From: Richard Welty <rwelty@???>
Date: Mon, 7 Apr 2003 12:44:07 -0400 (EDT)
trusting received: headers is pretty risky. the received headers in much
(most?) spam these days include a lot of forgery. about the only one you
can really trust is the one your own MTA generates.
My claim is that the MTA that is calling me has not been subverted by
spammers (if it were I could block it directly), but is not doing
spam filtering either. Therefore it will put on a Received header
that tells me the IP address of the host from which it received the
message. That is the IP I want to look up. I don't care if there are
also some forged headers.
Ken
