On Sun, 30 Sep 2001 20:11:07 +0200 Clemens Hermann <[EMAIL PROTECTED]> wrote: > > Thanks a lot for your offer but perhaps I should setup a > test-environment to supply more detailled questions. > The problem I see is as follows: After someone has successfully > authenticated via smtp-auth he can send whatever he wants and you can > not use the from: header to relate a sent mail to a virtual domain. >
That's not limited to smtp-auth. Everybody can give any "from"-domain they want when they are allowed to relay. smtp-auth is only used to obtain the "relay allowed" state. The only safe method is always using the IP. Franky
