IP spoofing is pretty hard to do with 2-way communication channels like TCP and a lot harder with TLS too. usually IP spoofing only works meaningfully with UDP and protocols that allow for transactions were you don't need replies from the target. to pull this of you would need to do BGP hijacking in order to receive return traffic which is a little above the efforts spammers will make.
IP spoofing is pretty hard to do with 2-way communication channels like TCP and a lot harder with TLS too. usually IP spoofing only works meaningfully with UDP and protocols that allow for transactions were you don't need replies from the target. to pull this of you would need to do BGP hijacking in order to receive return traffic which is a little above the efforts spammers will make.