Well, in Exchange, if you remove the SMTP address from a user, they will not
be able to receive internet email.
I'm not positive, but I believe the can still try to send email, but I'm
sure the From field in the header would be 'messed up' for lack of a better
term.... don't know if it would be empty, or if they would be all messed up
in the same way.... but assuming that Exchange used the same From header
for all senders that did not have an SMTP address, you could then block that
at the firewall.
(you'd have to do some testing on that one....maybe I'll check that out a
little later today or tomorrow...or if you get to it sooner, let me know
what happens)
Jason
> -----Original Message-----
> From: Daniel Bocage [mailto:[EMAIL PROTECTED]]
> Sent: Sunday, June 25, 2000 6:13 AM
> To: Robert MacDonald
> Cc: [EMAIL PROTECTED]; THELLIER,
> Francis (Kedros)
> Subject: Re: [FW1] SMTP per user
>
>
>
> Thankyou for your answers, what I meant was this:
>
> Some of our users will not be given permission to
> send/receive mail from
> Internet. How can I block them at the FW-1 (I couldn't find a
> way to do
> it on the Exchange 5.5 server)?
> For example I could write a huge list in the Recipients field
> of the SMTP
> resource but it would be impossible to manage (About 400
> users can send
> and 200 can't).
> Is there a way to obtain this list from an LDAP server for example?
>
> I share your idea about the policy but the managers are
> convinced that
> is the right way to go, so unless technically it's too complicated or
> difficult to manage they want to go for it.
>
> thanks,
> Ing. Daniel Bocage
>
> Robert MacDonald wrote:
>
> > Daniel,
> >
> > Your request is not very clear, but I'll try and
> > make some assumptions(ack!).
> >
> > If intention is to limit the number of emails
> > that an internal user may get, get/send, send,
> > then you'll most likely end up writing some
> > cludge script to accomplish this. This would
> > appear to be real nasty. Unless there are
> > packages out there that do this, I don't
> > think it's possible without a lot of work.
> >
> > If the intention is to limit the number of emails
> > someone can inject into your site, then sort-of.
> > FW-1 has a config that can do this. But then
> > if someone really wanted to send email into
> > your site, they can just break your site into
> > chunks.
> >
> > If I were you, I would look through that policy
> > you have and remind all offenders/abusers
> > of your mail system about non-work related
> > email usage.
> >
> > Then, if they continue, feel free to cut them
> > off, becuase your policy's abuse clause said so.
> >
> > Use technology to fix technological issues. Use
> > common sense and a thick, heavy policy for
> > all else ;).
> >
> > Robert
> >
> > - -
> > Robert P. MacDonald, Network Engineer
> > e-Business Infrastructure
> > G o r d o n F o o d S e r v i c e
> > Voice: +1.616.261.7987 email: [EMAIL PROTECTED]
> >
> > >>> "Daniel Bocage" <[EMAIL PROTECTED]> 6/23/00 10:10:09 AM >>>
> > >
> > >How can I limit incoming and outgoing mail (SMTP) per user
> on a FW-1
> > >gateway?
> > >
> > >thanks,
> > >
> > > Ing. Daniel Bocage
>
>
>
> ==============================================================
> ==================
> To unsubscribe from this mailing list, please see the
> instructions at
> http://www.checkpoint.com/services/mailing.html
> ==============================================================
> ==================
>
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
