jumping in - I think OP is not understanding correctly what an open relay means...
SMTP on port 25 allows for unauthenticated emails to be sent to your own domain.
An Open relay is such that allows unauthenticated emails to be sent to addresses outside your domain.
If you authenticate on port 25, then you are allowed to relay.
So assume domain.net is your domain.
Anyone can connect to port 25 and send an address to any user @domain.net without authentication.
If someone connects to port 25 and authenticates, then that user can send any email to any address. This is because, once authentication happens, the IP is considered a trusted network.
What OP is interesting in doing (I think) is forcing end users to authenticate. Only feasable way to do it is by using the submission port 587. |