Actually, this sieve capabilities is similar function with email forwarding in MTA level. One exception is the copy
parameter in sieve can keep email in user inbox while at the same time forward it to another email.
The forwarding email won't modify sender where the emails come from, it just modify the recipient envelope address. Usually the forwarding mechanism clashes with anti-spoofing mechanism like SPF. So, the redirect and copy method in sieve inherited same problem with forwarding.SPF documentation proposed the SRS for tackle this problem.
SRS or Sender Rewriting Scheme will rewrite sender address to your domain. Usually SRS was done in MTA level when delivering process. There is a thread in SF about implementing SRS in postfix.
How Big Providers handle email forwarding regarding this spoofing issue?
As security measure, if you setup forwarding address GMAIL will send email to verify the existence and prove that you are the owner of forwarding email address. Now, suppose that you have verified external@example.com as forwarding address of myuser@gmail.com. After verification success, GMAIL will forward email and alter the sender so it become something like myuser+caf_=external=example.com@gmail.com
.
In Yahoo setup, you have to confirm forwarding address too like GMAIL. The difference is Yahoo won't attempt to rewrite sender as GMAIL. In other words, Yahoo is spoofing the sender domain like your scenario above.
Additional Note:
GMAIL suggest that you don't alter sender address when forwarding. Snippet from their support page Best practices for forwarding mail to Gmail
We recommend that you do not change the envelope sender when forwarding email to Gmail. Sometimes, when forwarding email, the envelope sender gets changed to your domain. When this happens, Gmail may learn that your domain is sending spam, and will treat other emails from this domain as spam as well.
Alternatively, changing the envelope sender is ok if you do one of the following:
- Put "SPAM" in the subject
- OR discard any spam emails and not forward them to Gmail at all.