Solved Howto get main domain for alias/pointer via API

H

HindrikOxilion

Verified User
Joined
Sep 23, 2011
Messages
33
Hey all,

We're utilizing a (PHP) script to automate some abuse actions, based on reports from an outgoing spam filter.

One use-case is to suspend an e-mail account via the DirectAdmin API, but this only seems to work if the e-mail account to be suspended ends with the main/hosted domain. It does not work if the e-mail address ends with an alias/pointer domain. To clarify a bit:

Suppose we have some user with domain maindomain.tld, and an alias/pointer domain named pointer.tld.
If we determine that outgoing spam is sent via authenticated SMTP with [email protected], suspending the e-mail account [email protected] does not work via the API. We should somehow determine the main domain for which pointer.tld is an alias, and then issue a suspension of the account [email protected] via the API.

So my question at this time is:

how could one determine/retrieve the actual hosted domain name via the API, given any domain (be it main, alias or pointer) as input.

I'll gladly receive any thoughts on this...

With kind regards,

Hindrik Deelstra
Oxilion B.V.
 
I did some more fiddling and testing, and have decided to just do the following routine:

  1. Fetch the list of domainowner's main domains via CMD_API_SHOW_DOMAINS,
  2. if the spamming $domain is in the list, it's a main domain, continue to account suspension routine,
  3. if the spamming $domain is not in the list, it must be a pointer/alias, do the following:
  4. foreach() main domain, check if the spamming domain is present in the alias/pointer list via CMD_API_DOMAIN_POINTER?domain=$main_domain,
  5. when the pointer/alias domain is found, we know the main domain, exit the loop via break;
So in stead of a single API call, I need to perform 1 initial API call to get all the main domains, plus 1 additional API call for each main domain of the user, until the pointer is found. This is not really ideal or optimal in my opinion, but since it only needs to be done when a spamming account is detected, and our setup mostly uses 1 main domain per user, it seems like an acceptable trade-off in our specific use-case.

If anyone is interested in the actual PHP code, please leave a comment, but bear in mind that I'm not a programmer by trade, so I will not promise any level of quality of the code ;)

With kind regards,

Hindrik Deelstra
Oxilion B.V.
 
I would be interested in your code to improve my own DA API coding skills using real code, thanks
 
Last edited:
Well then, at your own risk then ;)

I've only provided the piece(s) that actually talk to DirectAdmin's API, the other bits are very specific for our own use-case, so most likely will not apply to anyone else...

The API calls are done via PHP cURL:

PHP: 
# Setup the $da curl handler, "$dapass" is the DirectAdmin password for the relevant admin "$adminuser"

$da = curl_init();
curl_setopt($da, CURLOPT_USERPWD, "$adminuser:$dapass");
curl_setopt($da, CURLOPT_RETURNTRANSFER, 1);

# We have sources that provide an e-mail address to be suspended, as well
# as the source DirectAdmin host, stored as "$sender_host".
#
# The e-mail address is split into the local part and the domain at the last (rightmost) '@',
# the local part is stored as "$mailuser", and the domain as "$domain".
#
# These variables are ultimately passed to the suspension API call at the end
# of this code-snippet.

# Fetch all domainowners, store resulting array as $domusers
curl_setopt($da, CURLOPT_URL, "https://$sender_host:2222/CMD_API_DOMAIN_OWNERS");
$result = curl_exec($da);
parse_str(urldecode($result), $domusers);

# Find and store domain's user as $user
$user = $domusers[str_replace('.', '_', $domain)];

# Fetch domain owner's main domains, call API as the $user, store resulting array as $userdoms
curl_setopt($da, CURLOPT_URL, "https://$sender_host:2222/CMD_API_SHOW_DOMAINS");
curl_setopt($da, CURLOPT_USERPWD, "$adminuser|$user:$dapass");
$result = curl_exec($da);
parse_str(urldecode($result), $userdoms);

# If domain is not a main domain, loop over all user's domains until the Alias/Pointer is found
if (!in_array($domain, $userdoms['list'])) {
    foreach ($userdoms['list'] as $dom) {
        # Fetch domain's aliases/pointers, store resulting array as $aliases
        curl_setopt($da, CURLOPT_URL, "https://$sender_host:2222/CMD_API_DOMAIN_POINTER?domain=$dom");
        $result = curl_exec($da);
        parse_str(urldecode($result), $aliases);
        # Search for Alias/Pointer in the array keys
        if (array_key_exists(str_replace('.', '_', $domain), $aliases)) {
            # We found a match, store the main domain as $domain, and exit loop, we're done
            $domain = $dom;
            break;
        }
    }
}

# Suspend e-mail account, the var "$domain" now always contains the correct main domain
# remember that the CURLOPT_USERPWD is still set as "$adminuser|$user:$dapass", which is needed for this API call
curl_setopt($da, CURLOPT_URL, "https://$sender_host:2222/CMD_API_POP?action=delete&domain=$domain&suspend=yes&user=$mailuser");
curl_setopt($da, CURLOPT_POST, 1);
curl_exec($da);

I hope this could be useful in any way...

With kind regards,

Hindrik Deelstra
Oxilion B.V.
 
You must log in or register to reply here.
Back
Top