--- qmail-smtpd.c.orig	2009-12-16 00:09:42.000000000 +0200
+++ qmail-smtpd.c	2009-12-16 00:20:34.000000000 +0200
@@ -1,3 +1,4 @@
+#include <sys/stat.h>
 #include "sig.h"
 #include "readwrite.h"
 #include "stralloc.h"
@@ -346,6 +347,7 @@
   out("250 ok\r\n");
 }
 void smtp_rcpt(arg) char *arg; {
+struct stat st;
   if (!seenmail) { err_wantmail(); return; }
   if (!addrparse(arg)) { err_syntax(); return; }
   if (flagbarf) { err_bmf(); return; }
@@ -356,6 +358,22 @@
   }
   else
     if (!addrallowed()) { err_nogateway(); return; }
+/* This small patch compare mail from value and smtp auth username. 
+* if they are not identical,  the mail will not be relayed!
+* This control will be ignored, if the remote IP is defined in tcp.smtp.cdb
+* create/delete control/checksenderauth file to enable/disable this feature
+*  - Developed by Endersys Ltd R&D Team - http://www.endersys.com 
+*/
+  if ((stat("control/checksenderauth",&st) == 0) && (remoteinfo)) { 
+
+ /* remoteinfo:username issued during the smtp auth state
+ *   mailfrom.s: From value issued at mail from: state */
+ 	 if (str_diff(remoteinfo, mailfrom.s))  { 
+          	out("535 Mail From address and SMTP-AUTH username does not match (#5.7.1)\r\n");
+       		return;
+    	}
+ }
+
   if (!stralloc_cats(&rcptto,"T")) die_nomem();
   if (!stralloc_cats(&rcptto,addr.s)) die_nomem();
   if (!stralloc_0(&rcptto)) die_nomem();