"blacklisted" domains or other security measures for MAIL reception

Discussion in 'Feature Requests' started by Norman, Jan 26, 2009.

  1. Norman

    Norman Member HowtoForge Supporter

    One problem that I'm thinking may occur in future on large installations of ISPConfig is that malicious users may add subdomains to known email-providers.

    Consider user A knows that people send a lot of emails to hotmail.com .
    Thus he adds a subdomain to his own site and starts catching emails sent through the system with the catch-all option.

    Is it possible to prevent ispconfig from adding domains to the postfix local-domains if MX doesnt match? Or Otherwise have a blacklist of domains which arent possible to add into the system.

    Maybe even wildcard based if you want to block out certain types of keywords in domains.
  2. falko

    falko Super Moderator ISPConfig Developer

    Good call. I've added this to our bugtracker.

Share This Page