Fixing the Sender SMTP issue
I'm dealing with a security issue in BO XI 3.0 (I think it's the same with previous version) .When you send a document via email and if you uncheck the default settings, you can enter any email address into the "From" Field. Even your CEO's address. The only condition is that this address exists in the SMTP directory.
After looking on the forum, it's seems that it can't be fixed with any CMC settings. So I'm trying to secure it via the SDK. Does anyone has already done this before?
I have 2 ideas, could you tell me which one seems the better for you ?
When the "send email" form is populated, the idea is to retrieve the email of the connected user and fill the "From" field with it.
What do you think of those solution? Feasibility? Risk ? Security?
Any help will be nice.