Submitted by endertech_rolmos on Fri, 02/25/2011 - 17:02
When creating an alias domain Virtualmin will auto-create an alias for "All mailboxes" with a destination of "Same mailbox in domain ".
This allows spammers to send email to non-existent accounts on the alias domain. Postfix will try to send that email to alias of domain which fails and results in a bounce ie. backscatter (and also listed on spam lists such as backscatterer.org).
A more direct 1 to 1 alias is required where the alias domain mirrors the exact aliases of the alias of domain in order to prevent this.
Thanks
Status:
Closed (fixed)
Comments
Submitted by JamieCameron on Fri, 02/25/2011 - 17:52 Comment #1
For alias domains, Virtualmin has a feature to create 1 to 1 aliases to avoid exactly this problem ... but it isn't on by default :-(
You can enable this for new domains at System Settings -> Server Templates -> Default Settings -> Mail for domain -> Mail alias mode for alias domains , by selecting "Copy aliases from target". For existing domains, this can be enabled at Server Configuration -> Email Settings.
Future Virtualmin releases will enable this feature by default.
Submitted by Issues on Fri, 03/11/2011 - 19:21 Comment #2
Automatically closed -- issue fixed for 2 weeks with no activity.