Computer Help and Support

Looks like you got the message with
• View All Headers

Search for Received

Received-Spf: ⁨pass (wrong)

Received: ⁨from ci74p00im-qukt09080301.me.com by p128-mailgateway-smtp-7f54dd7dd6-vrsb2 (mailgateway 2302B229) with SMTP id 0dcfb01d-69a2-4172-b8ca-2c66d2418baa for (me); Mon, 7 Nov 2022 20:55:05 GMT⁩

Received: ⁨from o2926.abmail.marketing.gofundme.com (o2926.abmail.marketing.gofundme.com [149.72.227.147]) by ci74p00im-qukt09080301.me.com (Postfix) with ESMTPS id 7722B5280110 for (me) 20:55:03 +0000 (UTC)⁩

Received: ⁨by filterdrecv-5df9bb45b8-x9gdw with SMTP id filterdrecv-5df9bb45b8-x9gdw-1-636970A7-5A 2022-11-07 20:55:03.650078702 +0000 UTC m=+614413.386547220⁩

Received: ⁨from MTAyMDU3MDY (unknown) by geopod-ismtpd-5-1 (SG) with HTTP id WL6i3wZCQUyPD-yNtJMdBw Mon, 07 Nov 2022 20:55:02.852 +0000 (UTC)⁩

The last one is first. So this came from a web interface (HTTP) to some unknown sender. And this says basically nothing useful.

More often, the "last is first" Received indicates that a home system (i.e. res-something.comcast.net) originated it, meaning that someone's home computer was malware'd into sending spam or more malware. And messages like this usually have the home-ip address that can be traced (traceroute) and reported. Those rarely change (except possibly when someone reboots a home router), so they aren't definitive (except to certain swat teams that don't care to do their homework), but they can help get a home system off the internet until they are cleaned up.

Footnote: if you can save the full-headers (or message source) message as a text file, it's one command in vim to filter it
vim: v/^Received/d

Good luck.
HTH