Add a checkbox to make rejecting all emails for a specific user easy #2846
Comments
|
We already have app-specific passwords, we call them tokens and you can configure them on There is no way to restrict their rights but by default they are not allowed to login on the web-interface. |
|
Oh, indeed. That solves the "device-specific password" part. "send-only users" would still be useful (so not closing). |
|
I am fairly sure that this can be achieved with the existing code and a sieve script. That said, having the ability to limit some tokens to send-only/receive-only may be worth it |
|
You can simply disable pop3 & imap for the user access if the user may only send email. It is documented here: |
|
@Diman0 sure, but an email sent to that email would still be either accepted or forwarded. I'd rather have them rejected. |
|
Sounds like you haven't heard of rfc5429 :) I still see some value in having permissions "per token" rather than "per user". in OAUTH2 parlance, that'd be "scope". |
|
This can already be achieved via sieve script or rspamd multimap. But I can imagine some people would want to have a checkbox per user that enables/disables the ability to receive email for that account. No-reply email accounts are the primary example I can think off. |
nextgens
changed the title
nextgens
added
type/feature
|
I have implemnted the token part in #2852 |
Version
2.0Description
In order to avoid copying the same password in multiple places, I've resorted to creating machine-specific users, to send emails from servers or laptops: let's say
user@example.comis my main email, setup correctly in Mailu. I have setup amachines.example.comsubdomain, with anironfist@machines.example.com; I can setup a no-copy redirect for that email touser@example.comand allowironfist@machines.example.comwith the allow-spoofing setup, so that it can send emailsFrom: user@example.comin my name. The usual case I have is my laptop's exim config.So. It would be nice to avoid allowing that
ironfist@machines.example.comuser to be able to receive email at all. (One easy workaround is not setting up an MX record, but depending on the A/AAAA record, it could still happen).Of course, another recourse would be to allow multiple passwords for a single user; such as device-specific passwords. GMail has some sort of setup for that; basically you can have (and generate) multiple independent addresses, limited to doing specific things: in the above scenario, if I could add a laptop-specific password for my
user@example.comaccount, that would also work, of course.The text was updated successfully, but these errors were encountered: