Ditmaal had ik de indruk op basis van de X-header dat een Mailchimp klant de veroorzaker was van het spammen/phishen.
Maar dit is de eerste maal dat ik van het betrokken security team melding krijg dat de X-header een fake header is:
Mailchimp schreef:Thanks for getting in touch. We've gotten several other similar reports for messages that contain the same general content, coming from IPs around the world, and purporting to include Mandrill's abuse headers. It's not clear the origin of these emails, but the Abuse headers are actually not the same format that Mandrill uses. It looks like they may either be trying to cause problems for Mandrill, or trying to increase the likelihood that their spam will be accepted by recipient servers by including Mandrill's information.
Given this, we unfortunately would not be able to take action against emails that did not originate from our servers. Please let us know if you have any questions we can help with.