Indeed! And I do not know how to protect a mail server from faked headers! I mean you can just telnet the port 25 of a MTA and write whatever you want. Mail is a risk, remains a risk and will always remain a risk.

Since the transport is insecure, armor the message. See gpg (or the like) as one possible way to assist. It could be set up so that only a validly signed message from an allowed user can pass through.

I am not saying you have to go this route, just pointing out some weaknesses in the area of security, and this will probably be the last I say on this particular thread.

--MidLifeXis

Unless I am wrong, gpg protects the content of the mail, the so called body not the header sometimes called the envelope. Accordingly all header fields can be spoofed. Just imagine I spoof the Reply To: field of a mail. Depending on the case, you would respond to me and not to the sender of the email. Gpg will not protect you against this. It will just prevent me to read the message.

My best knowledge of this matter is: IPV6 is designed to protect email traffic. It supports encryption and certificates at protocol layer level. Unfortunately the only implementation of IPV6 I have seen until now are at Internet-backbone level. Most of the mail server still use IPV4 and do not implement encryption and certificates for a simple reason: you partially close your inbox if you do and so you might miss some emails of potential clients.

The best medicine against depression is a cold beer!