I don’t want to paste the header here, but I’m looking at an email sent to a client named “Jane”. Jane has an email address set up at email@example.com.
In the headers, it looks like the message was sent to jAne@knife.dreamhost.com. I don’t see domainname.com anywhere in the headers. Did this spam just go to any user named “Jane” on knife.dreamhost.com? Or is her real email address somehow hidden so that I can’t see it in the header?