With NAT or TPROXY intercepted traffic Squid may pass the request
directly to the original client destination IP or seek a faster
source using the HTTP Host header.
Using Host to locate alternative servers can provide faster
connectivity with a range of failure recovery options.
But can also lead to connectivity trouble when the client and
server are attempting stateful interactions unaware of the proxy.
This option (on by default) prevents alternative DNS entries being
located to send intercepted traffic DIRECT to an origin server.
The clients original destination IP and port will be used instead.
Regardless of this option setting, when dealing with intercepted
traffic Squid will verify the Host: header and any traffic which
fails Host verification will be treated as if this option were ON.
see host_verify_strict for details on the verification process.