> I can't see any advantage in double-authentication. SMTP AUTH is fine
> for webhosting, but it's not necessary for identifying your own dial-up
> clients.
And how do you identify your dial-up customers when they aren't dialed
up? i.e. on their company network or other connection.
That's the #1 reason people leave relays open, to support roaming users.
IMHO, smtp server ought to be a DHCP set configuration, so as always
to be handed off to the nearest server. In that case, IP restrictions work
fine; and would also make blocking port 25 outgoing not so problematic.
Adam
