The gist of my idea / problem suggestions is this. Someone you know gets infected with a virus, the virus fires up its own smtp server, finds some poor souls mail server that allows relaying, and composes a message to: [EMAIL PROTECTED] from: [EMAIL PROTECTED] Since the destination for this is your domain, your mail server naturally has to accept it as local.. Most spam and virus are easy to identify because they come from outside sources, however when they start spoofing the from addresses as legitimate support staff then that convinces people that it is real and should be ran. Examples of these are in the new bagle.j virus.
Basically, my suggestions / question was whether or not SMTP AUTH could require auth for anyone sending mail from: a local domain(regardless of recipient), yet still protect the relaying functions that it already does. Although this would have no effect on a virus/spam spoofing someone elses email, it would protect your own domain users from being spoofed by other users in that domain. Danny ------------------------------------------------------- To unsubscribe please go to http://www.sambar.ch/list/
