This security feature modifies the "From:" header of incoming messages to cause the name-only portion of the header to contain both the name and email address. This is done to combat a common tactic used in spam and attacks where the message is made to appear to be coming from someone else. When displaying a list of messages, email clients commonly display only the sender's name rather than the name and email address. To see the email address, the recipient must first open the message or take some other action, such as right-click the entry, hover over the name, or the like. For this reason attackers commonly construct an email so that a legitimate person or company name appears in the visible portion of the "From:" header while an illegitimate email address is hidden. For example, a message's actual "From:" header might be, "Honest Bank and Trust" <lightfingers.klepto@example.com>, but your client might display only "Honest Bank and Trust" as the sender. This feature changes the visible portion of the header to display both parts. In the above example the sender would now appear as "Honest Bank and Trust (lightfingers.klepto@example.com)" <lightfingers.klepto@example.com>, giving you a clear indication that the message is fraudulent.
From Header Screening
Add email address to display-name
Enable this option if you wish to modify the client-visible portion of the "From:" header of incoming messages to include both the name and email address of the sender. The construction of the new header will change from "Sender's Name" <mailbox@example.com> to "Sender's Name (mailbox@example.com)" <mailbox@example.com>. This only applies to messages to local users, and this option is disabled by default. Consider carefully before enabling this option as some users may neither expect nor want the From: header to be modified, even if it might help them identify fraudulent emails.
Put email address before name
When using the Add email address to display-name option above, enable this option if you wish to swap the name and email address in the modified "From:" header, putting the email address first. Using the example above, "Sender's Name" <mailbox@example.com> would now be modified to: "mailbox@example.com (Sender's Name)" <mailbox@example.com>.
Replace mismatched email addresses in display-names with real ones
Another tactic used in spam is to put a seemingly legitimate name and email address in the display-name portion of the "From:" header, even though it is not the actual sending email address. Use this option if you wish to replace the visible email address in messages like this with the actual sender's address. For example: "Frank's Company (frank@company.test)" <spoof@example.com> would be changed to "Frank's Company (spoof@example.com)" <spoof@example.com>.
Exclusions
Exclude messages from authenticated sessions
By default, messages being sent over authenticated sessions are excluded from the From Header Screening settings. Uncheck this box if you wish to apply these settings even when the session is authenticated.
Exclude messages from domain mail servers
Messages coming from one of your domain mail servers will be exempt from the From Header Screening settings by default. Clear this checkbox if you wish to apply these settings even for messages coming from those servers.
Exceptions - Domains
If you select a specific domain in the "For Domain:" drop-down list box at the top of the page when configuring these settings, that domain will be listed here after saving the settings. Click the View/Edit link for the corresponding domain to review or edit its From Header Screening settings, or click Reset to reset the domain's settings to the default Global values.
