not sure if this is a features request or already built into Pihole on some level but came across this article today about Cloudflare using DNS to prevent spoofing and phishing.
my initial thought is that Pihole can do the same with the blocklists, but the article talks about email headers and DNS and specifically,
- Sender Policy Framework (SPF)
- DomainKeys Identified Mail (DKIM)
- Domain-based Message Authentication Reporting and Conformance (DMARC)
don't know enough about any of this to understand if we as Pihole users protected in the same manner, but seems emails may need to route through Cloudflare to enable this feature?