Hi,
I'm using qmail in our system. Once we authenticated (using LDAP) to the mail server then we could send and receive email. But on the other hand if someone eg person A login to the mail system and then once he is authenticated then he can send email using for instance B@aaa.com instead of his email id which is A@aaa.com.
Is there any way that I can protect this to happen ? So A can only send email using his identity instead of other person identity ?


Thanks for the help

Which address is "faked" by A?
The envelope address or the address in the "From:" header?
The first normally is hard and maybe even not allowed.
The latter is often relatively easy and rather harmless.

thx,
A is faking B email address (which A & B is valid email address in the LDAP). The "From:" will be displayed as from B@aaa.com.
thx

So, it's just the "From:" header that is altered? I doubt if you can change that.
There are many possibilities to customize the from: header.
For instance, using command line sendmail, Tcl, possibly also PhP, etc.
So I doubt you can control them all...
For instance, using Tcl, you can easily send mails out to any mail server that accepts SMTP connections and you can set the From: header to whatever you want.

I suppose the only thing you can do is try to limit the access to mail servers, in order to make all mails pass via a few mail servers under your control. You may be able to configure the servers to modify the faked from: addresses (for instance, setting them equal to the envelope sender address).

In any case, I wouldn't worry too much about faked from: headers as long as the envelope sender address still indicates who really sent the mail.