In that case, Spiff appears to be right. Someone has compromised schulin.net and is using it to send spam. I'd email
[email protected] and
[email protected], as well as perhaps just going to the guy's website and emailing him too with this. He needs to set up SPF records on his domain.