A more accurate analogy might be that he arrives at the axiom border and is asked: "Where did you come from, let me see your passport" To which his firewall replies "Hey passport this, buddy." And the guard sends him on his merry way.
The check is to see that the user is following a logical flow through the site. For instance, if someone knew the format of the http post that is used to post on the site, they could write a program that would repeatedly send that specific post to the axiom server and flood the forum with nonsense, probably without ever even having to log in.
What the check does is something along the lines of: look at the post, and also look at information about what site (and specific page) the post originated from to see if it was coming from a valid submission page from a user who has been correctly authenticated. This is at least my understanding of the process. I think it has very little, if anything, to do with your specific machine or location, but rather everything to do with your online "path" up to your post.
