pop before smtp works like this, relaying is denied per default on smtp service when you login successfully via pop (read your mailbox), your ip is stored in a db file, it is a white list of ip adresses from which you are allowed to send mails, there is some cleanup so ip's should be removed after x seconds... sendmail is configured to check in this file if relaying is authorized or not, so login with pop virtually authenticates you, and enables relaying for your ip there are several problems, it is not really compatible with a distributed mail solution (multiple servers), it could allow relaying for many many users if an user uses an important gateway, the db needs some cleanup regularly to throw the old ip's away again smtp auth is THE best solution, but do it over ssl otherwise sniffing is a real risk ! CU Greg
For security and anti-spam reasons I´d like to implement some sort of POP3 before SMTP-policy so that only authenticated users can send mails.
How would the SMTP server, distinguish someone who has POP3 access?
Häää?