In the Mendix Email Template module, changing the 'from' address is as simple as changing the 'From' string input variable for the IVK_SendEmail miroflow. You can use this microflow in different contexts with different 'From' addresses, including a variable like $Account/Email that could reference the person who hit 'submit' on your report.
However, I believe that crux of your issue is: does my SMTP server allow other applications to 'spoof' other users' email address when sending? In general, Email servers do not allow this because it creates a security vulneravbility. It could allow a malicious application to send spam while simulating real user's e-mail! It looks like Office 365 has an ability to delegate sending privilages, however, but reading through the documentation it sounds like special authentication is required. Here is the information I found:
If the above is not possible for you, and the use case is 'I want the person who gets the e-mail to know that the report was submitted by X' then can I suggest you either:
A) use a 'do-not-reply' email address to send the report to the Submitter's e-mail and have them forward it to the desired reciepient
B) include the Submitter's e-mail address in the body of the e-mail itself so the reciepient knows who made the submission
Hope this helps,
I think you want to set up an SMTP relay for this scenario. An authenticated relay is allowed to send email using any from address on your domain.
See here for details in doing that with Office 365. On the Mendix side, I believe you're still just sending SMTP mail to a specific server, which authenticates you as a trusted server and relays the message. It seems like you would be establishing trust using a certificate or a known IP address. The known IP option is possible with the caveat that your Mendix cloud IP could change. For the certificate option, without trying it I don't know if you'd need to adjust the Email module's Java code to make sure a certificate is provided.