1. You can Put SMTP Restrictions to allow mail sending only from Specific Mail IDS
2. You can Force Auth , when Sending mails . So when User Sends mail he/she has to Authenticate . In this case
whenever s mail is sent an AUth ID would be Logged and would be visible in Headers. So one can know who sent
an email , if this was not a Mail From ID that was supposed to be sent from.