Stop postfix from delivering mail locally when MX record points externally to avoid mailbox hijack e.g. @gmail.com addresses.
Prevent mail interception / hijack where any customer can create domains when not prohibited explicitly and intercept for example a john.doe@gmail.com mailbox because SMTP will deliver this locally if the mailbox exists.
Almost every domain on the internet does have its own MX record and many of them are operate their own email server (not only Gmail). Why not address this potential security issue by checking MX records not only if the domain exists locally.
Plesk Tech Support
shared this idea
Thank you for your idea! We will consider this functionality in upcoming releases if it will be popular.
Everyone, please continue voting for this feature if you consider it important.
For the time being, please consider using Tools & Settings > Security > Prohibited Domain Names to prevent users from creating well-known domain names in their accounts.
- PD