I am under request to produce a mechanism that will verify the origin and authenticity of a message received over a monitored mailbox. Now, the mailboxes are assigned by the company to the customer. in that, a request comes in, the customer wants to send data in by email transfer, I make a request to the exchange IT folks for a shared mailbox. that mailbox is given to the customer to send their data over which is monitored by established camel routes.
Now, my application is being reviewed for production deployment and under review they determined a security threat may exist if an erroneous person, robot, etc.. send out harmful emails or spam. when all the need to find/have or come across the name of the mailbox.
is there a way to verify the sender origin and its authenticity on a email delivered to a monitored mailbox? while not having to change code for every new and or changed customer. The other problem with this is that these mailboxes can change owners. in that a customers proof of concept period expires and they do not want to move ahead or a contract expires and frees up that mailbox, a new customer comes along and I hand out an available mailbox.
thank you!
you can also do something like using filtering or searchTerms. see this link Camel route to filter out the auto response emails
I do like the digital signatures. but if you need something immediate and can't rely on your customers IT team to instrument digital sigs, try filter or searchTerm.xxx