To my surprise I was able to send mail faking another user from my account.
That is After I Declared a new fake Identity as a
[email protected] which is a valid address
I was able to send the mail out ... there was no indication that the actual sender who sent the mail was me ...
In other words the receiving end cannot identify the real sender.
Ideas ?
Regards Harry
:o
look in the main config file, you can limit what people can change about their identity
You also may have a look on my 'checked_identities' plugin. It allows users to add as much identities as they like to have. A new identity is inactive until the user has confirmed that he is the owner of the email address by clicking a confirmation link.