> From: Judy Angel
> I have a number of local users that I wish to block from sending email.
>
> I have the acl below in place and when I test with exim -bs I see the deny
> message but when the local user sends an email it is delivered.
> The aliases.deny file has the users email address
> What have I overlooked?
What exactly do you call "local users"?
CGI scripts or shell users on the same machine as Exim?
Such scripts or shell users can send mail in two ways: via SMTP to localhost
or by invoking Exim binary (usually passing header and body to it via a pipe).
> acl_smtp_data = acl_check_sender
It's called only if submission is via SMTP.
> begin acl
> acl_check_sender:
> deny message = "Please use private email"
> senders = /var/exim/data/aliases.deny
"senders" is better used in acl_smtp_rcpt than in acl_smtp_data.
But you need to use also acl_not_smtp.
But more importantly, sender easily can be forged
(especially if submission is via SMTP),
i.e. your protection easily can be circumwented.
You need a way to determine which user it is
other than with "senders".
