just ran into your query here (and I wonder if this question of yours still needs answering). If I understand you correctly, you would like prevent *internal* nonexisting users to send mail outside your organization.
One possible way of doing this is to set your internet mail gateway to not accept connections from any other servers from inside than your internal SMTP server (should that be different than the one you posted a connection screenshot on).
Your internal SMTP server should also not accept connection from other servers than the internal mailing servers (such as Exchange).
I'm not managing such an appliance any more so I can work from memory only :-) but if I'm not mistaken, there is the Permitted Domain list in the Email configuration section, where you can specify email domains and IP addresses from which the appliance accepts mail/connection from.
Refer also to the documentation on how to prevent unwanted relaying by the appliance.
I think there is not an option to specifically telling the appliance not to allow a given MAIL FROM: value (i.e. the "sending user"; meaning to check whether the sender email exists somewhere in a user AD record).
A workaround could be to set up a Windows IIS with an SMTP service and set it to use authentication on users, then set this IIS server as the SMTP server on users computers, also set this server to be the only server acceptable for the McAfee appliance and in any inbetween DMZ or other network filtering rules.
I hope I could help, if I did not please elaborate more.