There has been a hot debate going on in another thread, and there is one aspect that I'd like to see clarified. It was stated that '127.0.0.1' should never be trusted. Is this true ? Does security software commonly trust '127.0.0.1', which is usually the same as the localhost as I understand ? I've taken a look in my Spy Sweeper (version without antivirus), there it says under 'host file shield options': Address: localhost ; IP Address in Hosts File: -blocked- ; Correct IP Address 127.0.0.1 I'm not quite sure what that means. Does it block IP adresses in the hosts file other than 127.0.0.1, or does it block 127.0.0.1 ? In the past I have received some emails (with the Spy Sweeper giving real-time protection, but maybe it doesn't work for emails) with 127.0.0.1 at the bottom of the header, and the emails contained pictures, even though my Outlook Express does not display email in htlm. Couldn't that be dangerous ? Just looking for some clarification.