<div>
<div class="content wysiwyg-content">
Hi<br />
<br />
We seem to be receiving a lot of SPAM mail, particularly messages that are spoofed.<br />
<br />
They have the characteristics;<br />
<br />
From: SPOOFED<br />
Return-Path: SPOOFED<br />
Message-ID: #####@servername.com<br />
<br />
Couple of questions I was hoping someone could help me with;<br />
<br />
a) I understand it is quite possible to spoof the FROM:, but can the Return-Path (i.e. MAIL FROM:) be spoofed as well?<br />
<br />
b) Can the source IP address of the mails be spoofed?<br />
<br />
c) Can the Message-ID servername be spoofed?<br />
<br />
Hope someone can help!
</div>
</div>


Hi

We seem to be receiving a lot of SPAM mail, particularly messages that are spoofed.

They have the characteristics;

From: SPOOFED
Return-Path: SPOOFED
Message-ID: #####@servername.com

Couple of questions I was hoping someone could help me with;

a) I understand it is quite possible to spoof the FROM:, but can the Return-Path (i.e. MAIL FROM:) be spoofed as well?

b) Can the source IP address of the mails be spoofed?

c) Can the Message-ID servername be spoofed?

Hope someone can help!

Query regarding message spoofing

Interactions between email servers and clients are governed by email protocols. The three most common email protocols are POP, IMAP and MAPI. Most email software operates under one of these (and many products support more than one).  The correct protocol must be selected, and correctly configured, if you want your email account to work.

Email Protocols

Various techniques are used to prevent email spam (unsolicited bulk email). No technique is a complete solution to the spam problem, and each has trade-offs between incorrectly rejecting legitimate email (false positives) vs. not rejecting all spam (false negatives) - and the associated costs in time and effort. Anti-spam techniques can be broken into four broad categories: those that require actions by individuals, those that can be automated by email administrators, those that can be automated by email senders and those employed by researchers and law enforcement officials.

AntiSpam

Exchange is the server side of a collaborative application product that is part of the Microsoft Server infrastructure. Exchange's major features include email, calendaring, contacts and tasks, support for mobile and web-based access to information, and support for data storage.