Re: [exim] problem to disable a specific account

Top Page
Delete this message
Reply to this message
Author: Mike Brudenell
Date:  
To: Exim Users
Subject: Re: [exim] problem to disable a specific account
Hi, Dennis -

On 13 June 2016 at 18:50, Dennis Isaías Cervantes <
dennis.cervantes@???> wrote:

> I would like if you help me on how I can do to prevent a specific account
> send emails or off for some time, use exim 4.80.1 with mysql
>


You'll need to think carefully about whether you mean:

- you want to stop email addresses whose RFC5321.MailFrom address (in
its envelope) is a specific address, or
- you want to stop email addresses whose RFC5322.From address (in the
"From:" header) is a specific address, or
- you want to block any and all emails from a particular
username/password that someone uses to authenticate to your mail service.

You'll also need to think about what you mean by "prevent". Do you mean:

- you want to refuse to accept the messages, rejecting them with a 5xx
SMTP error code to inform the sender that their message is refused, or
- you want to accept the message into your mail server but freeze it in
the queues so you can review it, or
- you want to accept but deliver to a mailbox for them to be reviewed, or
- you want to accept the message but silently discard it, so the sender
is thinks that their message has gone on to be delivered.

(I make no comment on potential problems with each; I can see use-cases
where any of these could be a valid choice.)

Depending on what you mean by "prevent" you want to look at things in your
Exim configuration such as:

- the *deny* ACL verb with conditions to match and block with a 5xxx
SMTP error code, or
- the *accept* ACL verb along with a "control = freeze" modifier if you
want to accept by freeze it, or
- to change the recipient address if you want to divert the message to a
mailbox for review, perhaps in a router, or
- the *discard* ACL verb to discard some or all of the recipients.

When writing the ACL you'll need conditions to match those (and only those)
messages you want to prevent. For example,

- use the *senders* ACL condition to check the RFC5321.MailFrom address
to see if it's the one you're wanting to prevent in messages, or
- use the *condition* ACL condition to check the *$h_from:* variable to
see if the address in any "From:" line is the one you're wanting to match,
or
- use the *condition* ACL condition to check the value of the
*$authenticated_id* variable to see if someone has logged
into/authenticated to your mail server with the username you're wanting to
block

*Hint:* If you need to check the $h_from: variable don't try and do so in
the acl_smtp_rcpt ACL as that's only dealing with recipient addresses from
the SMTP "RCPT TO" exchange. Instead you'll need to check the variable
somewhere after the headers themselves have been received: for example in
the acl_check_data ACL.

You'll find more on ACLs and the variables in the Exim Specification — eg,
the chapters on *Access Control Lists* and on *String Expansions*.

If you're going to want to change the account(s) you're preventing often
you might might want to abstract them into a file or your MySQL database
for matching addresses/usernames instead of hard-coding them into your
configuration file.

Cheers,
Mike B-)

--
Systems Administrator & Change Manager
IT Services, University of York, Heslington, York YO10 5DD, UK
Tel: +44-(0)1904-323811

Web: www.york.ac.uk/it-services
Disclaimer: www.york.ac.uk/docs/disclaimer/email.htm