> Many of these user accounts will no doubt be sending and > receiving email > from dial-up accounts, which limits the ability to deny service on a > per-IP basis. Suggestions for security, with pointers, please? I > already plan on SSL, I'm asking I guess more about open relay > issues in > this sort of setup. Also, these user accounts will not be > dialing into > an ISP that I control, but I may wish to allow them to use me as a > smarthost - does this seem foolish? I am undecided.
You could try to setup "pop-before-smtp". (apt-get install pop-before-smtp) :-) Any IP address trying to use your SMTP services for relaying will have to have authenticated through POP (or IMAP) a few seconds before. I know some ISPs use that, its not too much restrictive for users, since they can still use plain SMTP, not ESMTP. Hope this helps Vincent
