enabled (default)
Mail Account: Unlocked
Last Signon : Never.
Receipt of mail : ENABLED
Service level : 0
Excluded from Tidying : NO
Restricting Inbound Internet Mail
Create a ruleset file in the /var/opt/scalix/rules directory. For this example we will name the file “noinetrcv” – the contents of which are as follows.
RECIPIENT-SERVICE-LEVEL=14 ORIGINATOR="*/Internet" ACTION=REJECT
SIZE=5000 ACTION=REJECT NDN-INFO="Message too large"
The logic from the first line: if the message came from the Internet, and it’s destination recipient within Scalix has a service level of 13, then reject the message. The logic of the second line: if a message arrives that is over 5000 Kbytes, it will be rejected and non-delivery notification stating “Message too large” is sent to the originator. This ruleset file then needs to be applied to the local mailnode(s) to be enabled.
# ommodrt –m mailnode –d noinetrcv
By default all users will have a service level value of 0, so to apply this rule to specific users you simply need to change their service level value to 14.
# ommodu –o “Al Alpha” –s 14
Restricting Outbound Internet Mail – MAPI users
Create a ruleset file in the /var/opt/scalix/rules directory. For this example we will name the file “noinetsnd” – the contents of which are as follows.
SENDER-SERVICE-LEVEL=13 ACTION=REJECT
SIZE=5000 ACTION=REJECT NDN-INFO="Message too large"
The logic from the first line: if the sender had a service level of 13, reject the message (block sending). The logic from the second line: if the message is sent is 5000K bytes or more, reject the message and send a non-delivery notification stating “Message too large” to the originator. This ruleset file should be applied to the Internet route.
# ommodrt –m internet –d noinetsnd
Note – you could apply the ruleset file to the “internet,tnef” or any other route using the ommodrt command.
Similarly, you need to implicitly set the users to this service level in order to have the rule applied when they attempt to send to the Internet.
# ommodu –o “Bob Beta” –s 13
Lastly, you must restart the service router in order for all these changes to be invoked.
# omoff -d 0 sr
# omon sr
[/img]
-
kbartal
-
ScalixSupport
- Scalix
- Posts: 5503
- Joined: Thu Mar 25, 2004 8:15 pm
How does...
RECIPIENT-SERVICE-LEVEL=14 ORIGINATOR="*/Internet" ACTION=REJECT
SIZE=5000 ACTION=REJECT NDN-INFO="Message too large"
and.....
SENDER-SERVICE-LEVEL=13 ACTION=REJECT
SIZE=5000 ACTION=REJECT NDN-INFO="Message too large"
appear in their respective files? It should be on one contiguous line (not on two seperate lines...)
Try that and let me know.
Regards,
Matthew
Support
RECIPIENT-SERVICE-LEVEL=14 ORIGINATOR="*/Internet" ACTION=REJECT
SIZE=5000 ACTION=REJECT NDN-INFO="Message too large"
and.....
SENDER-SERVICE-LEVEL=13 ACTION=REJECT
SIZE=5000 ACTION=REJECT NDN-INFO="Message too large"
appear in their respective files? It should be on one contiguous line (not on two seperate lines...)
Try that and let me know.
Regards,
Matthew
Support
-
ScalixSupport
- Scalix
- Posts: 5503
- Joined: Thu Mar 25, 2004 8:15 pm
Also, in:
RECIPIENT-SERVICE-LEVEL=14 ORIGINATOR="*/Internet" ACTION=REJECT
SIZE=5000 ACTION=REJECT NDN-INFO="Message too large"
Delete the second ACTION=REJECT
Same for the following entry:
SENDER-SERVICE-LEVEL=13 ACTION=REJECT
SIZE=5000 ACTION=REJECT NDN-INFO="Message too large"
Regards,
Matthew
Scalix Support
RECIPIENT-SERVICE-LEVEL=14 ORIGINATOR="*/Internet" ACTION=REJECT
SIZE=5000 ACTION=REJECT NDN-INFO="Message too large"
Delete the second ACTION=REJECT
Same for the following entry:
SENDER-SERVICE-LEVEL=13 ACTION=REJECT
SIZE=5000 ACTION=REJECT NDN-INFO="Message too large"
Regards,
Matthew
Scalix Support
-
kool_kid
- Posts: 179
- Joined: Wed Dec 05, 2007 7:27 am
ScalixSupport wrote:Also, in:
RECIPIENT-SERVICE-LEVEL=14 ORIGINATOR="*/Internet" ACTION=REJECT
SIZE=5000 ACTION=REJECT NDN-INFO="Message too large"
Delete the second ACTION=REJECT
Same for the following entry:
SENDER-SERVICE-LEVEL=13 ACTION=REJECT
SIZE=5000 ACTION=REJECT NDN-INFO="Message too large"
Regards,
Matthew
Scalix Support
If I want to deny sending mails to all the domains except one(say blahblah.com), what changes do I need to make in those rules. Anyone?
-
ltward
- Posts: 309
- Joined: Tue Jan 15, 2008 1:54 pm
- Contact:
Re: Re:
simsh wrote:is anyone have idea of doing this?
i will like to limit the user to receive mail from certain domain only.
Look in the Administration Guide at
http://www.scalix.com/documents/Scalix_Administration_Guide_11.3.r3.pdf
There is a section about Service Router rules.
You would want to give the recipient a service-level with ommodent
ommodent -e s=smith/g=tom -n 445=13
Then create a service router rule where originator is anyone from the domain in question, and recipient-level=13.
Associate the rule with the mailnode the user is on.
Stop/start the service router.
http://www.digital-adrenaline.com
403-616-7677
403-616-7677
Who is online
Users browsing this forum: No registered users and 7 guests