Excerpts from Karen Cravens's message of Wed Jan 06 11:29:15 -0500 2010:
> Depends on what you mean by access control.
I mean what the OP said he was using it for: running various commands when
messages are received.
> You'd still want E::A to parse it properly, if only so you can test for
> "If the comment is a valid email address, but doesn't match the
> bracketed email address, it's spam."
I'm not talking about whether or not this is a bug in E::A; I'm addressing the
design (flaws) of using E::A specifically and From header parsing generally to
do this kind of authentication.
(It probably is a bug, but I have no good suggestions for resolution.)