I did find one statement relating to header order:
RFC-2821, Sect 4.4 Trace Information
An Internet mail program MUST NOT change a Received: line that was
previously added to the message header. SMTP servers MUST prepend
Received lines to messages; they MUST NOT change the order of
existing lines or insert Received lines in any other location.
That still leaves open the question of whether we should follow strict chronological order within our block of headers, or establish some kind of "canonical form" with the Received line always at the bottom of the block. We certainly won't mess with any existing headers, even if they are out of order.
I don't understand what you mean by "mark reciept of the mail twice .. from different IP addresses". There is only one IP address in the three header lines I added - 64.191.210.175. In this example, authentication is done when we first get the request for a mail session: HELO this is pco-iraq.net, transmitting from 64.191.210.175 in the heart of sunny Baghdad
. At this point no messages have been received. If pco-iraq.net is forged, we reject the entire session.
Receipt of the messages occurs *after* this authentication check. Each message is marked with the same X-Authent header, a different Received header for each message, and possibly other headers, if for example, the message is routed through a spam filter, or additional authentication checks (SPF, DKIM, etc.). If the sender is whitelisted (authenticated and reputable), the messages go straight to the recipients inbox. In that case all you will see is the X-Authent header, and a Received header. In this example, we had no ratings on pco-iraq.net, so it went to the spam filter, and the X-SpamScore shows it was clean.