On 2011-08-14 09:41, Steve Fatula wrote:
What is the best way to disable locally submitted email (via sendmail binary, mail, etc.), BUT, still allow cron and such tools to work and be able to send local mail?
Not for the same users.
You can't set authorized_submit_users, as, that means cron jobs run as users won't send the mail as they don't have permission.
Only if you're talking about the SAME users.
This would primarily be from command line users, or, web scripts and php programs that run as the user (not www, etc., this is suexec). For web scripts, they would need to send mail via smtp, which is easy enough. So, the idea here is to force that to happen and not allow mail, sendmail, etc. to users.
You're stating contradictory requirements - you cannot AND allow scripts to use sendmail to submit mail for user X, AND disallow user X to submit mail as user X.
Just put your script users in authorized_submit_users, and enforce SMTP for everyone else.
-- J.
