This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

[Feature Request] Tie mail encryption to user account, not email address

If I have multiple internal users, I can't stop them from sending from one anothers address and the astaro will even sign it.

The better way would be to tie the encryption to the user's smtp login, so every user can only use his own from address and pgp key.

This thread was automatically locked due to age.

0 BAlfson over 16 years ago

With Exchange, that's an option chosen, I believe, in the configuration of the User in Active Directory. It seems like the Mail Server is the right place to make sure the sender and the are the same.

But, the Astaro proxy has to do a lot of things that a mail server does, so maybe it wouldn't be that difficult to add a checkbox to 'Authenticated Relay' for 'Only relay mail from the authenticated user.' That way, mail would not go out if it was from an email address not listed in the user's Astaro account.

Interesting idea!

Cheers - Bob
Cancel
Vote Up 0 Vote Down

Cancel
0 pgruber over 16 years ago

Yes, the right solution would be preventing your users from sending mails with the wrong account. This is a problem anyway, because a recipient can never find out the real sender. Neither can Astaro.
Cancel
Vote Up 0 Vote Down

Cancel
0 BAlfson over 16 years ago in reply to pgruber

Pgruber, it is possible to blacklist or whitelist a specific sender. It should not be difficult for the Astaro to refuse to relay an email from an authenticated sender unless the email's "From:" field matches one of the email addresses in the sender's Astaro user account.

Cheers - Bob
Cancel
Vote Up 0 Vote Down

Cancel