MX isn't always the authenticating server.

As an ISP owner of 10+ years, this is a useful mod, except for one issue (which the other imap_auth takes care of). I would guess that most ISPs MX records are not always the actual server where mail is delivered and users authenticate to. In our case we have at any given time from 3-5 front-end MXes (for god awful spam filtration) that then passes the mail to the internal server. Specifying the mail server (or in your case IP) the user authenticates to, but then changing the authentication to a different server by looking up the MX causes the module to authenticate on the wrong server. I'm not sure what the reason is for this? Security maybe? Regardless, there probably should be an option to not do a lookup and switch authentication to an MX. It was easy enough to get around to by always making the lookup use "mail." . $domainname as the host.

Anyways, thanks for the module, really helps out. I would also recommend if this is used to also install the user_protect module and set it so no edits are allowed as they are basically meaningless and username/password mods would of course put you out-of-sync from the mail server. Removing the "forgot password" also is recommended.

Thanks again.