Improve authentication capabilities of Spamcheck to cover self-managed multi-node instances

In the omnibus-gitlab implementation, spamcheck service will run over localhost, and thus doesn't require any authentication. However, users can technically run spamcheck on one VM listening on a public IP and GitLab on another VM. In that case, we currently depend on any third party authentication services to limit access to the spamcheck node, or external methods like IP blocking/allowlisting.

Feature Request: Can we implement the functionality in Spamcheck itself so that spamcheck can authenticate the incoming requests without relying on a separate mechanism.