On Sat, 2005-06-25 at 22:25 +0100, Mark Smith wrote:
> > You could try something like this:
> >
> > deny
> > authenticated = *
> > !senders = $authenticated_id
> > message = Aliases not allowed
> >
> > However, a problem with Outlook is that when it receives a
> > "deny", instead of reporting the error message from the MTA
> > it just tries to send the email again from any other accounts
> > it can find, until it succeeds in sending the email. If
> > anyone knows how to stop it doing that, I'd appreciate
> > hearing the solution.
> >
>
> Just realized that if you put the test in the MAIL_FROM ACL, rather than
> RCPT, Outlook reports the error properly and gives up.
Combine that acl with a policy (which is backed up) that attempts to
change the sending address will result in loss of computer access /
being kicked off the network / dismissal (assuming this is a work place)
and you're onto a winner. Technical solutions are only ever a partial
solution as the really determined moron will always find a way to work
round them.
--
Mark <hamster@???>