In Chapter 5: Would the real sender please stand up?, you saw how attackers can easily spoof their e-mail addresses and give the appearance that an e-mail is from someone else. However, the e-mail headers tell the true tale if you know where to look.
In "Chapter 6: Unwilling accomplices" from the book Canning Spam: You've Got Mail (That You Don't Want), by Jeremy Poteet, you'll see how a misconfigured e-mail server can take away the advantage of header information. If an e-mail server is vulnerable to a relay attack, the e-mail really comes from the vulnerable server and is not just spoofed.
By hiding behind innocent people, spammers take on less risk, and the innocents pay the price. In this chapter, you'll learn how to protect yourself from being used as an unwilling pawn in a spammer's attack.