Julian Mehnle writes: > Don't you agree on my understanding of a sender address (or source > mailbox) being the address (or source mailbox) the sender sends > from? If so, please state it explicitly, so I have something I can > argue against. :-)
Mail is not sent from any particular address at all; it is sent by a person or program. It is delivered to one or more addresses. The From: address and SMTP and envelope sender addresses are for human understanding and status reporting. Forgery generally means to create written authorization that shows false provenance. A user who indicates status messages should go to his own address is not forging that address, even if it is not an obvious address given the user's hostname. It probably is useful to perform checks on those addresses, to verify that the administrator of the domain allows the sender to claim an identity under the domain. If such an authorization check fails, forgery is just one possible explanation. Michael
