From Header Screening
This security feature modifies the "From:" header of incoming messages to cause the name-only portion of the header to contain both the name and email address. This is done to combat a common tactic used in spam and attacks where the message is made to appear to be coming from someone else. When displaying a list of messages, email clients commonly display only the sender's name rather than the name and email address. To see the email address, the recipient must first open the message or take some other action, such as right-click the entry, hover over the name, or the like. For this reason attackers commonly construct an email so that a legitimate person or company name appears in the visible portion of the "From:" header while an illegitimate email address is hidden. For example, a message's actual "From:" header might be, "Honest Bank and Trust" <lightfingers.klepto@example.com>, but your client might display only "Honest Bank and Trust" as the sender. This feature changes the visible portion of the header to display both parts. In the above example the sender would now appear as "Honest Bank and Trust (lightfingers.klepto@example.com)" <lightfingers.klepto@example.com>, giving you a clear indication that the message is fraudulent.
Add email address to display-name
Enable this option if you wish to modify the client-visible portion of the "From:" header of incoming messages to include both the name and email address of the sender. The construction of the new header will change from "Sender's Name" <mailbox@example.com> to "Sender's Name (mailbox@example.com)" <mailbox@example.com>. This only applies to messages to local users, and this option is disabled by default. Consider carefully before enabling this option as some users may neither expect nor want the From: header to be modified, even if it might help them identify fraudulent emails.
Put email address before name
When using the Add email address to display-name option above, enable this option if you wish to swap the name and email address in the modified "From:" header, putting the email address first. Using the example above, "Sender's Name" <mailbox@example.com> would now be modified to: "mailbox@example.com (Sender's Name)" <mailbox@example.com>.
Replace mismatched email addresses in display-names with real ones
Another tactic used in spam is to put a seemingly legitimate name and email address in the display-name portion of the "From:" header, even though it is not the actual sending email address. Use this option if you wish to replace the visible email address in messages like this with the actual sender's address.
Do not apply these features to authenticated messages
Check this box if you do not wish to apply the From Header Screening options to incoming messages that have been authenticated by MDaemon.
Exempt List
Use this option to add addresses to the From Header Screening Exempt List. Messages sent to the listed addresses will not have their "From:" headers modified.
