Cc: www4mail-comments@w3.org
Subject: Controlling access to a www4mail Server !


  

Consider the following

Case A: I want to block all users and only accept requests from certain 
users

Solution: Create only the conf/.access file or set the configuration file
directive AllowedUserFile to whatever text file you like
	Once this file exists and is readable. www4mail will not
	answer any request except the sender's e-mail address is 
	listed here.

Case B: I want to accept request from all users but only block some
certain users.

Solution: Create only the conf/.blacklist file or set the configuration
file directive BlacklistedUserFile to point to a text file.

	Once this file exists, www4mail will not process any request from 
	a sender's whose e-mail address is listed here.


Notes:
Well, in the processing www4mail checks the the black list before the
accept list, however this does not mean anything as there is no
relationship between both files. Any one of them can choose to reject your
mail. But it may be said that the BlacklistedUserFile creates a
semi-private www4mail server while the AllowedUserFile creates a fully
private www4mail server.

In order to archive a fully private server it is sufficient to create only
the conf/.access file and place your e-mail address within it. Once the
conf/.access file exists www4mail becomes a private server. 

Syntax of the text files:
Each entry must appear on a single line 
Comments may appear on a line starting with the # sign
 
It is possible for you to place entries as follows
	1. Full e-mail addresses

	tobias@kabissa.org

	tobias@*


	2. E-mail domains for all users from the domain

	*@kabissa.org

	E-mail for an entire country
	^*@*.ng$

	or
	^*@*.com$

	or 
	^*@*.de$ 

	The above entry matches mails from senders with addresses ending
in .ng note that the final dollar sign is necessary, while the begining ^ 
sign is optional.

The above entries have been tested and found to work fine on a 2.4p1
server.

May be in future, it maybe necessary to allow an external
executable program to perform the authentication and return a pass or fail
result to the www4mail program.