How can I disable mail delivery for a user yet still allow access to their mailbox from another account which their mail is shared to? If I put them in a userdb which has "deny = yes" that just disables their ability to login, yes? And they would still have mail delivered. I want to disable their ability to login AND bounce all mail delivered to them, preferably solely through dovecot configuration. I am using lda, obviously, for mail delivery. (I could configure the MTA to reject mail for them if there is no other option.)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, 2 Feb 2010, Frank Cusack wrote:> If I put them in a userdb which has "deny = yes" that just disables > their ability to login, yes? And they would still have mail delivered. > > I want to disable their ability to login AND bounce all mail delivered > to them, preferably solely through dovecot configuration. I am using > lda, obviously, for mail delivery. (I could configure the MTA to reject > mail for them if there is no other option.)IMHO: If you want to avoid backscatter, you must disable the user in the MTA, in order to reject the message during "rcpt to" command or at least in DATA. If you reject the mail after DATA, e.g. in a Sieve script or so, a DSN / bounce mail is generated, aka backscatter for SPAM. Regards, - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iQEVAwUBS2fo6L+Vh58GPL/cAQIq7Qf/SZ7aXXjFl/eM04bjNws0ma4MCLdll/j2 WtUjSNn+lmJqPTtn9iOOhBlRbtXAxfoHBrCQUl0SIU3IdGNY709lZeiheTfbEoVh oxV6/tjJ1AZQ4EcGy+h8pTwRu7VTJoQyFpZ76BxgLFlSSS6StCDu+J5NqyICZDx3 kAJXWRL4ARa9N9bh2XjZkGnjAOsYvix4+v3tItK0IHI/Szit1r40I89JYrucj8Q8 dJ+3++5StoGaobGG8jJz/w7DLZrZfCUEF/5WrUsQRn5JPAs8XWuooVYoDlWZpwXH gizNYORh7VCtWDaQXwoPr7O78GqwKzoKtONjbUGWcH6nuc1u6ALg/Q==D6L8 -----END PGP SIGNATURE-----
On 2.2.2010, at 7.51, Frank Cusack wrote:> How can I disable mail delivery for a user yet still allow access to > their mailbox from another account which their mail is shared to? > > If I put them in a userdb which has "deny = yes" that just disables > their ability to login, yes? And they would still have mail delivered.Logins would fail with "internal login failure". userdb lookup must succeed for imap/pop3 logins too. You could make the deny=yes happen only if %s != 'lda'.> I want to disable their ability to login AND bounce all mail delivered > to them, preferably solely through dovecot configuration. I am using > lda, obviously, for mail delivery. (I could configure the MTA to reject > mail for them if there is no other option.)But like Steffen said, you should do this in MTA side to avoid backscatter.