Discussion:
[RCU] How to avoid accessing mailboxes elsewhere
Mario Jorge Lima
2018-02-27 11:23:03 UTC
Permalink
Hello,

I will explain what I need to know.

I have 3 Servers:

1) One of them is just a Domains Server.

2) The other two are Mailboxes Servers. They have the email accounts
for all the Domains from the first Server.

All these mailboxes' POP and SMTP are accessed through the Server address:

mail.domainnamea.com.
mail.domainnameb.com.
mail.domainnamec.com.

and so on.

If someone who accesses my Roundcube, fill the Server field with any
other POP Server name elsewhere, he will read those emails. How to
avoid it, so that only mailboxes in one of my two Mailboxes mentioned
above can be accessed?

Thanks a lot.

Mario./
___________________________
Mario Jorge Lima
***@multisites.com.br
OBS: Eventualmente nao acentuo algumas palavras do Portugues, para
evitar bugs na recepcao dos emails.
Giles Coochey
2018-02-27 14:39:53 UTC
Permalink
Post by Mario Jorge Lima
Hello,
I will explain what I need to know.
1) One of them is just a Domains Server.
2) The other two are Mailboxes Servers. They have the email accounts
for all the Domains from the first Server.
mail.domainnamea.com.
mail.domainnameb.com.
mail.domainnamec.com.
and so on.
If someone who accesses my Roundcube, fill the Server field with any
other POP Server name elsewhere, he will read those emails. How to
avoid it, so that only mailboxes in one of my two Mailboxes mentioned
above can be accessed?
Perhaps an outbound iptables firewall rule, so prevent the roundcube
server from accessing any POP3 / IMAP server other than your servers?
Post by Mario Jorge Lima
Thanks a lot.
Mario./
___________________________
Mario Jorge Lima
OBS: Eventualmente nao acentuo algumas palavras do Portugues, para
evitar bugs na recepcao dos emails.
_______________________________________________
Roundcube Users mailing list
http://lists.roundcube.net/mailman/listinfo/users
Mario Jorge Lima
2018-02-27 16:50:06 UTC
Permalink
Hi,

This is an idea, but I don't know how to implement this.

Mario./
Content-Type: multipart/alternative;
boundary="------------FA4C66C307E815DE9F72CF87"
Content-Language: en-GB
Post by Mario Jorge Lima
Hello,
I will explain what I need to know.
1) One of them is just a Domains Server.
2) The other two are Mailboxes Servers. They have the email
accounts for all the Domains from the first Server.
mail.domainnamea.com.
mail.domainnameb.com.
mail.domainnamec.com.
and so on.
If someone who accesses my Roundcube, fill the Server field with
any other POP Server name elsewhere, he will read those emails. How
to avoid it, so that only mailboxes in one of my two Mailboxes
mentioned above can be accessed?
Perhaps an outbound iptables firewall rule, so prevent the roundcube
server from accessing any POP3 / IMAP server other than your servers?
Post by Mario Jorge Lima
Thanks a lot.
Mario./
___________________________
Mario Jorge Lima
OBS: Eventualmente nao acentuo algumas palavras do Portugues, para
evitar bugs na recepcao dos emails.
_______________________________________________
Roundcube Users mailing list
http://lists.roundcube.net/mailman/listinfo/users
_______________________________________________
Roundcube Users mailing list
http://lists.roundcube.net/mailman/listinfo/users
___________________________
Mario Jorge Lima
***@multisites.com.br
OBS: Eventualmente nao acentuo algumas palavras do Portugues, para
evitar bugs na recepcao dos emails.
A.L.E.C
2018-02-27 17:47:42 UTC
Permalink
If someone who accesses my Roundcube, fill the Server field with any other POP Server name
elsewhere, he will read those emails. How to avoid it, so that only mailboxes in one of my
two Mailboxes mentioned above can be accessed?
I think I responded to similar question recently with:

You have a few options to deal with this

default_host
username_domain
username_domain_forced
login_username_filter
trusted_host_patterns (git-master only)

How to use them will depend on what you want to achieve and your environment. You can
always create a plugin that checks the host before connecting to it.
--
Aleksander 'A.L.E.C' Machniak
Kolab Groupware Developer [http://kolab.org]
Roundcube Webmail Developer [http://roundcube.net]
----------------------------------------------------
PGP: 19359DC1 # Blog: https://kolabian.wordpress.com
Jorge Bastos
2018-02-27 17:50:21 UTC
Permalink
Hi Alec,

For:

trusted_host_patterns

does it work for host and Ip's right?

-----Original Message-----
From: users-***@lists.roundcube.net
[mailto:users-***@lists.roundcube.net] On Behalf Of A.L.E.C
Sent: 27 de fevereiro de 2018 17:48
To: ***@lists.roundcube.net
Subject: Re: [RCU] How to avoid accessing mailboxes elsewhere
Post by Mario Jorge Lima
If someone who accesses my Roundcube, fill the Server field with any
other POP Server name elsewhere, he will read those emails. How to
avoid it, so that only mailboxes in one of my two Mailboxes mentioned
above can be accessed?
I think I responded to similar question recently with:

You have a few options to deal with this

default_host
username_domain
username_domain_forced
login_username_filter
trusted_host_patterns (git-master only)

How to use them will depend on what you want to achieve and your
environment. You can always create a plugin that checks the host before
connecting to it.

--
Aleksander 'A.L.E.C' Machniak
Kolab Groupware Developer [http://kolab.org]
Roundcube Webmail Developer [http://roundcube.net]
----------------------------------------------------
PGP: 19359DC1 # Blog: https://kolabian.wordpress.com

Loading...