How can an email header be used to verify the real sender?

Lets say you're the target an advanced phishing attack, meant to look like it came from Amazon.com. It shows @amazon.com in the sender field, but you're suspicious. You can call Amazon and find out, but lets imagine that you couldn't. Is it possible to look at the header of the email and verify with any level of certainty that the email did or did not come from Amazon?

Here's a header from an email I received which Amazon support verified was not from them:

 From security - update @amazon.com Wed Jun 15 05: 35: 15 2016 X - Apparently - To: ***** @yahoo.com; Wed, 15 Jun 2016 05: 35: 16 + 0000 Return - Path: < 2016061505351500688 fd1d5684edabf9d32ee87d0p0na @bounces.amazon.com > Received - SPF: pass(domain of bounces.amazon.com designates 54.240.13.30 as permitted sender) YW5kIHByaXZhY3kgdmVyeSBzZXJpb3VzbHkuIEFzIHBhcnQgb2Ygb3VyIHJv dXRpbmUgbW9uaXRvcmluZywgd2UgZGlzY292ZXJlZCBhIGxpc3Qgb2YgZW1h aWwgYWRkcmVzc2VzIGFuZCBwYXNzd29yZHMgcG9zdGVkIG9ubGluZS4gV2hp bGUgdGhlIGxpc3Qgd2FzIG5vdCBBbWF6b24tcmVsYXRlZCwgd2Uga25vdyB0 aGF0IG1hbnkgY3VzdG9tZXJzIHJldXNlIHRoZWlyIHBhc3N3bwEwAQEBAQN0 ZXh0L3BsYWluAwMy X - YMailISG: bvKKjZcWLDuqAP4uJx5EzWqDZs4AGZltJxwsTWfKWTo3MpLP RRAOPYJ0kEPrw4uT_S5NxE1XUyrqTYMpgofwIq41BJ0ZeIqhv5jhgkOcTT3f iwxX2SoomtBJ.ueo90kdV4tTSihP0_Igz8dlfJb4tSARevolMmcQ2dvAWbNs not5nyJJkw9rvBxeLa38H_diZewKRWfDi_pVCnd8tw9a0o9uxwsB1KMu5Sxf 81 SekEnsOZdct9N0SXP_DCg0_xNBS33DybGyj9PDcwrsQp5yBHE3mnFwBz2a yXlyJ88Hw6BLyXAFWCrnb3JyBV1eTg2TrTJvRHLsXcVimTAIhGAYO6a5Yt8D yl9HIJ..V33ir0l7nUeA19KkacDYEnSPfOzgGrBP5ChAB7RQ0FlabG_xgVB_ SmGw4QGJqruH7Gsa5vT9v15phcwEbvGZQTkEVPFNZc.kvPrX3wTgbhCB7qHI vAZKPdIDloLiA10qmW0J1.sxdMApofO1EVi0AncLnXOb9Y6ZArYLomqTtjeq TF1AE9QFzTDIAmGHZQlRTpSZHgoOFKMt8PrFw7nuCxjft_.zgg4X2nEl2WfP vwwm7_t4wpoX_GkTEAepUL..F5lLKaJg4w36T5qzMxFx3.eiqYy00Bda_Io2 TjX._44ji3VCVYIWHPAm_Q08iVFjXUHRIW69rp2A4n7gkAo_9NaY_m_zvSju ctYuA4TEe7L8XyK.1 Ah0kPmAFbXAYgB74HluZ4GxKONxK33kJkkrUkNTcp7d 2 CyNppWJ2gBJ.xb8_OnuFuGtzfvAn7i3CkluWZt.uLLliwGZo86W.s6J5HYS 4 mvCm3cHR5Zg16UFxH5Qyw_iDGePt8EgMLhjV2rKGdYBF0bOu2TSZb1AcT5n JRwjJMa8i7KqxsuiwzKhDJOaYXfGaBC2M13N6QeggiO7FKHXXMUplnK3.gtP KzrvBVTVVYQdoWFL7mB6lJK7rG5ZJV.SduOUyAsDC.3 JUg86MwPwuGpC1sLe sIsNU_zF1cZiQEXcD2DlHJxniCxn74BEGgyF8dO1oh6.SkKIHNjud2bnmqDx lqvSL7NzUsJwclMvxPY3UtmLs95cvUcBvIOVZR9ovhgSD_g9joPYVLE0.3 zu _dDuD07BSJtT.ICNzqQcg4VJ.CzTQWH0Eb78qC0QCui0KA_USNINQXT.ZWho CsLIyorUTUtTWdgtbltDb9dhUxf9vs6cgGHFtlBBWyWUi_Y8MxxhdTwwjW.l ErgFJ4WDsKVSZqE0MqMQJij7g3t5Qf4UNcx7dVFIknpL3.k.gsz8nMEyA.6 k