Hello Forum Members! I searched the forums with the keywords I can figure out in this topic, but found nothing about my question, so starting this new thread. Last week I ran into an e-mail delivery problem with one of our customers. They moved DNS, web and e-mail hosting to our (ISPconfig 3.2 based) service from another hosting company. Everything working as expected but one thing happened soon after the move: if a sender sends an e-mail to our customer, and the sender is also hosted at the customer's old hosting company (which our customer moved from), the sent mails get delivered to the old hosting companies mail server (locally), not to our mail servers pointed by the current MX records. I know that our customer must cancel that service and delete that e-mail domain from the old hosting company's server to solve this problem, but this hit me in the head. If I register a new customer (who would like to cheat) in ISPconfig, this new customer then creates an e-mail domain that already exists somewhere else (e.g. creates "gmail.com" domain in ISPconfig with mailboxes they want to steal), then all e-mail domains on out system that want to send mail to "gmail.com" e-mail domain will be delivered locally to that new customer's "fake" mailboxes (which is a fraud in this form), and this new customer can steal those e-mails with this "trick". Of course this is only true if the sending and receiving mail server is the same in our service (which is currently true). I'd like to ask that this potential fraud can be eliminated somehow, or the only working solution is to run separate sending and receiving mail servers? How can I set up ISPconfig in either way to deny this fraud? Can a sendig/receivig server send only to MX record stated destination (in case the same domain exists locally), or how can I set up two e-mail servers, dedicated to sending only and receiving only?
Use the domain module: System -> Main config -> domains. This restricts them to only the domains assigned. Then add their domains through Client -> Add domain.
Domain control (what Thom described) should be enabled on all servers with customer access. There are unique scenarios like an internal development server where it doesn't really matter. As to your question of a dedicated sending server with no local delivery, that idea could work to address the scenario you have, but there is not anything setup in ispconfig to configure that without additional work on your part.
Thank you for your quick answers, Th0m and Jesse Norell! We thought that we leave the flexibility to out customers of adding arbitrary domains, but taken in consideration of this problem, we will limit this with domain control option in ISPconfig in the future to deny this type of fraud.
