On Mon, 2004-12-06 at 07:39 -0800, Dan Wing wrote:
I personally agree but the consensus is that MASS only deal with
transitory authentication.
Hm. Surely the whole question of mailing lists is irrelevant then,
because we should only ever be trying to validate the _list_ address and
not the original author's address anyway?
If that's really a consensus which is set in stone already, then we're
insane to be looking at RFC2822 identities, since the claim that they're
'visible' is a complete fallacy if you're talking only of the most
recent identity which may be in a Sender: or Resent-From: header anyway.
We should be using RFC2821 MAIL FROM: for that.
--
dwmw2