Initial situation:

The option Do not create accounts (also disables custom commands for user creation) under Mail Processing Ruleset generator User creation was selected. In the default behaviour of the SEPPmail Secure E-Mail Gateway, with this setting, emails by users from Managed domains are forwarded untreated, even despite requested cryptographic actions, if these senders do not have a user account on the appliance (see Users).

Contrary to the default procedure, emails from this constellation are to be rejected (bounced).

 

Configuration suggestion

•Navigate to Mail Processing Ruleset generator Custom Commands Custom commands for User Creation:

•Activating the option and insertion of the following code into the input field below:

 

Code

 

•Change the option Mail Processing Ruleset generator User creation from
Do not create accounts (also disables custom commands for user creation)
to
Create accounts for new users if user tries to sign / encrypt

 

Description

The commands listed under Custom commands for User Creation: are executed by means of the option Create accounts for new users if user tries to sign/encrypt if cryptographic actions have been requested, but the requesting sender is not registered as a user on the appliance.

Since only manually created users should be allowed to perform cryptographic actions, now, instead of creating a user, the respective email is rejected (deleted), a bounce email using the template "bounce_no_user" and with the header of the original email is sent to the sender (line 05) and the process is written into the log (line 04).

In order to reach the appropriate place in the ruleset, the User Creation must be changed from Do not create accounts (also disables custom commands for user creation) to Create accounts for new users if user tries to sign/encrypt.

 

Variations

Instead of the command bounce(), the email can also be rejected using the drop() command.

 

Used

commands

authenticated()

bounce()

drop()

log()