Does SMTP authorization check a user's from address before sending email? I'd like to make it impossible from someone with relay priviledges on my SMTP server to send email with forged "from" address. Is there a way to do this?
Yes, sendmail checks whether the domain in the from field is an actual domain name, and will reject anything that isn't with a "sender domain must exist" error. At least, this is how sendmail is set up on our RaQ2 and RaQ3.
Regards, Glen