-----Original Message-----
From: Stephane Bortzmeyer [mailto:bortzmeyer(_at_)nic(_dot_)fr]
Sent: woensdag 24 november 2004 10:08
To: Mark
Cc: spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
Subject: Re: SPF lookup with intermediate ISP mail relay
the connecting IP address, for all purposes and intent, is a
trustworthy entity (see earlier posts about the difficulty of
hijacking a TCP/IP connection). You lose that certainty with
(unsigned) headers.
I've often read similar sentences but I believe they are wrong. True,
headers are unsigned. True, a spammer can forge a Received header at
will. But my algorithm still works: the Nth most recent Received header
*is* trustworthy (if N is choosen by someone who knows what he does)
because it was inserted by a trustworthy entity (if you don't trust your
ISP, you're dead, anyway).
I suppose one should trust their own ISP; fair enough.
- Mark
System Administrator Asarian-host.org
---
"If you were supposed to understand it,
we wouldn't call it code." - FedEx