An Internet e-mail message consists of two parts. We can refer to them as the envelope and the payload message or simply message.

The envelope has routing data: primarily, this is the sender address and one or more recipient addresses.

The message has the message content: subject line, message body, attachments, and so on. It also carries some technical information such as trace (Received:) headers, DKIM data, and so on; as well as the displayed sender and recipient addresses (what you see in the From, To and Cc fields in your mail client).

Here's the crux of it: The two don't have to agree!

A mail server will look at the envelope data to determine how to send the message. On the other hand, with few exceptions, the message itself will be treated as just data. Particularly, a well-behaved mail server does not look at the To: and Cc: fields of the message itself to determine the list of recipients, nor does it look at the From: field to determine the sender's address.

When you compose and send an e-mail, your e-mail client takes what you entered into the To, Cc and Bcc fields, and translates that into envelope routing information. This is mainly done by removing any full names (leaving only e-mail addresses), but can also involve things like address rewriting, alias expansion, and so on. The result is a list of e-mail addresses which are given to the mail server your mail client is talking to as the list of recipients. The To and Cc lists are kept in the e-mail, but the Bcc is not passed along to the server, making it invisible to message recipients. The sender address works very similarly.

When the message reaches its final destination, the envelope data is either thrown away, or retained in the detailed message headers. That's one part of the reason why Spittin' IT asked for the full message headers in a comment to your question.

Additionally, with Internet e-mail, it is possible to talk directly to a mail server, and thus inject a message that has a mismatch between the envelope data and the message data that a normal, well-behaved e-mail client wouldn't let you compose. Also, mail servers do varying degrees of checks on the sender address that they are given in the envelope data; some barely check it at all beyond making sure it's a syntactically valid e-mail address. The From header of the message data is subjected to even less scrutiny.

Since the receiving e-mail client displays what's in the From, To and Cc headers, not the address data from the envelope, it's possible to put anything you want there and the receiving e-mail client will have no recourse but to trust that it is reasonably accurate. For legitimate mail it usually is accurate enough; for spam, it almost never is.

In the physical world, the envelope sender corresponds to the return address that you write on the outside of the envelope (to which the letter is returned should it turn out to be undeliverable), and the From: header corresponds to whatever you put as your address in the letter which you put in the envelope (to which the recipient would be likely to send a response).

An Internet e-mail message consists of two parts. We can refer to them as the envelope and the payload message or simply message.

The envelope has routing data: primarily, this is the sender address and one or more recipient addresses.

The message has the message content: subject line, message body, attachments, and so on. It also carries some technical information such as trace (Received:) headers, DKIM data, and so on; as well as the displayed sender and recipient addresses (what you see in the From, To and Cc fields in your mail client).

Here's the crux of it: The two don't have to agree!

A mail server will look at the envelope data to determine how to send the message. On the other hand, with few exceptions, the message itself will be treated as just data. Particularly, a well-behaved mail server does not look at the To: and Cc: fields of the message itself to determine the list of recipients, nor does it look at the From: field to determine the sender's address.

When you compose and send an e-mail, your e-mail client takes what you entered into the To, Cc and Bcc fields, and translates that into envelope routing information. This is mainly done by removing any full names (leaving only e-mail addresses), but can also involve things like address rewriting, alias expansion, and so on. The result is a list of e-mail addresses which are given to the mail server your mail client is talking to as the list of recipients. The To and Cc lists are kept in the e-mail, but the Bcc is not passed along to the server, making it invisible to message recipients. The sender address works very similarly.

When the message reaches its final destination, the envelope data is either thrown away, or retained in the detailed message headers. That's one part of the reason why Spittin' IT asked for the full message headers in a comment to your question.

Additionally, with Internet e-mail, it is possible to talk directly to a mail server, and thus inject a message that has a mismatch between the envelope data and the message data that a normal, well-behaved e-mail client wouldn't let you compose. Also, mail servers do varying degrees of checks on the sender address that they are given in the envelope data; some barely check it at all beyond making sure it's a syntactically valid e-mail address. The From header of the message data is subjected to even less scrutiny.

Since the receiving e-mail client displays what's in the From, To and Cc headers, not the address data from the envelope, it's possible to put anything you want there and the receiving e-mail client will have no recourse but to trust that it is reasonably accurate. For legitimate mail it usually is accurate enough; for spam, it almost never is.

