Hi.
I've written a tool for multiple companies to use. Rather than it send emails from my SMTP server (support@mydomain.com) I want to let them use their own SMTP server (support@theirdomain.com) to send emails from. I can store these settings in a SQL database. My question is:
I can retrieve them once at login, and store them in a session object which they can use each time they send an email. Is this secure?
Or
I could read the settings from the database each time they send an email (perhaps not as efficient?).
Thanks for any advice.