> How do you get ASSP to pass the incoming mail to the MTA so it can > verify the sender before accepting the mail for delivery ?
I'm confused... If you are talking about *incoming* mail (ie, 'mail accepted for delivery', then you are NOT talking about OUTGOING mail. SMTP AUTH is for OUTGOING mail. RECIPIENT VALIDATION is for INCOMING mail. > I can put in false email setup ? What is a 'false email setup'? > and as long as I have it at one of my domains it will accept the mail. Oh - you mean 'forged from address'? Then what you need to implement is recipient validation. But - not having recipient validation implemented will NOT cause you to get on any blacklists, so you *must* be talking about two *different* problems. > THe MTA is set so that you have to require a POP or IMAP before > accepting for delivery, POP before SMTP is inherently insecure - *please* don't use that. Use smtp authentication - preferably with TLS encryption. > to authenticate the sender is a user of the system. > > or does this need to be on a seperate server ? to get this to work. No - you just need to do away with pop-b4-smtp and implement smtp auth - and possibly fix the misconfigured MTA - maybe it is not set to only accept mail for domains for which it is authoritative? By the way - you really should *not* be experimenting with something you don't know how to use on a live server... -- Best regards, Charles ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ _______________________________________________ Assp-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/assp-user
