On 15.10.16 20:13, Petr Bena wrote: > One of solutions that I proposed is an optional SA plugin that would > treat the email found in "From:" header as envelope sender and check > against that, raising the score or doing something if it failed.
A sending mail on behalf of B does not automatically imply illegitimate mail. There are whole businesses based on this (which DMARC acknowledges by the way). > you deemed this solution evil and something what should never be done > on any mail server, even if that mail server was used only by people > who don't care about mailing lists at all. That is not even close to what I wrote. Please read my message again, and don't misrepresent my comments in a sensationalist fashion. We're not having the U.S. presidential elections here. ;-) > So is there actually any other solution? That is what I am looking for, > and that is why I started this thread. Detection of sender domain spoofing is possible, to a degree, but I don't see how outright prevention would be possible. -Ralph