Path: utzoo!attcan!uunet!cs.utexas.edu!usc!ucsd!ucbvax!agate!shelby!neon!lucid.com!jwz
From: jwz@lucid.com (Jamie Zawinski)
Newsgroups: comp.soft-sys.andrew
Subject: From and Sender fields
Message-ID: <2257@heavens-gate.lucid.com>
Date: 19 Jul 90 17:46:55 GMT
Sender: news@lucid.com
Reply-To: jwz@lucid.com (Jamie Zawinski)
Lines: 24


I think it's totally wrong to disallow the editing of the From field.
RFC822 says that From: is "the person(s) who wished this message to be sent"
and if From: differs from the authenticated sending agent, then there must
be a Sender: field which contains the authenticated agent.  My interpretation
of this is that editing the Sender: field shouldn't be allowed, but From:
should.  Also, the standard says that the From: field can contain multiple
addresses, in the case of multiple authors.

If forged mail is your concern, then just make sure that, if the From: field
doesn't contain the mailbox of the logged-in user, that a correct Sender:
field is added.  The CMU CS mailer does this...

When I had an andrew account at CMU, the main reason that I hated not being
able to edit the From: field was that the Powers That Be decided that my 
middle name should be in the passwd file, but I didn't want it in the From:
line.  Sure, this is trivial, but it really annoyed me that I couldn't change
it.

If you're still not buying it, then how about making it a site-configuration
parameter so that sites which don't have the user-maturity problems of a
university don't have to live with this restriction?

		-- Jamie