I didn't think any of the current methods used third party validation, which I think is needed to really control the problem. I don't know of, or if it would be possible even, to check the sending smtp server on your own. The closest I've seen so far is to make sure the sending server is listed as an MX record in DNS, but it is quite often the case where the incoming SMTP server is different from the outgoing, and the outgoing may not be listed. Also, it's only a minor effort for the spammer to get his box listed as an MX record.authentication/secure channels are already possible with SMTP. Jeff
I do agree with !Zed though, something's gotta give.
Mike
