a question on email headers

To: debian-user@lists.debian.org
Subject: a question on email headers
From: Al Davis <ad19@freeelectron.net>
Date: Tue, 15 Apr 2003 02:34:52 -0600
Message-id: <[🔎] 200304150234.52014.ad19@freeelectron.net>

I am curious how reliable the IP address in email headers is.

For example, here's a header:
(changed a little so I don't give away anyones real address)

Received: from foo.bar.edu ([192.168.99.199])
	by my.computer.net with esmtp (Exim 3.35 #1 (Debian))
	id 195LgM-0001Yv-00
	for <me@my.computer.net>; Tue, 15 Apr 2003 02:20:46 -0600
Received: (from davialbe@localhost)
	by foo.bar.edu (8.11.6/8.11.6) id h3F8Lu930444
	for me@my.computer.net; Tue, 15 Apr 2003 02:21:56 -0600

That's all of the "Received" headers on this mail.  I know this 
one is ok (except for the changes I made myself).  I sent it 
myself, from another system.

My question is about that IP address.  That header was generated 
by my computer.  The address agrees with the one in the log 
file (/var/log/exim/mainlog).  The name does, too.

I would like to believe that is the real address it came from.
How reliable is it really?  How easy is it to spoof?

Reply to:

Follow-Ups:
- Re: a question on email headers
  - From: Anders Holmstrom <andersh@silcraft.com.au>
- Re: a question on email headers
  - From: Alvin Oga <aoga@Maggie.Linux-Consulting.com>
- Re: a question on email headers
  - From: Derrick 'dman' Hudson <dman@dman.ddts.net>

Prev by Date: RE: Networking - dhcp-client
Next by Date: stl + g++-3.2
Previous by thread: Re: (Fwd to list) Re: Wireless lan setup
Next by thread: Re: a question on email headers
Index(es):
- Date
- Thread