Bowie Bailey wrote: > Ok, so here is what I see as far as the mail path: > > - Sent from 24.249.175.230 ... untrusted > - Received by 68.99.120.79 ... trusted > - Received by pulsar.lfa.com ... untrusted (unless SA defaults the > local machine) >
If pulsar.lfa.com is untrusted, all headers will be untrusted. After all, an untrusted box is assumed to be able to forge headers, thus it could have forged the 68.99.120.79 header. Since you can't prove it's not forged by pulsar, you can't trust it. You really do HAVE to trust all your own mail relays. Anything else is just broken.
