>>>>Thanks everyone for all the advice here. I finally was able to test my code yesterday using an email address hosted on Dreamhost (one I control, but wouldn't normally think to use for something like this). Once I filled in the right SMTP info, my original code worked and I've been able to move forward in giving my client what he needs.
>>>
>>>And what was the sticking point, i.e. the cause?
>>
>>I think just different ISP's rules. I needed to keep trying until I found an SMTP server to test with that didn't require some complicated extra steps in validating, but would let me sent with just the sender's log-in credentials.
>>
>>And yes, I'm aware this means that my client's customers may run into issues, but we'll cross that bridge when we come to it and with luck, IT people will get involved to set up what's needed to allow them to have the application send email.
>>
>>Tamar
>
>The problem is simple: You run a server on a static IP and are trusted: SMTP will run without credentials. The system trusts your serve, that the server cares about validation etc. But not on 25 and unprotected.
>Or you are a "user" then you must validate against the system - some server providing your mail address.
>
>If anybody could spam any server with SMTP, it would be unbearable. The mail envelope is just some characters, the basic mail system trusts this information. abuse on a silver plate. So for that you must validate against the SMTP server - and the server will check that the envelope fits to your credentials.

But what started me down this path was that even on an appropriate port and with credentials, the SMTP server for my primary email wouldn't let me send this way. It wanted some much more serious authentication than just sending the right credentials.

We'll see how much of an issue stuff like that is for the client's customers. (The app is a vertical.)

Tamar