For mail sent via submission it's possible to prevent a forged mail-from, by using options on the submission service in master.cf.
It's also possible to prevent a forged header-from, by using a submission-specific cleanup service, as in the BUILTIN_FILTER_README. But these don't work for mail originating locally via the sendmail command. What does work for that? Thanks -- Nick
