So, assuming you can determine a caring provider, then ask them to be careful about 822.From rather than ask them to invent and insert some other user identifiable token.
It's fairly difficult to validate From lines when you have users with catchall domains, since they can use any address in their domain.
On a system like Yahoo, it makes perfect sense to lock down what the users can do, since your users are all strangers and when someone wants to do something unusual, you have to assume it's malicious until proven otherwise.On small systems like mine or my ISP, the management has a reasonably good idea who the users are, they rarely misbehave, and they have all sorts of funky setups with domains, web servers, scripts, or whatever, and there aren't throwaway accounts. I have no idea what addresses my users are allowed to use, but I add enough stuff to audit the mail in case of questions rather than trying to pre-validate anything that might appear on the From line.
R's, John
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html