Verifying signed addresses


Work out whose address it is and if they use forgery protection
side-effect of routing

If address is used in MAIL FROM or in a bounce's RCPT TO
   it must have a valid signature

In a normal RCPT TO and the message header it must be unsigned