Check common mailbox and user names
When you let users of a webapp create their own usernames, and this name is used in an email address or Unix user, it is important to check against some common usernames, like 'root', 'postmaster', and 'postfix'. This library is an attempt for that.
You should check the following:
- The address in your WHOIS, wich may be used for things like registering a TLS certificate. It should really be something like hostmaster@ anyway, so this should not be an issue.
- If you make Unix accounts with these names, check which names occur in
/etc/passwd
(and possibly/etc/group
).
License: BSD 2-clause
Resources:
- RFC2142
- Security StackExchange: What email addresses are treated as trusted
- Postbit reserved username list
-
/etc/passwd
and/etc/group
on my laptop (Debian testing/stretch). - shouldbee's list
- kwappa's list
Image via xkcd.com