Don't send messages to a list with 'return receipt requested'.  Will 
cause a bit of traffic towards you when that happens.

Set up SMTP Auth and set all clients to use that on port 587.

If the sender was outside your LAN, you have a bigger problem if you 
allow unauthorized relaying through your server.

BTW, there is no mechanism in Surgemail to limit access via MAC 
address.  And you can only get the MAC address of those on your local 
LAN.  You won't get the MAC address from any connection outside your LAN.

Lyle Giese
LCR Computer Services, Inc.

On 09/11/14 22:12, Michael Parker wrote:
> Hello everyone.
>
> I   have   a   small work group of 15 people all of whom have access to
> mail.  Yesterday the logs showed someone used the smtp service to send
> 2000  emails  which lowered our senderbase.org score to -100 Poor. The
> logs showed the senders email address and ip address. Neither of which
> belongs to us.
> Now one  of  our  major government client's email system refuses our mail.
> Their tech lead me in the right direction.
>
> What  I  want  to  do  is restrict access to smtp services to the work
> group devices only. Is there a way to do it with mac addresses ?
>
> Best regards,
> Michael Parker
>