Douglas Otis <doug.mtview@xxxxxxxxx> wrote: > > Martin Rex <mrex@xxxxxxx> wrote: >> >> MUAs which are not implementing the rfc822/2822/5322 "on behalf of" >> semantics of a message that carries both From: and Sender: header >> fields ought to be FIXED. Standards that build on rfc822/2822/5322 >> and do not respect "on behalf of" semantics of messages with >> both "Sender:" and "From:" also need to be FIXED. > > Merging Sender and From header fields by MUAs offers no protection > when actual sources of messages remain unknown. This is *NOT* about protection or authentication, this is purely about rfc822/2822/5322 message semantics. Something that has been well-defined and constant for decades. At the beginning of this Email there are two quotations with assertions of authorship. There really is no difference to the name in the From: field of an EMail that is carried with a different Sender (and envelope MAIL FROM:) through an SMTP transport system. There is no difference in semantics between the assertions above and the rfc822-header assertion in "From:", when an rfc822 message is transferred through an SMTP MTA system in an "on behalf of" scenario with a differing Envelope "MAIL FROM" & matching Sender: rfc822-header. -Martin