Email Routing: Unsecure.

Discussion in 'Developers' Forum' started by dar_ek, Oct 12, 2010.

  1. dar_ek

    dar_ek New Member

    I found that "Email Routing" is very insecure. It's possible to take over an email from other clients on our server.

    example:
    We have two clients on one server: VIP and SMARTGUY
    VIP client have a domain: vip.com
    and mailboxes eg: [email protected], ...

    When SMARTGUY have a "Email Routing" enabled in his ISP panel he can redirect all VIP emails to his outside mail server.

    All he has to do is:
    1. Configure his outside mailserver to accept emails from "vip.com" (and configure mailboxes, or some catchall).
    2. Configure in panel on his account "SMARTGUY" in "Email Routing":
    - Domain: vip.com
    - Destination: smartguymailserv.com (or simply "*"!)

    And all emails for vip.com are redirected to his SMARTGUY server.

    "Email Routing" is disabled in default client templates, but some admins may it enable and may not be aware of the danger.
     
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    This is not insecure, its the purpose of this function to redirect any kind of email address, protocol or domain to any other destination. So the function can not be restricted without loosing its functionality. If a admin does not know what the function is for, he shall not enable it. If ISPConfig disables a function in its defaults then there are good reasons too do that.
     
  3. dar_ek

    dar_ek New Member

    I think that the function can be restricted by check that domain is/or isnt used by any client. Only for listed in "Relay Recipients" menu.

    best regards.
     
  4. till

    till Super Moderator Staff Member ISPConfig Developer

    This functions is not just for domains. So the value can be anything incl. custom transports defined in main.cf, so checking for a domain will not work. Thst why we decided to disable it as default.
     

Share This Page