We discovered that when users attempt to send mail as another user through outlook it is denied unless they have specific rights to do this. Which is what we want. However if using tools outside outlook exchange allows the send from address to be anything. This is not very secure as I can easily send a message as another user using and SMTP mail connecter.
How can I correct his behavior. I do want it to allow SMTP mail as long as the send from address is permitted by that user.
Note this is local domain mail I am referring to. Outside our network it works as expected.