1 Topic by swejun

  • swejun
  • Member
  • Offline
  • Registered: 2017-07-26
  • Posts: 84

Topic: Block incomming mail for a specific user

==== Required information ====
- iRedMail version (check /etc/iredmail-release): 0.9.7
- Linux/BSD distribution name and version:  Centos 7.3
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): LDAP
- Web server (Apache or Nginx): Apache
- Manage mail accounts with iRedAdmin-Pro? No
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====

Hi,
Someone having a clue on the best way of blocking incomming e-mail for a user?
The account should still be readable by imap, but no external incomming e-mail allowed.
The reassons beeing a couple of old migrated mailboxes that are kept just for reference/archive purpose, but we don't want to expose the mailadress externally.

Is it possible to modify any LDAP attribute to achieve this? I guess "disable" means the user cant login at all?
iredapd policy settings?
Or is it better to use "smtpd_recipient_restrictions" in /etc/postfix/main.cf ?

/Regards

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2 Reply by swejun

  • swejun
  • Member
  • Offline
  • Registered: 2017-07-26
  • Posts: 84

Re: Block incomming mail for a specific user

Could this be the way to do it (using iredapd policy)
/opt/iredapd/tools/wblist_admin.py --account firstname.lastname@mydomain.tld --add --blacklist '@.'

3 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,793

Re: Block incomming mail for a specific user

swejun wrote:

The account should still be readable by imap, but no external incomming e-mail allowed.

With LDAP backend, please remove the LDAP attribute/value pairs for this user:

enabledService=lda

4 Reply by swejun

  • swejun
  • Member
  • Offline
  • Registered: 2017-07-26
  • Posts: 84

Re: Block incomming mail for a specific user

Thanks.
Can confirm that the proposed soultion solved the issue, as well as the "wblist_admin --blacklist"

For reference:
1) removing "enabledService=lda" for the user caused a mail bounce "Undelivered Mail Returned to Sender"
Status: 5.1.1
Diagnostic-Code: x-unix; user unknown

2) adding a blacklist using wblist_admin.py, also caused a bounce but with another diagnostic code.:
     /opt/iredapd/tools/wblist_admin.py --account firstname.lastname@mydomain.tld --add --blacklist '@.'
Status: 5.7.1
Diagnostic-Code: smtp; 554 5.7.1 <firstname.lastnam@mydomain.tld>: Recipient address
    rejected: Blacklisted

Regards,