I take it this is not you?
Received: from [190.238.167.226] (port=60328 helo=schulin.net)
by cloud.steveschulin.com with esmtpa (Exim 4.82)
It looks like the spamming scumbags have a new tactic: lift contacts from a compromised hotmail/aol/etc account. Perhaps they send an email like the traditional spam you see from such compromised accounts. Perhaps not. Later, the spammers send a forged email from a spam relay. Notice the sent email did not end up in your sent folder? The victim often gets blamed anyway if the headers aren't examined.
No really good solution exists once your email contact list has been harvested. You can contact the ISPs of the spam relay and the link they want your contacts to click. At least make some trouble for the spamming scumbags.
You may want to let some of your less-technically savvy contacts know that they may be receiving spam and not to click any links in emails from you.
Originally Posted by
gfunkdave
It seems like someone is compromising and re-compromising your account.
Not necessary once the contact list is harvested. The spam is spoofed; no need to re-compromise the victim's account.