Wich user sent a e-mail from a shared account in MS Outlook 07 using MAPI in Exchange Server
Posted on 2011-03-15
We need to know the user who sent us a message from a shared exchange account :
TESTE (firstname.lastname@example.org) is the account name of our team member mail account. There are 20 people that have access to it and can send e-mails from it. When someone receive a mail from this team mail account, the sender´s identification name is always from "TESTE <email@example.com>", but as the sender´s usually signs at the end of the message the name, no big deal. The problem is when the sender (user) intentionally don´t sign the message, and the recipient can´t know who sent it (there are 20 possibilities).
As all of the 20 people that could send messages from firstname.lastname@example.org have to authenticate to mapi, maybe it will be possible to check which user sent it on some logs....we just need to know who was the user.
Below is the e-mail header we received from the unknow user (we got it from MS Outlook message proprieties):
Received: from SDC1RI00EVS03.xpto.local ([fe80::39cb:6a9d:fbef:aee3]) by
SDC1RI00ECH01.xpto.local ([22.214.171.124]) with mapi; Mon, 14 Mar 2011 15:02:07
Content-Type: application/ms-tnef; name="winmail.dat"
From: TESTE <email@example.com>
To: Salgado <firstname.lastname@example.org>
CC: Gois <email@example.com>
Disposition-Notification-To: TESTE <firstname.lastname@example.org>
Date: Mon, 14 Mar 2011 15:03:03 +0000
thaks for your interest,