You are using SMTP. It's a problem with the protocol, not the server. It would be possible to check using a courierfilter that the From: header was from your server, if the top Received: header has the AUTH keyword.
Generally enforcing the "From:" header to be within a hosted domain doesn't make much sense. The "From:" header only contains the sender's address if there's no "Sender:" header. Generally, checking the *envelope sender* (from the message control file) is a better idea.
Generally there's no Sender: header on personal emails. Lists often use them, but most MUAs don't. I know my mail client doesn't even listen to it, much to my annoyance. Bug reports have been filed :)
People who want this sort of control are more likely to be worried about the From: header, as that's what shows to the receivers of the e-mails. Considering that, the envelope sender makes little sense to check, as it has no relation to the MUA's From: header. Normally MUAs link them, but they don't have to.
--
Phillip Hutchings
[EMAIL PROTECTED]
http://www.sitharus.com/
smime.p7s
Description: S/MIME cryptographic signature
