SUMMARY

Some email From headers are forged to make them appear to be from a valid sender. The SMTP service can detect some common methods this is done, by checking for multiple or hidden email addresses in the From header.

DETAIL

To enable this setting a new Windows Registry key needs to be added:

 [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Mail Enable\Mail Enable\Connectors\SMTP]
"From Header Check"=dword:00000001

Restart the SMTP service for the change to take effect. When enabled, this will mark incoming messages as junk if there are emails that have a suspicious From header.