dqnet
asked on
Sending From.
Hi Guys,
I don’t know if this is explicitly an Outlook question or an Exchange question.
Basically, when enabling the ‘from’ field in Outlook, users are able to put any user on the network there and send from that user. The recipient can’t tell who it really came from.
So basically, Tom can send an email from his account as Steve. When Dave receives the email from Tom, it appears to have come from Steve. Does anyone know how to prevent this feature and / or issue?
Thanks,
Raf
I don’t know if this is explicitly an Outlook question or an Exchange question.
Basically, when enabling the ‘from’ field in Outlook, users are able to put any user on the network there and send from that user. The recipient can’t tell who it really came from.
So basically, Tom can send an email from his account as Steve. When Dave receives the email from Tom, it appears to have come from Steve. Does anyone know how to prevent this feature and / or issue?
Thanks,
Raf
ASKER
Oh! Whoops!
Exchange 2003 with Outlook 2003 both with SP2.
Exchange 2003 with Outlook 2003 both with SP2.
Does the mail actually get delivered? You can choose any name you like, but if you don't have 'Send As' permission on the address you supply, then the mail delivery should fail.
ASKER
The mail actually gets delivered.
Locally for sure. I havent tried externally.
Locally for sure. I havent tried externally.
Have you tried this for other users? As Administrator, you may have the Send As permission configured at the Information Store level in ESM.
ASKER
Let me give it a shot.
Hang 10.
Hang 10.
ASKER
It works from every user!
:(
Every user can send as anyone else. All they have to do is stick another user in the FROM field.
I thought it might be down to the 'ChooseFrom' Application I installed, but I installed that and it still works.
Any ideas folks?!!?
Points increased to 400.
:(
Every user can send as anyone else. All they have to do is stick another user in the FROM field.
I thought it might be down to the 'ChooseFrom' Application I installed, but I installed that and it still works.
Any ideas folks?!!?
Points increased to 400.
Have a look in ESM, and find your Mailbox Store underneath the server. Haev a look at its Properties/Permissions tab. See if you can find a group (like Everyone, Authenticated Users, Domain Users) to which all your users belong shown in the perms table, and see if they have 'Full Access' or 'Send As' granted at the Store level..
ASKER
I just checked.
Basically, All the users on the network are currently Domain/Admins. I dont know if this should be a problem but I doubt it.
I checked the permissions and on the Storage group. It has Domain admins as Receive As and Send As set to Allow and set to Deny.
As far as I know the Deny should take control.??
Basically, All the users on the network are currently Domain/Admins. I dont know if this should be a problem but I doubt it.
I checked the permissions and on the Storage group. It has Domain admins as Receive As and Send As set to Allow and set to Deny.
As far as I know the Deny should take control.??
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Let me try from another user.
Hang 5 pal!!! thanks for all this help!
Hang 5 pal!!! thanks for all this help!
ASKER
Perfect!!! You were spot on!
The domain admins were able to send as/from but the domain users couldnt.
Could I just remove the domain admins privledge and let that propgate.
Should that be all it takes?
The domain admins were able to send as/from but the domain users couldnt.
Could I just remove the domain admins privledge and let that propgate.
Should that be all it takes?
If you absolutely need to have all your Users as Domain Admins (and I'm sure you wouldn't have done that without a good reason), then removing Domain Admins from the perms list would be worth a try. It would be a good idea to record any changes you make when it comes to permissions.
ASKER
Well, im removing the privledge from Active Directory under the 'Member Off' tab/field.
(When you right click a user and go to properties).
So ultimately not touching exchange at all... just removing the domain admin group from their username.
Should that be ok?
(When you right click a user and go to properties).
So ultimately not touching exchange at all... just removing the domain admin group from their username.
Should that be ok?
Oh, right. I thought you needed them to be Domain Admins. If you don't, then removing them from the group as you described is by far the best way to solve the problem. You should only make someone a member of Domain Admins if absolutely necessary, since it conveys all kind of permissions (as you have discovered).
ASKER
LeeDerbyshire. You are a STAR.
Thanks so much pal.
Thanks so much pal.
Which version of exchage and outlook u r using
Amit.