How can I tell from an email's headers if the sender address is legitimate?
Many of these email headers can be (and usually are) forged by spammers when they send their spam.
- "From:" address
- Some "Received:" headers can also be forged.
SMTP message spoofing shows just how easily this can be done using an open (unsecured) relay mail server.
How can I analyze the email headers?
There are many tools to analyze email headers, some of which can show if any of the ip addresses in the chain are on spam blacklists.
These tools can also tell if any of the "Received:" headers in the chain are forged.
MxToolbox Email Header Analyzer
One such tool is MxToolbox Email Header Analyzer
Feeding your email headers into this tool produces the following output:
Click on the blacklist button shows the ip address 182.50.144.34 (which is where google received the email from is on 3 email blacklists.