- Go to Policy > Access Control > Receiving and click New, or edit an existing access control rule.
- Click Enabled.
- Set Sender pattern to User Defined, and enter the user's email address in the field below.
Note that it may be preferable to enter the IP address instead of the email address, as it will still allow the user to send and receive emails using their email address from a different machine that is not infected.
- Set Action to Reject, and click Create.
In this case, set Sender IP/netmask to User Defined also, and enter the user's IP address and netmask.