When the message is sent, it is possible to specify 32 bytes of Message Credentials. They can be validated on server side. If used straightforward, credentials are not very secure as they can be faked. One possible scheme is to apply some asymmetric encryption algorithm where the credentials are encrypted before sending. This question is reviewed deeper in the article named Secure User Authentication.
Also you can use Messenger.GetMessageSource method to get the source address. Note, that this is not a real address on which you can rely. This is the identifier which can be used to send the new message to the sender of the message in quetion.