But there's another wrinkle in that the ability to redirect replies is
arguably a security risk.[*] Say an attacker forges a message from
someone's boss that tells its recipient to do something costly and
irreversible.[...]
Alerts are little more than a band-aid -- the real issue is the
need for authentication, avoiding the forgery in the first place.
authentication would be nice. but we should be hesitant to call it a
"need". nobody has ever figured out how to make computers understand
and faithfully implement trust relationships between humans.