Stephane Bortzmeyer a écrit :
The whole purpose of Sender-ID is to disclose the real email address
used for the last introduction of the message. This can conflict with
privacy expectations [...]
The problem already exists with the Received headers but the advice in
-core (7.5 "MUA implementers") to display the addresses used in the
PRA makes it stronger, IMHO.
Automatically adding headers like Resent-From and Sender, as mandated
here, may have privacy consequences for the users.
This is a valid and important concern that should be addressed.
Michel Bouissou <michel(_at_)bouissou(_dot_)net> OpenPGP ID 0xDDE8AC6E