add Sender header to mails if custom From address is used

[driehle]

Programs that send mail on behalf of other user's mailboxes should alwas add a Sender header with their own mail address, according to RFC 822: https://tools.ietf.org/html/rfc822#section-4.4.2

Indico does not do this currently and simply sends out mail with the mail adress specified in the registration form settings. This leads to an increased probability of the (registration) mails being classified as spam mails, since many spam filters check if the sending mail server is related to the domain name in the From header (e.g., by DNS lookup or SPF rules). Therefore, Indico should use its own mail adress as Sender, which is most likely the no-reply address from the config file.

[ThiefMaster]

Not sure if the current solution is ideal.

In a perfect world we would never use a From header using a user-supplied email address, but thanks to mailing lists etc. we can't avoid doing so - otherwise we would always use one of the configured email addresses as From and set the user-provided email as Reply-to.

But I think there should be a new config option for the Sender header, which would be used whenever the From is not one of the configured email addresses. Going one step further, maybe it'd be better to have yet another config option to provide domains that Indico is authorized to send emails for (e.g. cern.ch in our case) and only add a Sender header if the domain in the From address is not in that list.

[ThiefMaster]

We'll eventually add something to avoid spoofing senders altogether (rewriting from to a generic one like noreply for domains the indico instance is not a valid sender for), since any kind of spoofing is becoming more and more likely to result in rejected or 'junked' emails. ==> closing this PR