Current time: 03-18-2018, 09:49 PM Hello There, Guest! (LoginRegister)

Thread Closed 
[solved] Security Problem detected
Author Message
joximu Offline

Posts: 7,039
Joined: Jan 2007
Reputation: 92
Post: #1
[solved] Security Problem detected

Platzwart had a problem on his server and mentioned that this could be a security issue:

A customer can add a domain-alias, eg.
Then he adds an emailaddress for this domain:
and then he can add a catchall for to go into this new mailbox.

Well - all mails to which are sent over this server (webmail, smtp...) will go to the customers account.
I checked this and got an email to to my account...

This is *not really* good.... (better: this is really not good)

What are others thinking about (besides opening a ticket)...

(This post was last modified: 01-17-2008 08:07 AM by RatS.)
08-18-2007 02:21 AM
Visit this user's website Find all posts by this user
MicCo Offline

Posts: 277
Joined: Oct 2006
Reputation: 1
Post: #2
RE: Security Problem detected
Hmmm, if I got it right,

- then what you are saying is that one of more users on an server can make an catcall e-mail address, and then recive e-mails from other users account ! ?.

This will be an very serious security issue, I will have serious problems as lots of my users are medical companies, dealing with a lot of money, so if an e-mail can be snapped by others, then the hosting ain't secure and an host can get in rearl trouble.
09-05-2007 03:57 PM
Visit this user's website Find all posts by this user
Thread Closed 

Forum Jump:

User(s) browsing this thread: 1 Guest(s)