I am looking into a system where one of the [virtual] mail accounts was compromised.
Apparently the account, once compromised, was used to send spam from overseas hosts. Since the company has no overseas users, they asked if it were possible to block outbound/relaying activity from all non-US IP addresses, even from authenticated accounts, while still allowing inbound SMTP from non-US IPs. And, of course, they would like to retain sending from US IPs from authenticated accounts. I am pretty familiar with Postfix, but this combination has me scratching my head. Is it doable? -- Thomas E Lackey
