Hey Kyle. I think you misunderstand what's happening on this server.
I host many websites, and they all have emailing capabilities (contact form, dynamic forms, bulk emailing ala Constant Contact) that use my bulk email server, using SM latest version, licensed. All websites hit this bulk email server with the same login / password, and send From: a single email address (not the login one, for security sake).
This bulk email server is not a general use email server. There is only one email account that is used by all websites for sending emails.
As a side note, I see continuous login attempts by IPs all over the planet, which I would love to block, if possible, while still allowing the world to send bounces back.
The problem is that all traffic uses SMTP:
o My CMS sending email
o Email servers out there sending bounces
o Hackers trying to send email through my server
I was hoping that by setting Require Auth Match to Email Address I would instantly block all incoming hack attempt traffic, but it actually stopped my CMS from being able to send out legitimate emails.
So, the question is, can I blacklist the world from using my bulk email server as a transmission point, while still allowing the world to send me bounces? Again, both use SMTP.
Perhaps you could add a new security feature that black/white list IPs for logging in purposes, and also black/white list IPs for general email reception.
That would stop hacking cold, while still allowing for bounces to be delivered.
The only other thing I can think of is setting up another bulk email server, just for sending emails, and blacklist the planet while whitelisting my CMS. I could then have this other bulk email server just for receiving bounces, and have the one email account Disabled (allow mail), which we can use the APIs to Enable and Disable as we automatically check for the bounce emails.
BTW, the link you sent is for version 15, and the steps did not match how 17 works. Build 7776 (Apr 16, 2021)