I have checked several thread with issues similar to the following, but i donīt find a clear answer.
My server has auth TLS enable but also permit to send mail to my domain users without any auth. That condition could permit to any user from my domain send mail supplanting any another user of my domain (eg. using SMTP commands).
That is, for example, userA send a mail to userB as come from userC.
To avoid this situation i want to force auth before a user send mail.
It is possible??
(I know about a pop before smtp, but i donīt want install a additional tool to do that)