The Problem
Currently, any user can send an outbound fax using any other user's or department's fax identity within the platform. There are zero restrictions on the "From" field, creating a massive identity spoofing vulnerability. The only current fix is completely disabling fax capabilities ("Voice Only"), which is highly impractical.

The Risk
Fraud: Unauthorized employees sending faxes as executives or investment bankers to authorize wire transfers or legal agreements.

Data Leaks: Spoofing the HR department to distribute or leak sensitive personnel information.

Compliance Failure: Lack of auditability and non-repudiation for highly regulated industries (finance, healthcare, legal).

The Requested Solution
Implement Role-Based Access Control (RBAC) for outbound faxing with three main requirements:

Default Lockout: Users should automatically be restricted to sending faxes only from their own assigned number.

Delegated "Send As" Permissions: Admins must explicitly grant permission for users to fax from shared lines (e.g., HR, billing) or executive lines (e.g., an assistant on behalf of a VP).

UI Filtering: The app's "From" dropdown menu must only display numbers the user is authorized to use.