Outbound SPF checking could accomplish what Adrián wants (i.e. applying
SPF checks to relayed messages, not just to incoming ones). An SPF record
for the "my-domain" domain with an "exists:..." SPF mechanism and a
correspondingly set up DNS server would be required, though.
Interesting. I was previously unaware of the exists: mechanism. You'd
still need a Courier filter that implemented SPF, since Courier does not.