That's what we do, using the Reply-to header, in case people hit reply. But the From header (which is what users see) still has to be one of ours. This is a requirement of SendGrid, AWS SES, etc., and it'd look pretty spammy otherwise.
Also, I just checked the latest notification I received from Facebook (someone posted on my wall) and its headers were
Also, I just checked the latest notification I received from Facebook (someone posted on my wall) and its headers were