I work as an IT guy in a law firm. I am recently asked to make a system wherein all the outgoing emails coming from our server to our clients will be put on hold first and wait for approval before it gets sent to the client.
Our mail server uses Exim (that's what it says in cPanel). I am planning to create filters where the outgoing emails will be forwarded to an editor account. Then, the editor will review and edit the contents of the email. When the editor already approves the email, it will then get sent to the client by the editor but still using the original sender in the "From:" and "Reply-To:" field.
I found some pointers from this site => http://www.devco.net/archives/2006/03/24/saving_copies_of_all_email_using_exim.php.
Once the filters are in place, I want to make a simple PHP interface for the editor to check the forwarded emails and edit them if necessary. The editor can then click on an "Approve" button that will finally deliver the message using the original sender.
I'm also thinking that maybe a PHP-less system will be enough. The editor can receive the emails from his own email client edit them and simply send the email as if he is the original sender.
- Is my plan feasible?
- Will there be issues that I have overlooked?
- Does it have the danger of being treated as spam by the other mailservers since I'll be messing up the headers?
Update: (April 6, 2012)
The above questions are probably vague so here is a more specific question:
1. Can I possibly forward ALL outgoing messages going OUTSIDE our domain to be sent to another address and NOT to the actual recipient?
Best Answer
No, not really. The problem is (almost) anything in an email and email header can be changed and spoofed. Also anyone in your company can send email through any other server they like to (unless you block all their internet access, oh wait, you can't, they still have their smartphones etc.), seemingly coming from your company. If an employee in your company wants to avoid the scrutiny of the PHB they just use an outside email server (MTA).
You don't even have to worry about deliverability, say if the rDNS or EHLO greeting doesn't match the return-path. Just make the return-path's domain be the same as the outgoing MTA, but change the From: address to be from your company and almost everyone thinks it IS from your company.
Yes, always. It is a pointless exercise and it is trivial to circumvent. To avoid yourself and your co-workers any headaches you need to explain this to your PHB and convince her or him that it's the wrong way to go. There are better ways to approach this. But those lie more in company policy, educating and hiring the right employees, and specific regulations than in extreme (and easy to avoid) measures limiting one's freedom. These kind of draconian measures have a knack of biting you back in the long run, almost without exception.
Not likely. Anything in the headers can be spoofed and changed (see above). That's pretty much the standard, MTAs add and change things in the headers all the time. Whether you do it as a human, or create a script to change things, the MTA doesn't really care. As long as it is validated and accepted by the MTA it should not have much more of a chance to be marked as spam (within reason of course).
Anyways, I don't want to think any more about this truly horrendous idea. :-(