[Mariner]

"Specifically I’m wondering if there’s a way they can know the IP address a message originated from, without there being any proxies, gates, etc."

Yes, every SMTP relay in the chain has record of where it's inbound mail comes from.

But somebody would have to have admin credentials to each of those servers to track it back to origin.

[butterdezillion]

So this company that did this analysis - would they have a way to check if the emails really came from the France IP that is associated with the Russians?

Then again, who knows whether the analysis that they’re posting has genuine data either. They could change stuff.

But if what they have is genuine, would their analysis and conclusions be possible and/or correct?

[Cboldt]

-- Yes, every SMTP relay in the chain has record of where it's inbound mail comes from. --

With properly configured SMTP services, the header preserves all of the "Received" lines, so the chain is know to the ultimate recipient.

But the originator can spoof his sending IP address in the header, and some SMTP handlers don't check the header (in the email) against the network packet (which should have the same IP address), and forward the email anyway. There are other ways to "forge" or insert header lines.

There is tons of spoofed e-mail in the wild. Analysis based only on e-mail headers makes some huge assumptions, and the report I read (linked at the top of this thread) does not discuss those assumptions.

[FredZarguna]

Yes, every SMTP relay in the chain has record of where it's inbound mail comes from.

Not necessarily.