According to an IT guy at a university that I worked for once upon a time, just looking at the purported e-mail address isn’t good enough. The guy, in working on my university computer, remarked that it’s possible to spoof e-mail addresses because of lack of security in the protocol. This was probably about 20 years ago and involved POP3 e-mails/servers - so maybe things have improved since then? And are better with different protocols like IMAP?
EDIT_UPDATE: Email spoofing - Wikipedia