At 02:42 AM 9/3/2004, Meng Weng Wong wrote:
On Fri, Sep 03, 2004 at 06:25:21AM +0100, Graham Murray wrote:
My read of most ISPs is that they are willing to move in this direction if it proves necessary. Many ISPs are beginning to roll out (mandatory) SMTP AUTH. With that in place, halting cross-customer forgery becomes a much more likely proposition.
To be a little more accurate, SMTP AUTH does not prevent customers of an ISP or hosting company spoofing one another, but it does provide an audit trail, so the person doing the spoofing can easily be identified from log entries.