edit: after finishing this post I was completely confused, but did not want to delete the post, as maybe someone can give me a link to further read about this. P.S. please do not let yourself get confused by my writing, I don't understand it myself ;-) completely Hi guys, lets asume I have domain1.de = web1 and domain1.com = web2 hosted on my server. there are user web1_user1 and web2_user1 activated. now if web1_user1 sets up his mail client to use his real credentials to login but sets his name as web2_user1 and his email address as [email protected] it wil work. I am not sure if I made myself clear: what I mean is this: because both domains are hosted on the same server a user of one domain can safely send emails through my server setting any [email protected] of this server. I mean this sounds wrong to me. shouldn't it be like this: if my server gets an email to be sent he shoud check if the user is allowed to set that specific sender address? Isn't this what is called relaying or am I getting something wrong? I mean to me it looks like a small version of relaying because only existing users on the serevr are able to relay and only faking of email addresses on the server are allowed ?