On Wed, Oct 07, 2015 at 02:52:36PM -0700, Quanah Gibson-Mount wrote:
> >What would help is putting the "check_sasl_access" table in SQL.
> >
> >>I should've stopped/restarted immediately...
> >
> >No, instead put your access table in SQL (possibly CDB would work
> >too, but I'm not sure), that way you don't need reload or restart.
>
> So if they are in the SASL table, does it force close their connection? Just
> want to be sure that if I implement this via an LDAP table, that the spammer
> doesn't go on spamming once the user password is changed and the account is
> unlocked.
The "check_sasl_access" restriction consults an access(5) table
and can return any supported access(5) result.
In this case, it might make sense to go with:
u...@example.com 521 5.7.1 Account disabled
which drops the connection as documented.
--
Viktor.
