"Ihnen, David" wrote:
>
> > -----Original Message-----
> > From: Daniel Augusto Fernandes [mailto:[EMAIL PROTECTED]]
> >
> > Dave Sill wrote:
> > >
> > > "Gustavo Zambon Rozatti" <[EMAIL PROTECTED]> wrote:
> > >
> > > > I have more than 500 users in a qmail server, wich are
> > > > conected to Internet and to our Intranet, but not
> > all of them
> > > > can have Internet access. So how can I prevent some users
> > > > from sending and receveing any mail to/from any host other
> > > > then localhost?
> > >
> > > It's not easy. To do it right, you'd have to run all your
> > mail through
> > > a general filter (see qmail.faqts.com or possibly modify a spam
> > > filter).
> >
> > What about a simple single firewall on that machine?
>
> How would that work? What rules?
>
Well, he could set up two smtp servers in his net. One for users who are
allowed to send extern mail and other for those who are not allowed. The
first one should use SMTP-AUTH as in:
http://members.elysium.pl/brush/qmail-smtpd-auth/
So, if one annoying user change his smtp server config in the MUA he
would have to authenticate.
Then, he would have a firewall to deny port 25 packets from the second
smtp server to the internet and allow it from the first server.
Is this all ok?
--------------------------------------------------------------------
Daniel Augusto Fernandes (DAF tm) [EMAIL PROTECTED]
GCSNet http://www.gcsnet.com.br/
--------------------------------------------------------------------
Se voc� n�o encontra
o sentido das coisas
� porque este n�o
se encontra, se cria.
Antoine Saint-Exup�ry
