Right now we're using Dovecot for sieve filters. Good old fairly standard config: https://mxbin.io/N6hDUi
I'm hoping someone has an idea, but I think I'm probably on my own here. The problem is that this is the best solution to preventing people from spoofing external senders when creating redirects to external recipients:
sieve_redirect_envelope_from = recipient
But also, as great as this is, it kind of sucks because users continually insist on receiving spam and phishing emails. When a user sends a phishing email, I step in to make sure our network isn't being abused. That's how we do what we do for high quality inbox delivery, we police the hell out of our network. So my problem is I end up with all of these users that I need to review every day, only to find out they just created a redirect filter and "redirected" a phishing email.
So my long winded question is, how can I disable redirect filters? I don't want users to be able to create them. But I want them to have access to the rest of the functions of the sieve filtering. Is this possible, or would this need to be an entirely new function contributed to the project's code?