If example.com is a bank and example.net is an ISP who is a
trustworthy party, would you trust an email for which example.net
claims responsibility if the From: shows an example.com author?
Of course.
See RFC 5016, Section 3.2 (Problem Scenario 2: Illegitimate Domain
Name Use).
If your point is that RFC 5016 is a very flawed base on which to build
a useful protocol, I entirely agree. I suspect that I'm not the only
person who now regrets ignoring it last summer.
R's,
John
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html