different "admin" email accounts receive the same emails

[jennyuanc]

I have several email accounts with the same user "admin" under different domains.

If one of the email accounts receives an email, all the other email accounts will also receive the same email.

i.e. [email protected] and [email protected] would receive the same emails, regardless of whether the recipient is [email protected] or [email protected].

I have no idea how it went wrong in the last few days as I did not have the problem before.

 

[adam12]

Do you have access to the exim logs? It might be worth looking through them for the relevant lines and see if anything interesting stands out.

This sounds like a huge security issue if so.

 

[Ohm J]

this's working as design, "admin" or call user "admin" is system email account, not per domain account.

you can login to use email as "admin" without "@domain".

 

[adam12]

this's working as design, "admin" or call user "admin" is system email account, not per domain account.

Do you know if this is documented anywhere? I've never seen this before. Looking through exim related files, I see no special case for admin@.

If users can create admin@ accounts, and each receive the same email delivery, this is a huge security issue (ie. it's not uncommon for DV certificates to offer admin@ as a contact for the verification process).

 

[Ohm J]

ehh,

same user "admin" under different domains

He meaning, his directadmin account is "admin" and place domain under this users.

so if your customer name... eg. "user01",
Under this acccount on any domains, if you trying to sending email to "user01@domain1", "user01@domain2", it will coming into same inbox of "user01".

 

[Richard G]

If users can create admin@ accounts, and each receive the same email delivery, this is a huge security issue

No, because this can only happen on system accounts. User admin is a system account. Just like the examples from @Ohm J if you create a user called user01 and then e-mail-address with the same name user01 it will happen.

So if you create a domain foobar then the foobar user can use [email protected] and [email protected] without this issue.

It's a bit odd, but that is how system accounts are build and why in fact you better not use system accounts for normal e-mail.

 

[adam12]

Is it because the user attached the domains to their admin system account? Maybe that's the part I'm not understanding, as I never use the admin account for anything other than administration.

OP, under what account did you attach "a.com" and "b.com"?

 

[jennyuanc]

All the domains with the issue were created under admin system account.
The odd thing is they have been working normally until I twisted some settings recently.
I could not bring them back to normal now.

The other "admin@domain" emails under user accounts are working fine.

I'm giving up and will move those domains having "admin@domain" emails to another user account.

Thank you all for your input.

 

[adam12]

Ah, that makes more sense now. Thanks for clarifying.