Restricting local users from sending external mail
Last = Update=20 2001-09-10=20This example ruleset restricts local users from sending mail to external = recipients. It uses class w to detect local senders/recipients. = Attention: this protection is only based on the address = information=20 given in the envelope of the e-mail which can be easily forged.=20
List those aliases (which are local) in a file:
LOCAL_CONFIG
F{Internal}/etc/mail/intern.only
Then the rules work like this: LOCAL_RULESETS
SLocal_check_rcpt
Sr
# dnl get sender address and canonify it
R$* $: $1 $| $>3 $&f
R$* $| <> $@ OK <> is always ok
R$* $| $={Internal} <@$=w.> $: $1 luser@local.host?
R$* $| $={Internal} $: $1 luser?
R$* $| $* $@ OK someone else
R$* $: $>3 $1 check recipient
R$+<@$=w.> $@ OK local? ok
R$+<@$+> $#error $@ 5.1.8 $: "551 sorry luser your boss does not =
like you"
Before 8.9, you have to use Scheck_rcpt instead of=20 SLocal_check_rcpt.=20
The ruleset works like this:=20
- is the sender a local user (listed in the file)?=20
- if no: OK=20
- if yes: the recipient must be local too=20
- if it isn't: error
[(links)] = [
  |