Results 1 to 2 of 2
  1. #1
    Join Date
    Aug 2002
    Posts
    1

    Ensim Oh SH*T!!!!!!!!!

    On my system (on all sites) it seems users can create an alias to an existing mailbox by adding the email address as the alias. I first noticed this when I tried to set up an alias from a user account to my catch - all (admin) account and succeeded.

    to clarify .. this is exactly what I do...

    On one of my sites exists a user account [email protected]

    I do not have any passwords to fred's user account but I have an account of my own [email protected]

    I enter my user panel (somedomain.com/user) and goto the mail option (email manager)

    In the email manager I select add alias from the alias page

    In the field I enter [email protected] and press save

    message is... adding alias succeeded

    That's it .. all mail going to fred's mailbox now comes to mine ([email protected])

    and just to clarify ... yes [email protected] already existed.

    I am assuming whatever protection prevents this from happening isn't working, however my expertise in ensim is null. If anyone can give me some suggestions in correcting the problem I would be extremely grateful.

  2. #2
    Join Date
    Jan 2002
    Location
    Kuwait
    Posts
    679

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •