Why don’t SMTP servers just require all senders to be authenticated before accepting mail

Question

Why don’t SMTP servers just require all senders to be authenticated before accepting mail?

score 0 · Accepted Answer · answered Nov 25 '13 at 08:05

There are several cases where users of SMTP servers don't have an account with the service provider that they could use for authentication.

For instance an ISP or a mobile phone operator could allow you to use their SMTP server when using their services even if you are receiving the email from a different provider. In this case the user would be authenticated based on their IP address -- if the user connects from an IP within the ISP IP block, access is allowed.

score 0 · Answer 2 · answered Nov 25 '13 at 23:29

0

Also, SMTP servers which function as an MX for a domain (i.e. SMTP servers which handle incoming mail for a domain) need to allow incoming mail to users at that domain, without authentication.

answered Nov 25 '13 at 23:29

mti2935

11,465
3
29
33

Why don’t SMTP servers just require all senders to be authenticated before accepting mail

2 Answers2