In the world of tangible, physical objects inhabited by us mere humans, the envelope sender and envelope recipient corresponds to the return address and recipient address, respectively, that you write on the outside of the envelope; and the From: and To:/Cc: headers correspond to whatever you put as your and the recipient's addresses, respectively, in the letter which you put in the envelope.

An Internet e-mail message consists of two parts. We can refer to them as the envelope and the payload message or simply message.

The envelope has routing data: primarily, this is the sender address and one or more recipient addresses.

The message has the message content: subject line, message body, attachments, and so on. It also carries some technical information such as trace (Received:) headers, DKIM data, and so on; as well as the displayed sender and recipient addresses (what you see in the From, To and Cc fields in your mail client).

Here's the crux of it: The two don't have to agree!

A mail server will look at the envelope data to determine how to send the message. On the other hand, with few exceptions, the message itself will be treated as just data. Particularly, a well-behaved mail server does not look at the To: and Cc: fields of the message itself to determine the list of recipients, nor does it look at the From: field to determine the sender's address.

When you compose and send an e-mail, your e-mail client takes what you entered into the To, Cc and Bcc fields, and translates that into envelope routing information. This is mainly done by removing any full names (leaving only e-mail addresses), but can also involve things like address rewriting, alias expansion, and so on. The result is a list of e-mail addresses which are given to the mail server your mail client is talking to as the list of recipients. The To and Cc lists are kept in the e-mail, but the Bcc is not passed along to the server, making it invisible to message recipients. The sender address works very similarly.

When the message reaches its final destination, the envelope data is either thrown away, or retained in the detailed message headers. That's one part of the reason why Spittin' IT asked for the full message headers in a comment to your question.

Additionally, with Internet e-mail, it is possible to talk directly to a mail server, and thus inject a message that has a mismatch between the envelope data and the message data that a normal, well-behaved e-mail client wouldn't let you compose. Also, mail servers do varying degrees of checks on the sender address that they are given in the envelope data; some barely check it at all beyond making sure it's a syntactically valid e-mail address. The From header of the message data is subjected to even less scrutiny.

Since the receiving e-mail client displays what's in the From, To and Cc headers, not the address data from the envelope, it's possible to put anything you want there and the receiving e-mail client will have no recourse but to trust that it is reasonably accurate. For legitimate mail it usually is accurate enough; for spam, it almost never is.

An Internet e-mail message consists of two parts. We can refer to them as the envelope and the payload message or simply message.

The envelope has routing data: primarily, this is the sender address and one or more recipient addresses.

The message has the message content: subject line, message body, attachments, and so on. It also carries some technical information such as trace (Received:) headers, DKIM data, and so on; as well as the displayed sender and recipient addresses (what you see in the From, To and Cc fields in your mail client).

Here's the crux of it: The two don't have to agree!

A mail server will look at the envelope data to determine how to send the message. On the other hand, with few exceptions, the message itself will be treated as just data. Particularly, a well-behaved mail server does not look at the To: and Cc: fields of the message itself to determine the list of recipients, nor does it look at the From: field to determine the sender's address.

When you compose and send an e-mail, your e-mail client takes what you entered into the To, Cc and Bcc fields, and translates that into envelope routing information. This is mainly done by removing any full names (leaving only e-mail addresses), but can also involve things like address rewriting, alias expansion, and so on. The result is a list of e-mail addresses which are given to the mail server your mail client is talking to as the list of recipients. The To and Cc lists are kept in the e-mail, but the Bcc is not passed along to the server, making it invisible to message recipients. The sender address works very similarly.

When the message reaches its final destination, the envelope data is either thrown away, or retained in the detailed message headers. That's one part of the reason why Spittin' IT asked for the full message headers in a comment to your question.

Additionally, with Internet e-mail, it is possible to talk directly to a mail server, and thus inject a message that has a mismatch between the envelope data and the message data that a normal, well-behaved e-mail client wouldn't let you compose. Also, mail servers do varying degrees of checks on the sender address that they are given in the envelope data; some barely check it at all beyond making sure it's a syntactically valid e-mail address. The From header of the message data is subjected to even less scrutiny.

Since the receiving e-mail client displays what's in the From, To and Cc headers, not the address data from the envelope, it's possible to put anything you want there and the receiving e-mail client will have no recourse but to trust that it is reasonably accurate. For legitimate mail it usually is accurate enough; for spam, it almost never is.

In the physical world, the envelope sender corresponds to the return address that you write on the outside of the envelope (to which the letter is returned should it turn out to be undeliverable), and the From: header corresponds to whatever you put as your address in the letter which you put in the envelope (to which the recipient would be likely to send a response).