I looked at the source code of this e-mail and found nothing suspicious. ...
Ditto.
Here's what my inbound MTA placed in the header...
Quote
Received: from ppalias.jriver.com (ppalias.jriver.com [216.14.187.163])
(using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits))
(Client CN "*.jriver.com", Issuer "Sectigo RSA Domain Validation Secure Server CA" (verified OK))
by [My MTA] (Postfix) with ESMTPS id 4VTcKD2nT8z2SPQ
for <[my email addr]>; Tue, 30 Apr 2024 19:46:08 -0400 (EDT)
DMARC-Filter: OpenDMARC Filter v1.4.2 [My MTA] 4VTcKD2nT8z2SPQ
Authentication-Results: [My MTA]; dmarc=pass (p=none dis=none) header.from=ppalias.jriver.com
Authentication-Results: [My MTA]; spf=pass smtp.mailfrom=ppalias.jriver.com
Authentication-Results: [My MTA];
dkim=pass (1024-bit key; unprotected) header.d=ppalias.jriver.com header.i=@ppalias.jriver.com header.b=Mnvt+Gg6
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed;
d=ppalias.jriver.com; s=default; h=Mailing-List:Date:Message-ID:
From:To:MIME-Version:Content-Type:Subject; bh=vtodU7Jyh5cCkHC6HE
/NkAEIKHI=; b=Mnvt+Gg6bVwDDYxMdBAqSOT7IY3OGA+6TjIDYyqILMHhbKEbf4
qAFY5XsvEgOyBr+aGGGy8vklpD2M6G7GgaSn96dInWBUhtEkoEgdExTXAN+UKdp6
i/H3c/RqhURBvD5GdvwYVB4wBHJFTiGOp5bV29XZsLDl6sGeI/9ZuHRs4=