> From: Michael Deutschmann
> > Some honest users need to send mail with "From:" and envelope-from
> > different from $authenticated_id . For example, *-owner @ yahoogroups.com,
> > @ ieee.org - they don't offer outgoing relay, only incoming forwarder.
>
> Supporting that is problematic. If the user specifies a forged envelope
> sender and the recipient refuses it in-transaction, you will backscatter
> at that envelope domain.
The combination of forged+refuses+backscatter is caused by spamming.
The refusals are usually because spammers' email address lists
are very dirty (lots of nonexistent addresses).
Earlier in this thread I gave the link
https://github.com/Exim/exim/wiki/BlockCracking
That code checks rate of the refusals and will catch and block
the spammer or the password he stole and abused.