diff --git a/functions.inc.php b/functions.inc.php
index 3b0dea75..d8a3280d 100644
--- a/functions.inc.php
+++ b/functions.inc.php
@@ -773,17 +773,24 @@ function check_alias_owner ($username, $alias) {
 function list_domains_for_admin ($username) {
     global $CONF;
     global $table_domain, $table_domain_admins;
-    $list = array ();
-    // does $username need escaping here?
-    $active_sql = db_get_boolean(True);
-    $backupmx_sql = db_get_boolean(False);
-    $query = "SELECT $table_domain.domain, $table_domain_admins.username FROM $table_domain 
-        LEFT JOIN $table_domain_admins ON $table_domain.domain=$table_domain_admins.domain 
-        WHERE $table_domain_admins.username='$username' 
-        AND $table_domain.active='$active_sql'
-        AND $table_domain.backupmx='$backupmx_sql'
-        ORDER BY $table_domain_admins.domain";
 
+    $E_username = escape_string($username);
+
+    $query = "SELECT $table_domain.domain FROM $table_domain ";
+    $condition[] = "$table_domain.domain != 'ALL'";
+
+    $result = db_query ("SELECT username FROM $table_domain_admins WHERE username='$E_username' AND domain='ALL'");
+    if ($result['rows'] < 1) { # not a superadmin
+        $query .= " LEFT JOIN $table_domain_admins ON $table_domain.domain=$table_domain_admins.domain ";
+        $condition[] = "$table_domain_admins.username='$E_username' ";
+        $condition[] = "$table_domain.active='"   . db_get_boolean(true)  . "'"; # TODO: does it really make sense to exclude inactive...
+        $condition[] = "$table_domain.backupmx='" . db_get_boolean(False) . "'"; # TODO: ... and backupmx domains for non-superadmins?
+    }
+
+    $query .= " WHERE " . join(' AND ', $condition);
+    $query .= " ORDER BY $table_domain.domain";
+
+    $list = array ();
     $result = db_query ($query);
     if ($result['rows'] > 0) {
         $i = 0;