Email spoofing is not completely preventable, since the basic protocols from email exchange don't verify anything.
This might help you decide: http://en.wikipedia.org/wiki/Email_spoofing
Which says historically: In the early Internet, "legitimately spoofed" email was common. For example, a visiting user might use the local organization's SMTP server to send email from the user's foreign address. Since most servers were configured as "open relays", this was a common practice. As spam email became an annoying problem, these sorts of "legitimate" uses fell out of favor.
I would think it is acceptable as long as the message is spoofed to a return address you would like people to respond to.
However, it would be more standard and appropriate to use email/pass. I suppose it depends on how difficult this would be in your situation, but if reasonably able, don't spoof.
You said: The emails are going out only to people who have specifically and explicitly requested the email, and it will likely be a small number of people (less than one per day).
If the email contents have perhaps a small footnote, I don't think it would be terrible. I have seen similar things from many companies. It's your decision.