SPF is doing what it is supposed to. What I recommend you do, is to find the code and change it to suit your purposes.
For instance, you could programmatically change mailto:patrick@zill.net (my email address) to mailto:bounce-patrick+zill.net@yourdomain.com, then set up your mail server to collect all messages addressed to bounce* at yourdomain.com to go into a mailbox that you monitor to ensure that users are not abusing your server.
This is an interesting suggestion, but shouldn't there be a possibility to set the envelope sender to mydomain.com, and keep the user's address in the From header?