users should be able to set the From field on a per-message basis.
(it's not forgery if the address belongs to you)
In at least some situations, using a "work" address in messages
sent from "home" or vice versa or similar dichotomies would
likely be looked upon with a jaundiced eye; far worse in some
cases.
Yes, that's true - but I don't think it's up to the mail system
to enforce such rules, any more than I think it's up to the
snail-mail postal service to check whether a residental customer
is sending out mail on company letterhead.
Now you might say "forge From" instead of using Reply-To, but that
won't work with some times of authentication and spam filtering.
most forms of spam filtering are too broken to use anyway. and any
authentication mechanism that restricts the setting of From is
broken. From is clearly not intended to be used for that purpose.
In some cases, the setting that affects the From header field also
affects SMTP MAIL FROM, and that is sometimes (rightly or wrongly)
used as a weak form of authentication.
The reason we're having these problems is because of overloading
of various fields - reply-to, from, sender, mail from - to the
point that they've become ambiguous. I suspect we're not going to solve
the problems without discouraging some of the overloading. And that
in turn probably means we'll have to define some new ways of doing
some of the things we used to overload these fields for.
Keith