Les Mikesell wrote:
Or that users in your domain use email as it was designed to be used and aren't nailed down to IP addresses... Yes, you can fix that with some large amount of work these days, but what's the point?
With the trunk version of QPSMTPD, it is trivially easy to configure SMTP AUTH (and TLS), so this argument is really not that strong. I'm biased because I'm managing a corporate network so I get to decide what the policy is (pretty much by fiat). However, it really isn't that hard to produce instructions for the major e-mail clients to use SMTP AUTH for all external computers (even if the intervening ISP blocks port 25).
John
