From: "Kevin M. Gallagher" <kevin(_at_)ageispolis(_dot_)net>
What do people today think of the SMTP RFC's current requirement that
mail programs and servers must not under any circumstances change or
delete Received: headers? Is exposing sender IP addresses to any
attacker who can view e-mail headers, for the purposes of preserving
trace information, really worth it when weighed against considerations
like security and privacy?
Received: headers are quite useful when you're trying to figure out
which mail server sat on the message for four days.
They're also useful when you're trying to figure out what sequence of
address rewrites got the message to you.
Dale