Bruce Lilly wrote:
Authorization in SMTP is determined administratively, either
based on SMTP AUTH
SMTP AUTH is authentication, not authorization.
Tony wrote "based on", e.g. as precondition for 2476bis 6.1
"enforced submission rights". Maybe unrelated to what you
talk about, but SMTP AUTH was often a source for confusion
on the spf-discuss list.
MTAMARK is IMHO much better than dial-up lists of uncertain
quality (it could be used to construct better lists), and
also better than obscure "block port 25" schemes instead of
a proper abuse desk.