On Mon, 24 Nov 2008 15:43:37 -0000, Victor Duchovni <Victor(_dot_)Duchovni(_at_)morganstanley(_dot_)com> wrote: And full marks to you for including the correct Reply-To in your message!
Since nested messages can and often are saved to external storage, and then opened as stand-alone messages, one should perhaps also be suspicious of messages not stored in the user's mailbox.
Headers in an included message are merely evidence of the state of that message when it was received. So, for example, if you are attaching it as part of a message to your MTA admin when discussing with him the goodness/badness of his service, then that header may be quite useful to that admin for working out what did/didn't go wrong during its original delivery. So, for sure, it should be left there intact. And if I forward to you a message that I have received, then you may well wish to inspect it closely if it looks suspicious to you, and you might even want to draw my attention to the absence of that header as evidence of your suspicions.
Messages (that have Authentication-Result headers) may of course also be found in NTTP posts, HTTP downloads, an so on. It is like difficult to close down all the side-channels which bypass the scrutiny of MTAs that remove forged Authentication-Result headers.
Some methods of authenticating messages (most notably DKIM) would be entirely appripriate for use over NNTP, and the news server that finally delivered it to you could quite properly add that header (having removed any such headers added by earlier servers in the Path). DKIM might well become fashionable as a means of authenticating Usenet articles, whether or not the Netnews standards ever get around to making it official. So you can't dismiss all such things as mere "side channels". -- Charles H. Lindsey ---------At Home, doing my own thing------------------------ Tel: +44 161 436 6131 Web: http://www.cs.man.ac.uk/~chl Email: chl(_at_)clerew(_dot_)man(_dot_)ac(_dot_)uk Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K. PGP: 2C15F1A9 Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5 _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html