SMTP-AUTH
SMTP-AUTH extends SMTP (the Internet e-mail transmission protocol) to include an authentication step through which the client effectively logs in to the mail server during the process of sending mail. Servers which support SMTP-AUTH can usually be configured to require clients to use this extension, ensuring the true identity of the sender is known.SMTP-AUTH provides an access control mechanism. It can be used to allow legitimate users to relay mail while denying relay service to unauthorized users, such as spammers. It does not guarantee the authenticity of either the SMTP envelope sender or the RFC 2822 "From:" header. For example, spoofing, in which one sender masquerades as someone else, is possible even with SMTP-AUTH.
The SMTP-AUTH extension also allows one mail server to indicate to another that the sender has been authenticated when relaying mail. In general this requires the recipient server to trust the sending server, meaning this aspect of SMTP-AUTH is rarely used in the Internet. The recipient of an e-mail message cannot tell whether the sender was authenticated, so use of SMTP-AUTH is only a very partial solution to the problem of spam.
How the SMTP-AUTH mechanism works is described in RFC 2554.