Allow logging in to webmail with alias credentials
Please allow logging in to webmail with alias credentials.
For example, if a main domain's mailbox mail@example.com has an alias mail@alias.com, they should both be able to log in to webmail.example.com with the same password.
Plesk Tech Support
shared this idea
Allowing different user names for the same target mailbox broadens the attack surface. We do not see why it can make using a mailbox easier, as it is still the same mailbox and can equally well be opened with one set of defined login credentials. Also this request did not become popular. For these reasons we must decline it.
-- PD
-
Kastor Stein
commented
Hmm, but smtp login seems to work also with an alias.
/var/log/maillog: smtpd[2852050]: [186.55....], sasl_method=PLAIN, sasl_username=webmaster@xxxx (which is an alias)
Our mail relay then rejected to relay the mail:
/var/log/maillog: <webmaster@xxxx> sender rejected. This relay isn't allowed to send mail "From" <webmaster@xxxx>So yes, this feature shouldn't be implemented, and smtp should also already refuse to queue a mail "From" an alias.
-
Kaspar
commented
Please don't implement this feature. I often let my users create an alias for their mailboxes to use as 'main' email address so to obscure their real mailbox. Making it harder for attackers/bots to access mailboxes. As unfortunately login credentials are leaked or stolen from sites far too often.