If you're allowing SMTP mail (even from outside sites) it will be possible
to change the "from" field to whatever the user wants it to be, they just
need to find an SMTP server that enables open relaying.

Anything you turn off in outlook policies is just a client side fix. If
you allow mail from outside sites, there's nothing from stopping a user
from telling their mail client they are joeyourcompany.com.

If it's that important, you need to use some sort of digital signatures or
something of that sort.

--brian

> Maybe this has already been on the list, but couldn't find it. I'm
> trying to
> get rid of the From field in Outlook 2000/AD to prevent users from
> changing
> the original identity of the sender. The users can enter any identity in
> the
> >From field and send the e-mail as if it came from that user. Any help
> would
> be very welcome.

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]