The Al Capone of the Info Highway says:
A while back, there was a discussion about how to fake a from address by telneting into port 25 in a site. Many people discussed the pro's and cons, but I wanted to know if anybody knows of a way to stop people from getting in there to send the message in the first place. Sure. Turn off mail to your site.
You don't have to go quite that far (almost, but not quite :-) You can do things like only accept your incoming mail via uucp, which has a whole different set of holes and limitations, but which is supported by a number of the major network suppliers. If you're on dialup access anyway, uucp is fine. If you've got a real IP feed, uucp-over-tcp has slightly more authentication than smtp, and can turn off anonymous access, but that basically means you're transferring your trust to your MX forwarder's security system, which presumably still speaks port 25. Bill