There are many old or closed threads on this topic, which is basically about the ability for a cPanel admin user to read or access all user email accounts from the cPanel webmail link without having to enter the individual email account password. I understand that the cPanel admin is a root user and can change any users email password, so there is no way to stop them from viewing any user email if they want to. So many questions. Looking for a best practice recommendation.
Is it as simple as disabling webmail access?
I am curious to know whether the discussion continues, is considered resolved, or just not worth discussing? I would also like to know what admins in this position tell the persons or companies that they administer cPanel accounts for in regards to this topic? Is it a don't ask don't tell type of topic? Or do you fully disclose the discussed possibilities? And/or offer them a different email solution that is more secure? If so, how do you disclose this info? And what other options do you offer?
Is it as simple as disabling webmail access?
I am curious to know whether the discussion continues, is considered resolved, or just not worth discussing? I would also like to know what admins in this position tell the persons or companies that they administer cPanel accounts for in regards to this topic? Is it a don't ask don't tell type of topic? Or do you fully disclose the discussed possibilities? And/or offer them a different email solution that is more secure? If so, how do you disclose this info? And what other options do you offer?