There is one interesting question - do we let the sender
specify which
identity he is using or not?
We can't its a non starter.
If the sender is impersonating any other party at either the 821 or
the 822 level and there is not a mail relay situation going on the
message is not legit and should be scrubbed.
The 'sender' does not get to choose anything. The only parties that
have choice here are the domain name controller and the receiver.
Conflating 'sender' and 'domain name owner' is a big mistake. They
are the two entities we are checking for equality.
Phill