How To Restrict Users From Changing the "From" Address (Doc ID 1465762.1)

Last updated on NOVEMBER 16, 2023

Applies to:

Goal

Version of Messaging Server being used:

# imsimta version
Oracle Communications Messaging Exchange Server 7u4-20.01 64bit (built Nov 21 20
libimta.so 7u4-20.01 64bit (built 20:15:52, Nov 21 2010)
Using /opt/sun/comms/messaging64/config/imta.cnf (compiled)
SunOS <HOSTNAME> 5.10 Generic_141445-09 i86pc i386 i86pc

We have a test user called "migration11" which does not have any alias mapped with it.
abcxyz@example.com is the mail address used when configuring MS Outlook.
migration11@example.com is the original mail id which exists in LDAP. 

abcxyz@example.com is not in LDAP, but if I am using Outlook and if I edit the mail ID field in Outlook with a valid email address that exists in LDAP, I can send email.  While sending the mail, Outlook connects to LDAP with the user ID mentioned in the Outlook configuration (i.e. migration11) and its password and does an AUTH with the MTA.  For this reason, the MTA allows the mail to be sent, even if the mail address is invalid.  When the mail reaches the destination, it shows as "From: migration11@example.com on behalf of abcxyz@example.com".

Users are abusing the system by modifying the "From" address in Outlook or by changing the email address in the Outlook profile.  For this case,  the "migration11" user should not be allowed to use an invalid email ID in the Outlook profile.  The problem with this scenario is that a user can use a valid mail ID of a high profile user, even if he/she is not authorized to do so.

How can we configure the Messaging Server to NOT allow these types of emails to be processed through? It would be nice to know how to do this for all users and also for just one specific user.

Solution