Can msg.ReceivedFrom be spoofed in a pubsub gossip network?

As the title says, for an application protocol I need to know whether the ReceivedFrom field in a message received by subscription.Next(ctx) can be spoofed easily or is “safe enough” to serve as an authentification of the sender. If so, how safe is it?

To give you the background, I’m implementing some sort of distributed domain name system in my pubsub network based on a “first come, first served” principle. If a mapping has already been accepted for peer A, then the same mapping should be rejected for peer B, and I’m using ReceivedFrom as a way to distinguish A and B. So this better not be easily spoofable, or otherwise some “fun” users will wreak heavoc on the net. (This is for a toy virtual language/machine, if anyone sees traffic on default bootstrap nodes with LISP expressions and “z3s5” in all topics, that’s me. See https://z3s5.com/ )