Author: JupiterHost.Net Date: To: Stephen Gran CC: exim-users Subject: Re: [Exim] disabling a system user
Stephen Gran wrote:
> On Wed, Jul 28, 2004 at 06:49:30PM -0500, JupiterHost.Net said:
>
>>Howdy group,
>>
>>I know this is simple but I just can't seem to find it.
>>
>>What do I add to the configuration file if I want to make it so a system
>>user (IE exists in /etc/passwd) can not send mail at all period whether
>>its through a script or a direct SMTP session even if it authenticated
>>via SMTP.
>>
>>IE if I gave you the user, pass and hostname you could not use that info
>>to send mail.
>
>
> If you just want to prevent relaying, don't advertise authentication and
> remove any accept directives that hinge on 'authenticated = *' in your
> acl's. Then if you want to prevent local users from mailing outside of
> your domain, turn of 'accept hosts = :' in your acl's. The machine will
> still receive mail for local accounts, but won't send out to anywhere
There is a single user I want to disable, all other local users are fine
if they want to send mail.
Basically its a single system user that many people will know the
user/pass for so I want to keep them from going "Hey, I have joeuser's
password for host.host.com, I could use that to spam for days!"
make sense?
> else - this will break mail forwarding, but that's up to you. If you
> want to prevent local users from sending to each other, remove exim :)
lol good one :)
> When you say 'through a script', I generally think of direct injection
> via the binary. I am not sure how the above would apply to all of this.
Yeah I think that's a seperate ball of wax for another day :)
>
> HTH,