I am curious how reliable the IP address in email headers is.
For example, here's a header:
(changed a little so I don't give away anyones real address)
Received: from foo.bar.edu ([192.168.99.199])
by my.computer.net with esmtp (Exim 3.35 #1 (Debian))
id 195LgM-0001Yv-00
for <me@my.computer.net>; Tue, 15 Apr 2003 02:20:46 -0600
Received: (from davialbe@localhost)
by foo.bar.edu (8.11.6/8.11.6) id h3F8Lu930444
for me@my.computer.net; Tue, 15 Apr 2003 02:21:56 -0600
<snip>
How reliable is it really? How easy is it to spoof?