My Oracle Support Banner

Restrict Users From Sending Mails with modified "From" Address (Doc ID 3009620.1)

Last updated on MARCH 14, 2024

Applies to:

Oracle Communications Convergence - Version 3.0.2 and later
Information in this document applies to any platform.

Goal

Require a solution to overcome an issue where users from 3rd party MTA / Mail Server send email/messages with fake sender addresses (AKA Email Spoofing) via Convergence.

The same issue with Oracle Communications Messaging Server - MTA can be resolved by implementing the config/solution as documented in KM Doc ID 1465762.1

However, there is a need for a solution within Convergence that can avoid Email spoofing, so the mail sent from those 3rd party MTA can also be avoided/blocked.

Consider the following sample test case:

  1. Connect/login to Convergence as a test user (example: ‘USER’) using the browser
  2. Open the dev tool and go to the network tab
  3. Send an email
  4. Right-click on the corresponding POST request (https://<IP>:<PORT>/iwc/svc/wmap/msg.mjs?rev=3&sid=), and select ‘edit and resend’

Following is the original request body and corresponding headers and request details:

The mail with the fake from: address was delivered successfully.

Solution

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Goal
Solution
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.