The idea sounds good to me.
Laird Breyer writes:
For example, if the topmost Received: line (at M3) is
Received: from 185129182.virtua.com.br (185129182.virtua.com.br
[200.185.129.182]) by smtpin-3211.bay.webtv.net (WebTV_Postfix+sws)
with SMTP id 7280B11DCC; Fri, 5 Mar 2004 19:00:48 -0800 (PST)
then a Processed: header of the form
Processed: name="SpamAssassin"; location-ip="1.2.3.4";
version="2.63"; function="spamcheck";
auth-received="7280B11DCC"; result-tag="spam";
is guaranteed to have been added *after* the Received: line was
inserted in the message, ie at or after M3. Such a Processed: line is
unforgeable, unless the auth-received value can somehow be predicted
with high probability.
Actually, the spammer only needs to try harder. If he can predict it
with 1% accuracy, he only needs to deliver 150 spams to have 80% chance
of passing the test. I've seen spammers try much more than 150 times.
But since the receiver can make predicting arbitrarily difficult, I
think it's okay. SMTP receivers seem fairly eager make life difficult
for spammers. Quelle surprise.
Arnt