Re: deny email to a user question
* Mike Egglestone [EMAIL PROTECTED] [2001.11.26 21:51:42-0800]: Is there a simple way to stop a user from being able to send and receive email? Potato r3 running exim. not really, since that user could always telnet to a relay through port 25 and send with SMTP. if you were using iptables, you could block destination port 25 to that user, but with ipchains in potato r3, this isn't possible. so: no. -- martin; (greetings from the heart of the sun.) \ echo mailto: !#^.*|tr * mailto:; [EMAIL PROTECTED] si vis pacem, para bellum pgpwW86dNcEqb.pgp Description: PGP signature
Re: deny email to a user question
* Christopher S. Swingley [EMAIL PROTECTED] [2001.11.26 20:59:18-0900]: Dunno how to stop someone from sending mail. Maybe an iptables rule that uses the --m owner --uid-owner switches to block port 25 to that user? Course, if you're running potato, you've probably got a 2.2 kernel, so this isn't an option. and then i'd simply use the sendmail binary (or whatever exim comes with) and send mail as usual, because the connection to port 25 is then established by the mail user and not by me. however, i am sure exim can be configured to block mail coming from a specific user (which can surely be faked). so in addition to an iptables rule, you will make it really hard (but not impossible) to send mail. why does the user not get mail access? -- martin; (greetings from the heart of the sun.) \ echo mailto: !#^.*|tr * mailto:; [EMAIL PROTECTED] i wish this wish not to be granted! -- achilles (hofstadter's geb) pgp6D9btGuucw.pgp Description: PGP signature
Re: deny email to a user question
As others have said, there's no complete way to keep someone from sending mail without losing other things. Here are some ideas though: 1.) In addition to the previously-mentioned mode of blocking mail receipt, I can think of two other options: a.) ln -s /var/spool/mail/user /dev/null b.) in .forward: /dev/null 2.) You could piece together a particularly restrictive shell for the user that only allowed for specific tasks that s/he *is* allowed to do; lynx is a reasonably good tool for this. If they can't break out of the shell, they can't read/write their home directory and they can't run unauthorized software, including mail software. 3.) You can configure exim to deliver mail from the user to /dev/null instead of where it's going. However, as others have pointed out, this only stops him/her from sending mail through sendmail; it doesn't stop access to other mail services out in the world. -- Andrew J Perrin - [EMAIL PROTECTED] - http://www.unc.edu/~aperrin Assistant Professor of Sociology, U of North Carolina, Chapel Hill 269 Hamilton Hall, CB#3210, Chapel Hill, NC 27599-3210 USA On Mon, 26 Nov 2001, Mike Egglestone wrote: Hi, Is there a simple way to stop a user from being able to send and receive email? Potato r3 running exim. Thanks in Advance!! Mike -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: deny email to a user question
Is there a simple way to stop a user from being able to send and receive email? Stopping the receiving is easy -- just create an empty file in /var/mail/$username and change it's permissions to 444. Dunno how to stop someone from sending mail. Maybe an iptables rule that uses the --m owner --uid-owner switches to block port 25 to that user? Course, if you're running potato, you've probably got a 2.2 kernel, so this isn't an option. Chris -- Christopher S. Swingley phone: 907-474-2689 Computer / Network Manager email: [EMAIL PROTECTED] IARC -- Frontier ProgramGPG and PGP keys at my web page: University of Alaska Fairbanks www.frontier.iarc.uaf.edu/~cswingle They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety. -- Ben Franklin