> To summarize, we think SMTP Auth is the simplest and most useful way to > allow people to send mail through our outbound mail system, and we are > hoping to get some feedback from the community regarding this > perspective.
Yes and No. for 99% of our client base, we use SMTP auth. We have a couple enterprise class customers that we relay for that have a very defined IP set, which we use an exception file for (as they have their own user/logins on their side). I could probably go 100% without any critical impact. We have/had some software in place that would collect stats on outgoing rates per login and throttle/disable the account if it exceeded a particular limit, which means simply disabling the SMTP AUTH for that single account. I'd recommend it myself.