nEvz45gD2nXSU1JVFQXwXnwaqlBBu6AaTXsuz_9snKkMkwJJKbfxew.yuI49 SbDEnYnH_1kqdD6Dsh9mhlTTZIx4EnD2vO3TV_vQGdJaZSm1Jy2wn0etnCi4 JprcFP9MsQIrULrsdBDTAdwa_3qC_FC7Zo.Hxh91sL3cHnRLRwybhD0jTbqP TdzqqnMe8rzhGk3QfnyTPO.I3YR7rx8HDh743dY - X - Originating - IP: [54.240.13.30] Authentication - Results: mta1509.mail.gq1.yahoo.com from = amazon.com; domainkeys = neutral(no sig); from = amazonses.com; dkim = pass(ok) Received: from 127.0.0.1(EHLO a13 - 30. smtp - out.amazonses.com)(54.240.13.30) by mta1509.mail.gq1.yahoo.com with SMTPS; Wed, 15 Jun 2016 05: 35: 16 + 0000 DKIM - Signature: v = 1; a = rsa - sha256; q = dns / txt; c = relaxed / simple; s = eaxkvsyelrnxjh4cicqyjjmtjpetuwjx; d = amazon.com; t = 1465968915; h = From: To: Message - ID: Subject: MIME - Version: Content - Type: Date; bh = 6 MBHnat6TXZGDjYr8xS + fQIKeGWNo2gEkiV7HI92Lgk = ; b = GhJgCJCM6N1IksIdk3YMJAN01Rs / 5 i5Qo8V / DW / exZk / lv0n00lRSgx + H6GgJ0Cm 6 VOi0o848HKD6ozzXuOrtw0NqRVHFUEG9 / 37 yBfhYMW9nt5 + fa3jqL4PaA4kqhsH52a 70 SEPkxxhqZGjN4kmR2lLyYs9LWPo0Zmc0jdjx3I = DKIM - Signature: v = 1; a = rsa - sha256; q = dns / txt; c = relaxed / simple; s = 6 gbrjpgwjskckoa6a5zn6fwqkn67xbtw; d = amazonses.com; t = 1465968915; h = From: To: Message - ID: Subject: MIME - Version: Content - Type: Date: Feedback - ID; bh = 6 MBHnat6TXZGDjYr8xS + fQIKeGWNo2gEkiV7HI92Lgk = ; b = sg9kv2564IQpHZ9P5fjZzgo43k1OQT1Q / 8 u2FSyhaLfrRVtjvAQdkLfhMMyupVu3 70 VavyNthdmQEmawWGHM0dnviOPxUCOAF4KxrYi1s22vecoNEvjjDBy1xiGBzzeXtM6 YRutkI3NrIG / A3ylPGub8So0H1MoQ90uSmZdFiT8 = From: security - update @amazon.com To: ***** @yahoo.com Message - ID: < 01000155528e74 f4 - b61f49db - 5 a99 - 47 f0 - 8220 - de3d790e7100 - 000000 @email.amazonses.com > Subject: Your Amazon password has been changed MIME - Version: 1.0 Content - Type: multipart / alternative; boundary = "----=_Part_435506_288452969.1465968915690" X - AMAZON - MAIL - RELAY - TYPE: notification Bounces - to: 2016061505351500688 fd1d5684edabf9d32ee87d0p0na @bounces.amazon.com X - AMAZON - METADATA: CA = C34L8ES1N9UV8E - CU = AYTEASIHBL0P9 - RI = A1BTPRBNF2RGB1 X - Original - MessageID: < urn.rtn.msg.2016061505351500688 fd1d5684edabf9d32ee87d0p0na @1465968915691.rtn - svc - na - us - east - 1e- i - 5 a3634e4.us - east - 1. amazon.com > Date: Wed, 15 Jun 2016 05: 35: 15 + 0000 X - SES - Outgoing: 2016.06.15 - 54.240.13.30 Feedback - ID: 1. us - east - 1. ZHcGJK6s + x + i9lRHKog4RW3tECwWIf1xzTYCZyUaiec = : AmazonSES Content - Length: 1794 

Is it possible to verify that the email was not from Amazon just by looking at this header?