Email spoofing is the creation of an email with a forged sender address to intentionally mislead a recipient about its origin. This technique is often used in phishing campaigns and generally attempts to get a user to click a link and share their credentials or reply with sensitive information.
There are two types of From addresses in an email, both of which can be spoofed:
Envelope From: This is transmitted during the MAIL FROM command.
MIME-Encoded From: This is transmitted after the DATA command during an SMTP transmission. It is not protected by any SMTP mechanism and as such is open to spoofing.