In message <p06020407bca227be1be3@[192.168.1.101]>, John Curran writes:
The reality is that the vast majority of email is handed off to a designated mail relay (whether we're talking about consumer connections or office environments), and if we actually configured connectivity in this matter, there wouldn't be a problem.
John, the problem is deciding who is an *authorized* email sender. For example, I own a machine in a random rack -- can it send email? The way I operate, it sometimes needs to -- I often set up tunnels to it from my laptop and from other machines in "banned" address ranges, and let it send my email. For that matter, it hosts several IETF and personal mailing lists. Now assume that someone in some strange and wondrous part of the world has a similar need. Are they authorized? According to whom? There have been a lot of authentication-based and filter-based schemes proposed, but I've yet to see a scheme that solves the authorization problem satisfactorily. Not everyone wants to (or is able to) entrust their email to a a Tier 1 ISP; if nothing else, the Tier 1s would charge for the privilege. --Steve Bellovin, http://www.research.att.com/~smb