This has been an issue for a long time and the obvious solution doesn't seem to work. Trying to block emails that use a bulk sender such as amazonses, salesforce, aliyun, etc. doesn't seem to care what the from email address is and you can't block those entirely via EHLO without affecting legit traffic. What I'd expect is that if I add an email or domain to the SMTP block list that it should in fact block incoming emails from them but instead they go right through because I don't think the from email address is being checked against the SMTP block list (maybe only checking the Return-Path?). I imagine the best solution would be to check against From, Reply-to and Return-Path if the fields are available and then if the email or domain such as *@spamdomain.com is found, block it.

It's extremely frustrating to get spam or scam emails, look at the from email, add it to SMTP block to protect all users of the server and they can slide right back in because the block doesn't care what the from address is and you can't block salesforce/amazonses etc. entirely either.

Am I missing something?