On Fri, 14 May 2004, Mark London wrote:
That won't work from our site, because we have people constantly travelling to different networks, while still sending mail from @psfc.mit.edu.
You will want to set up SMTP AUTH, so wherever they travel to they log into your mail relay, authenticate, and send mail from there.
If you read the RFC's carefully, a mail server should not relay mail unless it can verify the return address, which means other relay servers should not be accepting mail with an @psfc.mit.edu return address and sending it.
We do have SMTP AUTH set up. But in order for this to work, we would have to force everyone to use our SMTP server, which not everyone is doing (some people using the MIT.EDU mail servers, for example). But I could do it.
However, I actually would prefer to restrict by username. Because I'm getting too much spam sent to invalid addresses here, which takes up cpu cycles, because they are scanned by spamassassin, before getting passed to cyrus, only at which point the username is deemed invalid and bounced. And then if the senders address is not valid, more cpus cycles are used trying to send the bounced to an invalid address.
Mark
