raphael Wrote:I'll try to find out how to make postfix query an external DNS server.
This is more or less a fix for the mail-hijacking problem.
raphael Wrote:Anyways, admins should read the log emails.
Yes - but sometimes I get the impression that some of the ispCP admins won't do that. Well, I hope the admins of bigger installations will do - but they also need some sleep and I can think about a szenario where some hours are enough for this sort of criminality - and afterwards the customer deletes the domain alias and mail pointings.... ok, we can read log files, but we should not make it to easy for kiddies...
raphael Wrote:(This reminds me an old idea I had to have an option to prevent adding domains/aliases if they don't point to the server's nameservers)
This sounds really good - I thought of it just minutes ago when I stood up :-)
If a domain (or hostname) does not point to the own server then the domain should not be activated - an admin should activate it (or maybe he can allow a reseller to do that, but this depends if the reseller are serious...)
I think the first step - adding a domain alias (which creates the new zone in bind) should be controled in a better way (making a "dig @tld NS" or so)
/Joximu
Search
Member List
Calendar
Help
/
[split] Security Problem detected
