> > >We need to enable SMTP AUTH for all of our clients -- we've found some
> > >device/person (IP) on the outside of our network spoofing emails to lists
> > >by the few users who are authorized list posters.
> >
> > However, I don't believe that will prevent people from sending mail to the
> > list using forged return addresses, since SMTP AUTH only applies to
> > outgoing (relayed) E-mail.
>
>In reply, doesn't IMail (SMTP AUTH) not allow email to be relayed unless a
>password is supplied during login? If that is true -- then how could
>someone forge a return address without having a password to send mail?
If you require SMTP AUTH, then users have to supply a valid E-mail address
and password. However, that only applies to *relayed* mail (outgoing
mail). For incoming mail (such as to a mailing list), SMTP AUTH is not
required (or else you wouldn't be able to receive any mail from anyone who
didn't have an account on the server).
-Scott
---
[This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]
This E-mail came from the Declude.Virus mailing list. To
unsubscribe, just send an E-mail to [EMAIL PROTECTED], and
type "unsubscribe Declude.Virus". You can E-mail
[EMAIL PROTECTED] for assistance. You can visit our web
site at http://www.declude.com .
