joximu
Moderator
Posts: 3,534
Group: Moderators
Joined: Jan 2007
Status:
Offline
Reputation: 47
|
[solved] Security Problem detected
Hi
Platzwart had a problem on his server and mentioned that this could be a security issue:
A customer can add a domain-alias, eg. gmx.net
Then he adds an emailaddress for this domain: all@gmx.net
and then he can add a catchall for gmx.net to go into this new mailbox.
Well - all mails to gmx.net which are sent over this server (webmail, smtp...) will go to the customers account.
I checked this and got an email to djkherjkghekj@gmx.net to my web.de account...
This is *not really* good.... (better: this is really not good)
What are others thinking about (besides opening a ticket)...
http://www.isp-control.net/ispcp/ticket/573
/Joximu
2008-03-16 ispCP RC4 released!!!
This post was last modified: 01-17-2008 08:07 AM by RatS.
|
|
MicCo
Junior Member
Posts: 212
Group: Dev Team
Joined: Oct 2006
Status:
Offline
Reputation: 2
|
RE: Security Problem detected
Hmmm, if I got it right,
- then what you are saying is that one of more users on an server can make an catcall e-mail address, and then recive e-mails from other users account ! ?.
This will be an very serious security issue, I will have serious problems as lots of my users are medical companies, dealing with a lot of money, so if an e-mail can be snapped by others, then the hosting ain't secure and an host can get in rearl trouble.
Best regards,
MicCo 
-------------------------------------------
Make It Easy, Keep It Simple.
-------------------------------------------
Okay, there is one thing Linux is wayback on MS, Linux dont have the amount of securety updates.
|
|
Search
Member List
Calendar
Help
