possible bug in web hosting companies

[smashway]

So I am working in a web hosting company, and encountered this bug.

This is very, VERY, VERY situational.

What occurred was in our company it's possible to add a domain name alias, whose DNS' don't point to our servers. (I guess it would be the same to order a new contract with a specific domain name).

When our customers send emails, we do not resolve the DNS for the recipient domain name, because the volume is too big, so we use LDAP.

We do provide catchall addresses in our hosting package.

My company is adding a patch to counter this on Monday

Example : I have a hosting contract for whatever website with a catchall address, I add worldofwarcraft.com as an alias to it, every mail sent through my company's servers will be directed to my catchall mail account.

If you don't understand what I'm talking about, I think there will be no way you can pull this off

[krava]

well due to design of MTA software, it will always look for local delivery first and if it exists it will send email there (your catchall account) even if MX record is set right.
So you can add @worldofwarcraft.com -> youracc@blabla you'll recieve mail to your account

This gave me an idea tho

What if you send email to all of your users that they got suspended/wotlk key and they got to authorize email by responding to that mail with their username and pwd. That *could* get you accounts

Cheers,
Krava

[smashway]

easily detectable if you get reported by spamcop
Even though I'm resigning from the job in one month, I'd like to keep good contacts with the company
But the day an email finishes in that catchall address, we'll be sure to be able to exploit it!

But this would be exceptional since you could finally have an interaction between the user and you!

[krava]

there are many ways to exploit advantage of being mail server admin *shrug*

[mage123]

I ran a hosting business back in the day when it was actually profitable. Its an ever changing exploited terrain