Suppose a spammer forges a hotmail.com address and tries to spam you. Then he connects from a different location than hotmail. If his message is then you will see a mail from (firstname.lastname@example.org), but you don't have to believe what it says in it.
You can ask Hotmail if this IP address comes from their network. (In this case) Hotmail publishes an SPF entry. This tells you (on your computer) how to determine whether or not the sending device is allowed to send e-mail from Hotmail. If Hotmail detects the sending device, the e-mail arrives and you can assume that the sender is who he claims to be. If the message fails the test, it is a fake. Then you can assume that it is a spammer.