It seems to me that there would be a benefit in checking ip addresses so that you could only click the link from the same IP that requested it. That way snoopers have even more work to do.
Not necessarily a good idea. On an average working day I'll probably use 5 different machines; I could very well trigger an action on one, go off to do something else while waiting for an email (if it wasn't instant, these things often aren't) and come back to it on a different machine altogether.
OK I'm unusual in my usage habits, but I suspect a complete IP filtering (at least without a warning about it) would cause issues.
