Hi !!
that's what we were doing, but we relized that there is
people publishing spf records that allow a entire hackeable
dsl/cable zone to send mail from a given domain, regardless
of the real existence of a real mailer in such this computers.
And if said cable ISP allows only their own servers in the SPF record, then
someone can hack those DSL/cable computers, and then connect from there to
the ISP's SMTP server and still spoof the cable ISP's domain.
well, it's suposed that the isp own servers require at least smtp auth
and by now i never seen any spam comming from a hacked computer that
used smtp auth.
No way to
avoid that unless the ISP requires SMTP AUTH (which is rare),
rare ? well, here in spain what is rare is that any isp does not use
smpt auth.
and even then,
a clever hacker could probably obtain the hacked person's login info
somehow...
i think it's not possible for a virus to get the username/password
from the hacked computer.
--
Best regards ...
If little else, the brain is an educational toy.
----------------------------------------------------------------
David Saez Padros http://www.ols.es
On-Line Services 2000 S.L. e-mail david(_at_)ols(_dot_)es
Pintor Vayreda 1 telf +34 902 50 29 75
08184 Palau-Solita i Plegamans movil +34 670 35 27 53
----------------------------------------------------------------