I have a new VPS server and just discovered that end-user going into webmail and autoresponder setup are free to browse the domain list and enter an email ID as if they were an admin. How do I close this down and restrict autoresponders to an end-user's own email address? Thanks.
"going into webmail"? which one?
EDIT:
oops forgot it's in the view where you select the webmail client.
I tested it and it doesn't behave as you explained.
EDIT:
oops forgot it's in the view where you select the webmail client.
I tested it and it doesn't behave as you explained.
Last edited:
Great, but how did you manage to log on to my server?
My point is that the autoresponder page is offering too much to the wrong email account user and I need to turn this off - how do I do it? Sure, its not meant to do this. That is my problem.
So, please, anyone know how to turn off this presentation of domains and opportunity to type in an email ID? It should just default to the user's own email.
Or is it a bug?
Of course I didn't test it in your server, I tested it in my server.Great, but how did you manage to log on to my server?
My point is that the autoresponder page is offering too much to the wrong email account user and I need to turn this off - how do I do it? Sure, its not meant to do this. That is my problem.
So, please, anyone know how to turn off this presentation of domains and opportunity to type in an email ID? It should just default to the user's own email.
Or is it a bug?
My point is that it is not acting like that in every server, so it might be something different in your server's configuration causing that.
It's hardly a feature you could just "turn off".
Infopro
Well-Known Member
WHM 11.36.1 (build 6)
Just wanted to confirm as Barlow said, the Webmail Autoresponder is wide-open.
And as InfoPro said, the Feature Manager can disable Autoresponder.
details:
/webmail/x3/index.html
After my clients log into their personal webmail accounts, they are shown the choice to enter different webmail interfaces: Horde, Roundcube or SquirrelMail.
On this index.html page the clients can manage Change Password, Forwarding Options, Auto Responders, Configure Client Mail, Email Filtering, Email Trace.
The Forwarding Options does limit the client ONLY to their email address.
But the Auto Responders gives them Admin permissions to add Auto Responders to any email under any domain name.
Sad, but I had to disable Auto Responder after a client successfully added Auto Responder to my email to prove the the interface was not secure.
To Your Success!!!
Mark
Just wanted to confirm as Barlow said, the Webmail Autoresponder is wide-open.
And as InfoPro said, the Feature Manager can disable Autoresponder.
details:
/webmail/x3/index.html
After my clients log into their personal webmail accounts, they are shown the choice to enter different webmail interfaces: Horde, Roundcube or SquirrelMail.
On this index.html page the clients can manage Change Password, Forwarding Options, Auto Responders, Configure Client Mail, Email Filtering, Email Trace.
The Forwarding Options does limit the client ONLY to their email address.
But the Auto Responders gives them Admin permissions to add Auto Responders to any email under any domain name.
Sad, but I had to disable Auto Responder after a client successfully added Auto Responder to my email to prove the the interface was not secure.
To Your Success!!!
Mark
| Thread starter | Similar threads | Forum | Replies | Date |
|---|---|---|---|---|
| T | Webmail Displaying Previously Read Emails as Unread | 7 | ||
| R | App Webmail - Suggestion for Creating an App for the Webmail Platform | 1 | ||
| A | Can you disable features in Webmail? | 1 | ||
| H | Webmail page not loading | 5 | ||
| O | Holiday autoresponder ONLY to webmail contacts, not to everyone! | 5 |