I have a customer from India who claims that one of the emails that were sent from his email address to me was not generated from his mail client.
With a quick look I have noticed that the sender is the same for all mails.
Q1) Is it possible to use an alias on my email and “mask” my email address?
I send email from email@example.com
But the Receiver will see on the “from” field the email firstname.lastname@example.org
Is it possible to use an alias and send emails on which the Receiver will see a different email address?
Q2) If it is possible, is there any way to track back the original email address?
I have also tried to find more info from the headers of the “fraud” mail and the genuine one.
The fraud mail was sent from an open-source web client called Roundcube from an IP address in USA Missouri. In addition the header has four X-AntiAbuse records.
Q3) What are the X-AntiAbuse records?
The Genuine mail was send from an MS Outlook 14 client from an IP address in India and the email was finally received (via hop) from an IP address in USA Massachusetts. The domain of the email is also coming from USA Arizona.
Q4) Is there any other info that I could track?
I would like to verify if the mail credentials of my client are hacked or my client is lieing for a reason .