Another idea in the opposite direction:
A local-part fix up might be to use RFC7508 encrypted headers to repair the
FROM and SENDER email addresses to their canonical form.
If you mean the canonicalization rules in section 4.3, they're borrowed
from DKIM and only change white space. It also references RFC 5750 which
Receiving agents MUST check that the address in the
From or Sender header of a mail message matches an Internet mail
address, if present, in the signer's certificate, if mail addresses
are present in the certificate.
but it doesn't say what "matches" means.
ietf-smtp mailing list