diff --git a/towncrier/newsfragments/2475.feature b/towncrier/newsfragments/2475.feature
index e84bc68a..d5340380 100644
--- a/towncrier/newsfragments/2475.feature
+++ b/towncrier/newsfragments/2475.feature
@@ -1 +1 @@
-Remove the strict anti-spoofing rule. In 2022 we should have other controls (SPF/DKIM) for dealing with authorization and shouldn't assume that Mailu is the only MTA allowed to send emails on behalf of the domains it hosts.
+Upgrade the anti-spoofing rule. We shouldn't assume that Mailu is the only MTA allowed to send emails on behalf of the domains it hosts... but we should also ensure that both the envelope from and header from are checked.