| SYSTEM INFORMATION | |
|---|---|
| OS type and version | Rocky 8.7 |
| Webmin version | 1.861 |
| Virtualmin version | 7.7 Pro |
This is not a current need; but in the event a client’s computer(s) is/are compromised and start spewing spam into the ether, what’s the fasted way to temporarily and non-destructively disable outgoing mail for all email users on the virtual server?
Thanks,
Richard
just reset the users password, or disable the server. reenable when fixed
Also consider Webmin → Servers → Postfix Mail Server → Sender Dependent Transport Mapping if you want granular control over specific virtual servers which should or should not be permitted to send out mail - those that should not sent out mail can be mapped to something that never sends out mail.
Is it too brutal to disable Mail for Domain? It would be very quick to do.
Thanks, but I would like the users to simply be able to use their mail again once I re-enable it. Some of my clients have many mail users; and most of them aren’t exactly what one would call Internet mavens.
Richard
That’s an idea. Thanks!
Richard
Thanks. My question is: If I do that, will the mail accounts still be intact when I re-enable the virtual server’s mail (old mail will still be there, passwords are still valid, etc.)?
I might set up a bunch of throwaway mail users on one of my own sites to test that.
Richard
If one disables mail for a domain, it will stop incoming mail as well as outgoing mail for the domain. If that’s okay then I suppose it is the easiest thing to do.
The tweaking of Sender Dependent Transport Mapping is precise. It will stop outgoing mail for a user or an entire domain without impacting the ability of users to receive mail.
I just did a test logging into Usermin as a user and you can send email out even with mail disabled.
I haven’t tested using an email client.
Really? - I find that a bit scary. 
it sounds like a bug.
Have I misunderstood the purpose of “disabling mail” ? @staff
I thought it was there to stop a user sending AND receiving mail both using an external client or Usermin
If a user can login they can send mail. Even if they aren’t a Virtualmin user. A system user on a UNIX/Linux system can send email. They can send email in infinite ways (they do not even need a mail server), but in the case of a Virtualmin system, we configure Postfix to allow authenticated users to send mail.
Not a bug. Expected behavior.
I understand how it seems confusing, but it’s unavoidable with the user model in Virtualmin; every user is a system user. And, system users can always send mail. It takes quite a bit of extra complexity to restrict a system user from sending mail.
That said, it’s likely we will end that practice at some point, maybe during the Virtualmin 8 development cycle. “All users are system users” doesn’t make as much sense in a distributed cloud-native world. It made sense 20 years ago when we started development, and in fact was a pretty important feature for many of our users; system users have a lot of benefits over database-backed virtual users (even now). But, it’s not realistic to carry the model to where we’re probably going (assuming we have the time and economic resources needed to go there, as it is not a short trip).
Niel’s solution might be worth integrating into the UI. The average mail user probably has no idea that there’s any way to send mail other than whatever way they happen to be using. It would prevent having to shut down a client’s Web site and incoming mail because something on the LAN is spamming the world.
Richard
This topic was automatically closed 8 days after the last reply. New replies are no longer allowed.