Daryl C. W. O'Shea wrote: > > The situation still sucks though. I can't have remote users use ESMTPSA > to send mail through our servers (without stripping received headers > before sending the message) since they'll have a public IP.
Sure you can. At least, if you're using SA 3.1.0 it will automatically realize that any AUTH based transaction is coming from an "internal" user.