>Your concept is b0rken. Received headers can be forged just as well as
>any other header.
Not in my case. That is already accounted for. But irrelevant since that was
not the question.
>If you want to whitelist by sending MTA, why don't you just whitelist
>those MTAs via a check_sender_access or check_client_access restriction?
Only affects postfix, not the requirement
>I fail to see why anyone would want to do this kind of check in the
>backend when it can be done most easily in the frontend.
Irrelevant, that was not the question.
