Possible solution for mail hijacking

[Breaki]

To force the release of RC3 i try to help you on fixing the open tickets.

I opened this topic here, because i have no write access to the "Security Advisories" section of the board.

I think the best solution for Ticket #573 is to prevent the endusers on adding alias-domains. This should be in the menu of the reseller because most endusers wont have access to a DNS-server to link the new domain alias to the IP of the server. In the most cases the reseller registers the domain and than only he should add the newly registerd (or by a KK) domains to the ispCP system, cause he can check the order of the user, if the domain is available (or free for a KK) or it is already registered by an other person. And if the user registers the domains himself the reseller can also check the ns-section of the NIC.
I can't see any need of this in the enduser section, so lets move it to the reseller panel.

If you give me your Ok to this solution i try to modify the scripts.

Best wishes,

Breaki