I’m not sure what you’re asking here. Add the level of security needed by your application as it makes sense. I still really like to log everything and check signatures or whatever when I’m processing the message later on – but I’ve done those steps on receiving in some applications where it made sense, such as where there was a lot of malicious traffic. Hope that helps!