Re: [EXIM] Restricting mail use: local/Internet

Top Page
Delete this message
Reply to this message
Author: Philip Hazel
Date:  
To: Randy Edwards
CC: Exim Users Mailing List
Subject: Re: [EXIM] Restricting mail use: local/Internet
On Sat, 26 Sep 1998, Randy Edwards wrote:

> I'm running Exim as my MTA and I've got a situation where I would like
> to restrict e-mail usage for some users to the local machine, but still
> allow other users to have full internet e-mail capabilities. These
> users are all accessing the Linux box from Win95 machines via Samba.
>
> Ideally, I'd love to do this on a group basis, e.g. members of group
> NOMAIL are restricted to only local machine mail (or vice versa: members
> of group IMAIL can do internet mail). However, perusing the docs I
> can't find anything that seems helpful.


You could use the "condition" option of routers and directors to cause
mail from such users to be handled specially. You would need to create a
special first router that used this to catch mail from certain senders
that is addressed to external addresses and do something with it (pipe
to a script that sends it back? throw it on the floor? whatever).

[Or alternatively, you put a condition to check the IMAIL group on every
router; mail from those outside the group then get "unrouteable mail
domain" errors.]

If your groups are defined in /etc/group you could arrange to look up
the group in that file and then check that the sender was in the group.
This is off the top of my head and probably won't work, but it might
give you the idea

condition = "\
${lookup{groupname}lsearch{/etc/groups}\
{${if match {$value}{[:,]${rxquote:${local_part:$sender}}(,\\\$)}{yes}{no}}}\
no}"


This is checking the local part of the sender; a alternative might be
to check $sender_ident. However, you should really also check that
$sender_host_address is unset, so you check only locally-originated
mail.


-- 
Philip Hazel            University of Cambridge Computing Service,
ph10@???      Cambridge, England. Phone: +44 1223 334714.



--
*** Exim information can be found at http://www.exim.org/ ***