This post is just part of a Twitter conversation, but wouldn't work as 50 tweets (exaggeration).
@kesgardner @Heminator @lizbuddie @michellemalkin ... that can be compared to other emails, or even just checked for sending domain.
— Gerry Daly (@GerryDales) December 11, 2014(scroll down for the rest)
Let me give an example. Go to Mapquest, and set up some driving directions. Then choose "send" and give an email address to send it to; make it yours.
When you receive the email, find the option to "View full headers". Different mail clients have it in different places, but almost all have it somewhere.
Look in the headers, and you will find something like this:
X-Originating-IP: [55.55.555.555]
Nearly every webform will have an originating IP header. These can be compared to emails sent before. I'll bet even emails from your webform have them. Give it a try- submit something from it to email yourself; check the full internet headers on the received email.
Edited to add: one reason for that header to almost always be there is so you can track back abusive users. If your webserver that processes your forms isn't passing that header, then you should get on whoever coded it to fix that. I bet it is there, though.
