DNS Hacked?

[Tara L]

I'm an admin for a large company and I managed our spam filter. I found some unusual emails and I'm wondering if Google's DNS was hacked. We have many emails in quarantine from 8.8.8.8 and from localhost. Below is what I'm seeing. Has anyone else seen this? If this needs to be reported to Google, I can't find where to report it. 

FIRST EMAIL

_____________________________________________________
Received on
Nov 19 2021 02:57:10 AM
From
info@localhost
To

CC

Recipients
in...@REMOVEDMYDOMAIN.COM
Subject

Attachment(s) / URL(s)

Status
Quarantined
Source Email Server

167.172.131.119

HEADERS

Received
from [127.0.1.1] (unknown [167.172.131.119]) by prd09-use1-06 (envelope-from <info@localhost>) FireEye ETP with ESMTP id D475313335F477916118152fb; batch_id D4/75-31333-5F477916; Fri, 19 Nov 2021 09:57:10 +0000 (UTC)
From
<>
Return-Path
<info@localhost>

____________________________________________________________________

SECOND EXAMPLE

Received on
Nov 19 2021 02:57:15 AM
From  in...@REMOVEDMYDOMAIN.COM
info@[8.8.8.8]
To

CC

Recipients

Subject

Attachment(s) / URL(s)

Status
Quarantined
Source Email Server

167.172.131.119

These are the headers: 
Received
from [127.0.1.1] (unknown [167.172.131.119]) by prd09-use1-29 (envelope-from <info@[8.8.8.8]>) FireEye ETP with ESMTP id BEDD14597AF477916208d9952; batch_id BE/DD-14597-AF477916; Fri, 19 Nov 2021 09:57:15 +0000 (UTC)
From
<>
Return-Path
<info@[8.8.8.8]>

[Claus Mattsson]

If your spamfilter quarantined these emails, it works as it should. SMTP standard allows a sender to impersonate anyone he like.