Quite a few phishing attacks involve accounts with "noreply" in the name.
So.
Block registration of accounts with noreply and inspect currently existing noreply accounts.
https://cdn01.theintercept.com/wp-uploads/sites/1/2017/06/nsa-russia-hacking-election-3-1496690296.jpg

~~ i can run a multi-billion dollar corporation better than the current lot ~~

it doesn't protect against protocol design issues
https://www.reddit.com/r/sysadmin/comments/3xiam3/how_are_we_supposed_to_stop_email_senderspoofing/
but
well
Snowden leaked information about a backdoored cipher, so everything else must be fine. DUAL_EC_DRBG wasn't used by anyone right?