Q1 . This in my opinion is a bug / security issue.

Anyone can reset any users password just by entering in there username since a new password is auto-generated and sent to the account email. This can cause problems for billing systems like whmcs which connect to an account to create new sub-accounts and will stop it working. Ideally the password should not be reset but a link sent to the account email to then go and reset the password so only the account email owner can reset the password.

Q2. SRV records do not seem to be being created in bind? Are they not supported?



Answered question