Re: Valididating From lines

Well, what I would say is that:

a) The From or Reply-to or Sender must be a real e-mail address responsible
for the posting.  (Can be via anon remailer)

b) A warning that many newsgroups, eventually most will insist that this
also be accompanied by *proof* that the address is real, or the user may
be subject to E-mail challenge/response or other verification steps before
a posting will make it out.

c) That proof can be a variety of things, including a digital signature
with the poster's certificate, with the poster's site's certificate
(at mostly secure sites like say an AOL) or a signature provided by
an intermediate.  The spec will provide ways of offering the proof, or
a statement that if the proof is not offered how to say that.  What
that actually means is an "authentication level" for the From: address.

Level 0: 	The poster typed it in
Level 1:	The posting site verifies the address is real to the
		extent of the posting site's security.
Level 2:	Certificate for user.  These certificates themselves
		have confidence level, based on whether they were issued
		by E-mail, after personal meeting, via web of trust,
		after DNA testing etc.	  They also say how recent the
		verification was etc.

There are other levels.