Many systems allow any user to create a forwarding rule without any administrative oversight. Lack of control can create multiple problems:
- A data entry error may direct messages to a non-existent account. The user will lose all of his messages until the problem is corrected. If rejected message status is relayed back to the originator, the user may be permanently unsubscribed from information feeds that he values.
- A data entry error may direct messages to an incorrect account. The user loses his messages and the unfortunate recipient is buried in unwanted messages. His response to the unwanted message stream may lead to the server being blocked.
- The forwarding destination may create regulatory violations, if the forwarded environment does not provide the privacy controls required by law or regulation applied to the domain owner organization.
- The forwarding destination may violate company policies intended to protect against release of company-confidential information.
- The forwarding destination may be a malicious act by an insider threat to release information to unauthorized entities.
To prevent these errors, forwarding should be subject to administrative controls. Forwarding requests should require an email from the recipient account, confirming that the forward intent is acceptable. This also allows organizational policy to be reviewed prior to the forward being approved and configured by a system administrator.
SmarterTools provides an all-or-nothing approach to this problem. An installation can be configured to allow anyone to forward, or to prohibit everyone from forwarding. It is possible, with difficulty, to configure the equivalent of a forward when forwarding is disabled, but the process is complicated:
To forward from user1@domain1 to user2@domain2:
- Rename user1@domain1 to user1old@domain1
- Create an alias user1@domain1 with user2@domain2 as the destination.
- For email history, either configure the user with access to the user1old account, or migrate data from user1old@domain1 to user2@domain2.
It would be preferable to have additional options so that forwarding setup could be authorized to domain admins and system admins only, or to system admins only.