The problem with the rfc2821.mailfrom address is that it often is
highly
UNrelated to the rfc2822.from. There might be a logical relationship,
but
nothing explicitly similar between the strings.
it's also the case that neither rfc2821.mailfrom or rfc2822.from
necessarily have anything to do with the location to which the message
was submitted. nor is it necessarily the case that rfc2822.from
identifies the person who submitted the message.
people often seem to want to cast this as an argument about which field
should be authenticated. overloading either rfc2821.mailfrom or
rfc2822.from is harmful. the right field to associate with the
identity of the originator would be rfc2822.sender except that that
field is so widely misused that it's useless in practice.
the right way to use rfc2821.mailfrom or rfc2822.from is not to ask "is
this the person who sent the message?" or "did this message come from
the right place?" but "did the originator have permission to use this
address?"