MIAB - domain name vs subdomain - security concern?

Radmin 2017-10-01 12:25:48 UTC #1

Hi everyone,

I installed MIAB few months ago on my domain name (not subdomain). No problems, DNSSEC works, everything perfect! All is green in the admin panel. Thanks Josh.

But, Josh recommend to put MIAB on a subdomain (box.xxx.com) and don't change it (at the installation).

Is there any difference (from a security point of view) to put MIAB on a subdomain vs domain name ? Does it affect the "same origin policy" ?
I'm afraid I do something wrong... and can it affect the security of MIAB?

(Sorry for my english, It's not my first language).

Regards,
Radmin.

murgero 2017-10-02 19:54:14 UTC #2

No security concerns.

box.example.com is normally how MIAB is usually setup because example.com will host a website, where box.example.com will host the mail, cloud, and webmail client.

But there is nothing stopping you from using just example.com

Powered by Discourse, best viewed with JavaScript enabled