Page 1 of 1
Limit intra-scalix email
Posted: Thu Sep 14, 2006 2:35 am
by fapestniegd
I have been asked to restrict certain users from emailing one another inside a single mail node. These users still need to be able to sent and recieve mail, but just not to each other. What is the most effective way to do this? Does setting a service level only give me the ablity to defer or toggle on/off all mail? I can't see a way to set a service level and rule to dissallow sending/receiving mail from a particular domain. I tried using the relay features in sendmail, but those won't work because of the inheritance of subdomains. (I can't allow foo.com and then dissallow sub.foo.com, because foo.com implies sub.foo.com)
Is there a way to set up the following in scalix?
To:foo.com From:sub.foo.com ALLOW
To:sub.foo.com From:foo.com ALLOW
To:sub.foo.com From:sub.foo.com DENY
(the scalix mail node is sub.foo.com and foo.com is off of the node.)
Or do I need to kludge something together like a filter?
Posted: Thu Sep 14, 2006 4:16 am
by Valerion
Mmmm .... this is not something I've tried before, and I don't have time to test it.
What I would try first is to add a rule file in /var/opt/scalix/rules, with a rule like
Code: Select all
SENDER-SERVICE-LEVEL 10 REJECT "You are not allowed to send mail to this user"Then add the rule to the mailnode
Code: Select all
ommodrt -m "mail,node" -d rule-fileThen change the users to Service Level 10
Posted: Sun Sep 17, 2006 5:03 pm
by fapestniegd
That generated the following error
Code: Select all
WARNING - Error encountered processing rule file:
/var/opt/scalix/rules/CSR2CSR
Error on line 10: Unknown token or syntax error
ommodrt : Route successfully modified
and didn't seem to have any effect at all.
Posted: Sun Sep 17, 2006 5:04 pm
by fapestniegd
And will this override the "ALL-ROUTES" Rule?
syntax
Posted: Sun Sep 17, 2006 5:08 pm
by fapestniegd
After seeing in the Admin guide the rules had to be TAG=value pairs I changed it to:
Code: Select all
SENDER-SERVICE-LEVEL=10 ACTION=REJECT NOTIFY="You are not allowed to send mail to this user"
and the syntax error is gone but the user can still send mail to the node.
Re: syntax
Posted: Mon Sep 18, 2006 11:26 am
by Valerion
fapestniegd wrote:And will this override the "ALL-ROUTES" Rule?
Rules are applied to the routes you configured them on. ALL-ROUTES applies to all routes, so both will be accepted.
fapestniegd wrote:After seeing in the Admin guide the rules had to be TAG=value pairs I changed it to:
Code: Select all
SENDER-SERVICE-LEVEL=10 ACTION=REJECT NOTIFY="You are not allowed to send mail to this user"
and the syntax error is gone but the user can still send mail to the node.
Oops - my typo up there. I will have to test this for you, but it may take a while to get around to doing it, as I am fairly busy ATM.