Solved

Sending From.

Posted on 2006-06-13
16
218 Views
Last Modified: 2010-03-06
Hi Guys,

I don’t know if this is explicitly an Outlook question or an Exchange question.

Basically, when enabling the ‘from’ field in Outlook, users are able to put any user on the network there and send from that user. The recipient can’t tell who it really came from.

So basically, Tom can send an email from his account as Steve. When Dave receives the email from Tom, it appears to have come from Steve. Does anyone know how to prevent this feature and / or issue?

Thanks,

Raf
0
Comment
Question by:dqnet
  • 9
  • 6
16 Comments
 
LVL 5

Expert Comment

by:Amitspeedstar
Comment Utility


Which version of exchage and outlook u r using

Amit.
0
 

Author Comment

by:dqnet
Comment Utility
Oh! Whoops!

Exchange 2003 with Outlook 2003 both with SP2.
0
 
LVL 31

Expert Comment

by:LeeDerbyshire
Comment Utility
Does the mail actually get delivered?  You can choose any name you like, but if you don't have 'Send As' permission on the address you supply, then the mail delivery should fail.
0
 

Author Comment

by:dqnet
Comment Utility
The mail actually gets delivered.
Locally for sure. I havent tried externally.
0
 
LVL 31

Expert Comment

by:LeeDerbyshire
Comment Utility
Have you tried this for other users?  As Administrator, you may have the Send As permission configured at the Information Store level in ESM.
0
 

Author Comment

by:dqnet
Comment Utility
Let me give it a shot.
Hang 10.
0
 

Author Comment

by:dqnet
Comment Utility
It works from every user!
:(

Every user can send as anyone else. All they have to do is stick another user in the FROM field.
I thought it might be down to the 'ChooseFrom' Application I installed, but I installed that and it still works.

Any ideas folks?!!?
Points increased to 400.
0
 
LVL 31

Expert Comment

by:LeeDerbyshire
Comment Utility
Have a look in ESM, and find your Mailbox Store underneath the server.  Haev a look at its Properties/Permissions tab.  See if you can find a group (like Everyone, Authenticated Users, Domain Users) to which all your users belong shown in the perms table, and see if they have 'Full Access' or 'Send As' granted at the Store level..
0
Integrate social media with email signatures

Is your company active on social media? Do you also use email signatures? Including social media icons in your email signature is a great way to get fans for free. Let all your email users know you’re on social media quickly and easily, in a single click.

 

Author Comment

by:dqnet
Comment Utility
I just checked.
Basically, All the users on the network are currently Domain/Admins. I dont know if this should be a problem but I doubt it.

I checked the permissions and on the Storage group. It has Domain admins as Receive As and Send As set to Allow and set to Deny.
As far as I know the Deny should take control.??
0
 
LVL 31

Accepted Solution

by:
LeeDerbyshire earned 400 total points
Comment Utility
I too, have Domain Admins/Send As/Allow and Deny , but it does not prevent send as for domain admins, so I guess that the operation of the usual Deny override isn't as obvious here as it is in NTFS.  I can only suggest temporarily removing a user from your Domain Admins group (or creating a new non-Admin user specially for the purpose), and seeing if they can still Send As.

Since all my Domain Admin accounts can Send As any user, then I am not surprised that you can, too.  Even with that Deny setting, which I also have.
0
 

Author Comment

by:dqnet
Comment Utility
Let me try from another user.
Hang 5 pal!!! thanks for all this help!
0
 

Author Comment

by:dqnet
Comment Utility
Perfect!!! You were spot on!
The domain admins were able to send as/from but the domain users couldnt.
Could I just remove the domain admins privledge and let that propgate.
Should that be all it takes?
0
 
LVL 31

Expert Comment

by:LeeDerbyshire
Comment Utility
If you absolutely need to have all your Users as Domain Admins (and I'm sure you wouldn't have done that without a good reason), then removing Domain Admins from the perms list would be worth a try.  It would be a good idea to record any changes you make when it comes to permissions.
0
 

Author Comment

by:dqnet
Comment Utility
Well, im removing the privledge from Active Directory under the 'Member Off' tab/field.

(When you right click a user and go to properties).
So ultimately not touching exchange at all... just removing the domain admin group from their username.
Should that be ok?
0
 
LVL 31

Expert Comment

by:LeeDerbyshire
Comment Utility
Oh, right.  I thought you needed them to be Domain Admins.  If you don't, then removing them from the group as you described is by far the best way to solve the problem.  You should only make someone a member of Domain Admins if absolutely necessary, since it conveys all kind of permissions (as you have discovered).
0
 

Author Comment

by:dqnet
Comment Utility
LeeDerbyshire. You are a STAR.

Thanks so much pal.
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

Utilizing an array to gracefully append to a list of EmailAddresses
Follow this checklist to learn more about the 15 things you should never include in an email signature from personal quotes, animated gifs and out-of-date marketing content.
In this video we show how to create a User Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Mailb…
In this video we show how to create a Shared Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Sha…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now