Query regarding message spoofing

Hi

We seem to be receiving a lot of SPAM mail, particularly messages that are spoofed.

They have the characteristics;

From: SPOOFED
Return-Path: SPOOFED
Message-ID: #####@servername.com

Couple of questions I was hoping someone could help me with;

a) I understand it is quite possible to spoof the FROM:, but can the Return-Path (i.e. MAIL FROM:) be spoofed as well?

b) Can the source IP address of the mails be spoofed?

c) Can the Message-ID servername be spoofed?

Hope someone can help!
LVL 3
kam_ukAsked:
Who is Participating?
 
PsiCopConnect With a Mentor Commented:
a) Yes. "Return-path" is just another message header. It is easy to spoof as any other message header, like "From"

b) Yes and no. Yes, the spammer may include spoofed headers with false or misleading IP information. No, in that when YOUR mail server adds a "Received: from" header, it will have accurate IP information for the host that connected to it.

c) Yes. Just like "Return-path", it's just another message header.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.