Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 2 > Installation/Configuration

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 17th April 2006, 07:10
hastlaug hastlaug is offline
Member
 
Join Date: Apr 2006
Posts: 30
Thanks: 0
Thanked 1 Time in 1 Post
Default Security risk through Co-Domains

"Normal" customers are able to add, edit and delete their domains.

This leads to a security risk:

Let's assume you have a malicious user.

This user simply adds a new Co-Domain, e.g. ebay.com to his account. If his account is limited to one domain, he could delete it and add ebay.com instead, or just change the domainname.

Let's further assume that he doesn't own ebay.com

He sets mail processing to "local mailserver" and sets up a catch all mail address.
From now on he can catch all mails that users of this server are trying to send to anything@ebay.com

Of course this doesn't affect anything outside the server, but it's bad enough that someone could be able to steal all outgoing mail. And as the average administrator doesn't check all the domains daily there isn't even a chance to detect such malicious behaviour in time.

Possible solutions:

a) Don't allow regular users to add/modify/delete their domains. I think resellers should be trusted, but maybe an option to enable/disable this feature would be even better.

b) When setting up a new domain, check the official domain name server responsible for this domain. Check the ips of the MX hosts. If none is the same than the domain's ip on the local server, automatically disable local mail delivery and force use of external mail server. It would even make sense to perform this check in a regular term every 24h, if a dns entry changes. The latter is not such important, but if you want perfection...

By the way: Something similar to b) is used by big dedicated server providers. When you setup your reverse DNS name, then first it's checked if the domain name really points to the server and rejected if it doesn't. This check is repeated every 24h to prevent abuse.

If you ask me: a) is sufficient as hot fix, but b) should be a much better solution. I already implemented such a patch (like b) for VHCS, which had (and I guess still has) the same issue, and it's not really much work. I just don't have enough experience with ispconfig yet to do same thing here. But as it's not that hard to do, I look forward till and falko will get this managed
Reply With Quote
Sponsored Links
  #2  
Old 17th April 2006, 18:00
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,741 Times in 2,575 Posts
Default

Thanks for the hint. We will check how we can fix this.
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #3  
Old 23rd April 2006, 16:41
oliver.blaha oliver.blaha is offline
Member
 
Join Date: Apr 2006
Posts: 37
Thanks: 0
Thanked 1 Time in 1 Post
Default

Any news here?
Reply With Quote
  #4  
Old 23rd April 2006, 18:08
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,741 Times in 2,575 Posts
Default

Not yet. We're very busy...
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #5  
Old 23rd April 2006, 19:03
oliver.blaha oliver.blaha is offline
Member
 
Join Date: Apr 2006
Posts: 37
Thanks: 0
Thanked 1 Time in 1 Post
Default

Okay, maybe I'll try to get it done - but as I'm also very busy it will take some time
In the meanwhile you could give me some hints what you consider as the best solution... i think the mentioned solution b) makes sense, and that's what I would implement. Suggestions?
Reply With Quote
  #6  
Old 24th April 2006, 09:32
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 36,046
Thanks: 826
Thanked 5,386 Times in 4,231 Posts
 
Default

Quote:
Originally Posted by oliver.blaha
Okay, maybe I'll try to get it done - but as I'm also very busy it will take some time
In the meanwhile you could give me some hints what you consider as the best solution... i think the mentioned solution b) makes sense, and that's what I would implement. Suggestions?
I agree, solution b) seems to be the best.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Strange email problem for one of my domains... any help appreciated paulrobert_a Installation/Configuration 5 9th August 2010 14:15
missing feature: email-aliases for multiple domains olaus Feature Requests 5 30th March 2006 12:07
Problem with Virtual Users And Domains With Postfix, Courier And MySQL Howto fenix Server Operation 4 11th March 2006 02:53
Certificates for domains jdeponte Installation/Configuration 1 19th October 2005 08:55
Number of allowed domains times 2? cstone Installation/Configuration 9 11th October 2005 02:06


All times are GMT +2. The time now is 02:35.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.