So, the files in /etc/postfix directory are world accessible. This means, a user on the system can easily see all email addresses. Which sort of means if a spammer purchases a seat on your host, it's trivial to harvest a lot of email addresses.
So, other than securing the logins so users cannot poke around, is there a good way to secure those files without breaking anything in Virtualmin?
This seems bad to me.
And if you are using the server for a backup email, and, making use of relay_recipients for those domains, then, even worse, even more "free" email addresses.