I have one client with about 150 users.  We have recently had problems with compromised accounts, and even after changing all passwords to unique ones, and getting the infected machines in the office cleaned, its still a problem.  I have used the SMTP blocks to block the Botnet as it is easy to identify on the SMTP login attempts.  But still a few get past.  What I would like is to be able to specifiy a list of IPs / IP CIDR that are allowed to SMTP Authenicate to send mail, and reject all others, and I would like to enable this on a per domain basis.