Disable domains creation

Hi,

Is there a chance to restrict creating users in certain domains only? Often admin people mistype our domain name and thus creating unusable accounts. Thanks!

Alex

Not with MiaB natively, no. Although I would think that anyone given admin privileges on your MiaB would be smart enough to check that the new email account was correct when they create it…

You can install the script created by @murgero on shared hosting to be limited to the one domain if this is really a problem. Let me know if this is something you need set up or hosted.

Unfortunately, not.

Thanks for your suggestion, I’ll check the script out!

Just to insure that there is no confusion, the script is NOT installed on the MiaB server but instead has to be hosted elsewhere.

I’d like to point out I no longer maintain the script - it may not be secure these days. Just as a heads up. MIAB has some basic documentation on it’s API which can be used to make your own Web UI however.

Over a year later (sorry!): is there perhaps a new way to restrict the domains for email creation?

I am a newbie, just testing MIAB (I love it so far) and I have tried to add an email from a domain for which I have not even created an MX record (in fact its option is “no email” in namecheap), nor modified any other DNS records. To my surprise, the email was created and seems to be working for sending (not receiving probably).

Somehow I feel this opens possibilities for scammers to impersonate someone under their domain, so apart from securing my login I would like to also restrict allowable domains to only a handful.
Any help would be appreciated, thanks!

Is this question in regards to Mail-in-a-Box or the script by @Murgero for account management?

Mail-in-a-box since that script has not been maintained, as I understand?

Correct on the maintenance of @mugero’s script.

MiaB does not have such a mechanism nor does literally any mail server setup. I assume that the prevailing thought is “why would someone set up email for a domain that they do not control”? Well, of course we know why this would be done by potentially dishonest people. Hence the creation of DKIM, SPF, and DMARC to assist in preventing spoofing.

1 Like