How To Restrict Users From Changing the "From" Address
(Doc ID 1465762.1)
Last updated on MAY 20, 2021
Applies to:Oracle Communications Messaging Server - Version 7.0.0 and later
Information in this document applies to any platform.
Version of Messaging Server being used:
# imsimta version
Oracle Communications Messaging Exchange Server 7u4-20.01 64bit (built Nov 21 20
libimta.so 7u4-20.01 64bit (built 20:15:52, Nov 21 2010)
Using /opt/sun/comms/messaging64/config/imta.cnf (compiled)
SunOS <HOSTNAME> 5.10 Generic_141445-09 i86pc i386 i86pc
We have a test user called "migration11" which does not have any alias mapped with it.
email@example.com is the mail address used when configuring MS Outlook.
firstname.lastname@example.org is the original mail id which exists in LDAP.
email@example.com is not in LDAP, but if I am using Outlook and if I edit the mail ID field in Outlook with a valid email address that exists in LDAP, I can send email. While sending the mail, Outlook connects to LDAP with the user ID mentioned in the Outlook configuration (i.e. migration11) and its password and does an AUTH with the MTA. For this reason, the MTA allows the mail to be sent, even if the mail address is invalid. When the mail reaches the destination, it shows as "From: firstname.lastname@example.org on behalf of email@example.com".
Users are abusing the system by modifying the "From" address in Outlook or by changing the email address in the Outlook profile. For this case, the "migration11" user should not be allowed to use an invalid email ID in the Outlook profile. The problem with this scenario is that a user can use a valid mail ID of a high profile user, even if he/she is not authorized to do so.
How can we configure the Messaging Server to NOT allow these types of emails to be processed through?
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!