Status Issue 013
Verify identity doesn't work properly
In verify identiy, the server checks to see that the user sending the mail is the same as MAIL FROM: in the event of an authenticated user. Unfortunately, we do not have a list of valid domain names for users to send from. Presently this information is in the mail listeners (which should not be used for this). Thus right now we're using the COMPLETE server name which is totally wrong (meaning you must say MAIL FROM: email@example.com instead of firstname.lastname@example.org)
Utlimately, this will probably be part of the Policy proposal. A good question is: "should the same valid @domain policy apply to all users??" -- meaning if I had one mail server and was allowed to put "MAIL FROM: email@example.com" or "firstname.lastname@example.org" should ALL users be able to -- or should this be specific to the user and not the server?
This also manifests itself in remote SMTP servers sending to local users.
I've fixed it sufficiently for M1 by adding a new concept of DomainGroups. We should revisit after M1 -[ACO|DOC-9023]
Create a domain group for it and assign to SMTP.