• Introducing WebPros Cloud - a fully managed infrastructure platform purpose-built to simplify the deployment of WebPros products !  WebPros Cloud enables you to easily deliver WebPros solutions — without the complexity of managing the infrastructure.
    Join the pilot program today!
  • Support for BIND DNS has been removed from Plesk for Windows due to security and maintenance risks.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS.

User managing autoresoponder and antispam without other rights

J

JohannesW

Guest
Hey guys,

I ran into the following problem. Before updating to version 10.0.1 mail users were able to configure their autoresponder and antispam settings by themselves. Since 10.0.1 they would be able to change their mail and aliases, too. They also could see much more information than they should. So I'm not able to enable their user accounts, this would lead to more problems.

How do I get an user configured who is only allowed to see and configure options for his own autoresponder and antispam settings? - I hope the new rights management did not remove the granularity of security permissions 9.5.3 had.

Thanks for any advice.
 
Just go to User Role Properties and configure corresponding restrictions for mail users.
 
Well I did that, or to be honest after the update from 9.5.2 to 10.0.1 there were users having specific named roles like mail user and so forth. The role of a mail user for example did not allow anything, everything is was set to deny.

But these users were able to login, change their mail address, edit and add aliases, configure their spam filter and auto responder and view the abonnements and other user accounts on the server.
But I do not want to allow users view the accounts of other users or to change their mail address or aliases.

To explain it more clearly:

First I create a user role
http://www.bilder-space.de/bilder/9c3d24-1290063696.jpg


Then I create a user assigned to that role
http://www.bilder-space.de/bilder/2cc10b-1290063753.jpg

I'm logged in as the new user with my deny any role
http://www.bilder-space.de/bilder/3dc35c-1290063815.jpg

And as you can see this user is e.g. able to
- activate and deactivate his mailbox
- Change the size of his mailbox
- is also able to forward received mails
- can view the other user accounts (read-only)
- can add, edit and delete mail alias
- ...

I did not recognize where I can deactivate this rights for the user...
 
Thanks for that information. But the documentation is not helpful at that point.

In previous versions of Plesk I was e.g. able to set the size of a users mailbox for each user separetely. I was able not to allow a user to add or edit his alias. I was able to prevent the user from login to Plesk. I was able to deny changes of a user to his mail address. With version 10.0.1 I'm not.

I did not find a way to set the size of a mailbox for each user seperately.
I could not find a way to prevent a user from viewing other user accounts.
I cannot prevent users from changing their mail adresses and aliases.

The permissions I found are not that granular as they there in my previous version. So if you give me that link, do you want to tell me that this are all the posssible options I do have with security permissions?
 
You must log in or register to reply here.

Similar threads

Z
Issue Scheduled Backup: Not working anymore and access rights issues since 18.0.66
Replies
14
Views
2K
zamkc
Z
H
Question SSH user can see other subdomain directories even with chrooted shell?
Replies
3
Views
820
Raul A.
R
Hangover2
Question Disabled "Hosting performance settings management" is ignored when using .user.ini
Replies
3
Views
1K
Aleksei Fedorov
A
O
Question How Can I Set Up Email Notifications in Plesk to Alert Me About Issues with the "Locate My Postal Code" Tool?
Replies
0
Views
2K
OusmaneKannon
O
A
Question Setup Plesk behind a load Balancer
Replies
2
Views
1K
trialotto
T
Back
Top