Ian Eiloart wrote:
>
> You need to implement Message Submission Agent. Require users of
> fluid.com to use your mail servers. Require them to authenticate when
> sending email - with encryption of course. Provide port 587 for them, so
> that their ISPs don't intercept their email when sending from home.
As far as the fluid.com, that's all taken care of -- we do use
authentication, TLS/SSL, etc. All is well on that front.
What I have additionally is email coming from users sending from their
personal domains that are allowed; think 'frank@???' owns
'frank@???'; Frank is allowed (by my domains.trusted) to
send an email from his domain to a protected alias - say 'staff@???'.
So, what I want to maybe tighten down securely is somehow checking that
a spammer (sic) doesn't try to fake 'From: frank@???' using
$sender_host_address (or whatever); you know, use some sort of secondary
checking mechanism to ensure it really *is* Frank sending that email...
-te
--
Troy Engel | Systems Engineer
Fluid, Inc |
http://www.fluid.com