Paul Hammant has just spoken up on ‘Did you send this’ – another weapon against spam?.
This is much needed (as are other ideas like this).
I just got hit by this recently. A set of penny-stock spammers started to use the domain for a company that does stock analysis. Obviously it makes sense to them. The real company IS to do with stocks, and DOES send out newsletters and updates to its users. As such, they can piggy back on a valid domain that can get through some spam firewalls.
There is nothing that we can do. Anyone can set From: to whatever they want, and we just sit here watching the millions of bounced emails come to us.
We need reverse DNS for email, so From: addresses can be verified.