> On Oct 25, 6:44pm, Rich Brandwein wrote:
>> We're also not happy about the fact that people's user id's are being
>> grabbed off the host and inserted into the headers (and in fact their
>> entire email address will be sent if the email "from" is properly
>> filled out) FROM field, which is passed in *every* transaction with
>> no way to turn this off other than put "-" in the from address (or
>> "firstname.lastname@example.org" in my case
> This header has been in the HTTP 1.0 spec since the beginning, and
> other browsers have been sending this header without complaints.
> BUT, pending the discussion we had in Chicago I have turned the
> "From:" header off for future versions of Netscape.
A pity. I think you were doing the right thing here.