vranivran
what is different between "vpn" and "Disable mail to a user from an external network"
Well they are totally different things and cannot really be compared.
VPN means virtual private network, and by establishing a VPN connection to your sme server you become effectively part of the LAN (local area network) and have access to services (eg mail) etc that only local users have.
In sme server manager Users panel, you can enable (ie allow) VPN access on a per user basis.
The method of "Disable mail to a user from an external network" uses the Visible db setting to prevent a local sme user from receiving mail from external senders ie their sme server email address (be it either a user, group or pseudonym), can only receive mail from other local sme server users.
VPN is an appropriate answer to your problem but requires a VPN connection be made before accessing mail. This adds complexity for remote users.
Most smartphones support VPN, and most/all smartphones support access to corporate or private email servers.
Earlier Blackberry phones required access to the Blackberry secure mail system, so you need to check the requirements/capabilities of that Blackberry model.
iPhones & similar modern smartphones work fine to access a sme mail server for sending & receiving mail.
Use IMAPS so that any changes are made to the server mail folders & messages will be seen by the user on whichever mail client they use, either locally or remote or mobile.
Another more practical answer is to enable remote access to the sme mail server (via SMTPS & IMAPS), and only tell those authorized/allowed users how to configure the mobile or remote device.
Please read this thread (you can search for many more similar answers too)
http://forums.contribs.org/index.php/topic,43957.msg210526.html#msg210526PS You can always submit a bug report as NFR (New Feature Request) asking for external mail system access to be configured on a per user basis.
You could possibly/probably do this now if you are an expert who can develop the appropriate code & custom template fragments, but it would probably involve some effort & cost. If your business model really requires it, then offer to pay a sme developer to create the additional functionality, which can then be shared to all sme users.
Many existing sme functions have been developed in that very way.