[Rspamd] ARC: Disallow login/domain mismatch

data/conf/rspamd/local.d/arc.conf

@@ -5,7 +5,7 @@ allow_hdrfrom_mismatch = false;
 # If true, multiple from headers are allowed (but only first is used)
 allow_hdrfrom_multiple = true;
 # If true, username does not need to contain matching domain
-allow_username_mismatch = true;
+allow_username_mismatch = false;
 # If false, messages from authenticated users are not selected for signing
 auth_only = true;
 # Default path to key, can include '$domain' and '$selector' variables