On Wed, Nov 24, 2004 at 08:57:17AM +0000,
Mark <admin(_at_)asarian-host(_dot_)net> wrote
a message of 62 lines which said:
the connecting IP address, for all purposes and intent, is a
trustworthy entity (see earlier posts about the difficulty of
hijacking a TCP/IP connection). You lose that certainty with
(unsigned) headers.
I've often read similar sentences but I believe they are wrong. True,
headers are unsigned. True, a spammer can forge a Received header at
will. But my algorithm still works: the Nth most recent Received
header *is* trustworthy (if N is choosen by someone who knows what he
does) because it was inserted by a trustworthy entity (if you don't
trust your ISP, you're dead, anyway). The spammer can insert old
Received headers but they are not the one you use.