Hi Philipp, you can set the shell for the mail-only users from i.e. /bin/bash to /bin/false or any other not existent program. Have a look at your /etc/passwd and edit as mentioned. This user cant't login without having a valid shell. POP3 and SMTP still works fine for those users. If you like users only to not use your sshd, go to your sshd config file (/etc/ssh/sshd_config) You can use the "DenyUsers" sshd directive. entries are separated by spaces, like this: DenyUsers user1 user2 user3 OK? Rolf -----Original Message----- From: Philipp Snizek [mailto:mailinglists@belfin.ch] Sent: Friday, February 23, 2001 8:02 AM To: suse-security@suse.com Subject: new e-mail accounts (group 500 users) Dear list-users, If I make a new e-mail account for my sendmail it's the same as if I made a new user account for the mail server. People could login e.g. through ssh. How can I restrict access to only just the corresponding e-mail account so users could not log on to the mail server by a terminal client? Thank you Philipp