Index: modules/system/system.mail.inc
===================================================================
--- modules/system/system.mail.inc	(revision 26)
+++ modules/system/system.mail.inc	(working copy)
@@ -41,23 +41,50 @@
    *   TRUE if the mail was successfully accepted, otherwise FALSE.
    */
   public function mail(array $message) {
+    // If 'Return-Path' isn't already set in php.ini, we pass it separately
+    // as an additional parameter instead of in the header.
+    // However, if PHP's 'safe_mode' is on, this is not allowed.
+    if (isset($message['headers']['Return-Path']) && !ini_get('safe_mode')) {
+      $return_path_set = strpos(ini_get('sendmail_path'), ' -f');
+      if (!$return_path_set) {
+        $message['Return-Path'] = $message['headers']['Return-Path'];
+        unset($message['headers']['Return-Path']);
+      }
+    }
     $mimeheaders = array();
     foreach ($message['headers'] as $name => $value) {
       $mimeheaders[] = $name . ': ' . mime_header_encode($value);
     }
     $line_endings = variable_get('mail_line_endings', MAIL_LINE_ENDINGS);
-    return mail(
-      $message['to'],
-      mime_header_encode($message['subject']),
-      // Note: e-mail uses CRLF for line-endings. PHP's API requires LF
-      // on Unix and CRLF on Windows. Drupal automatically guesses the
-      // line-ending format appropriate for your system. If you need to
-      // override this, adjust $conf['mail_line_endings'] in settings.php.
-      preg_replace('@\r?\n@', $line_endings, $message['body']),
-      // For headers, PHP's API suggests that we use CRLF normally,
-      // but some MTAs incorrectly replace LF with CRLF. See #234403.
-      join("\n", $mimeheaders)
-    );
+    if(isset($message['Return-Path']) && !ini_get('safe_mode')) {
+      $mail_result =  mail(
+        $message['to'],
+        mime_header_encode($message['subject']),
+        // Note: e-mail uses CRLF for line-endings. PHP's API requires LF
+        // on Unix and CRLF on Windows. Drupal automatically guesses the
+        // line-ending format appropriate for your system. If you need to
+        // override this, adjust $conf['mail_line_endings'] in settings.php.
+        preg_replace('@\r?\n@', $line_endings, $message['body']),
+        // For headers, PHP's API suggests that we use CRLF normally,
+        // but some MTAs incorrectly replace LF with CRLF. See #234403.
+        join("\n", $mimeheaders),
+        // Pass the Return-Path via sendmail's -f command.
+        '-f ' . $message['Return-Path']
+      );    
+     }
+     else {
+      // the fifth parameter is not allowed in safe mode no matter what you set
+      // for the fifth parameter (NULL, '', ...), PHP will always 'complain' so
+      // this means bad headers when in safe mode, unless php.ini is set up
+      // correctly
+      $mail_result =  mail(
+        $message['to'],
+        mime_header_encode($message['subject']),
+        preg_replace('@\r?\n@', $line_endings, $message['body']),
+        join("\n", $mimeheaders)
+      );
+    }
+    return $mail_result;
   }
 }