On Sat, Jan 16, 2016 at 12:31:47PM +1100, Russell Coker wrote:
[...] headers are merely comments. To treat them as anything different is just plain wrong.
Why are we having an argument about comments then? If they are just comments then it shouldn't be a big deal.
Unfortunately the RFC5322.From field is one of the few comments that MUST be present, which most MUA depend on to make the (claimed) author visible to the user. It's disappointing that MUA weren't expected to highlight authenticated authors instead (which they can already do with PGP and S/MIME), and like we do in the browser world with SSL/TLS authenticated servers. So rather than depend on MUA, the DMARC working group, along with the RFC authors from Yahoo and Google, for better or worse decided to ensure MTA took ownership of that responsibility instead. To make matters worse, they will not entertain any alternatives, as the RFC, and working group, clearly makes alternative fields (incl. "Sender") out of scope