The spam email almost certainly was sent by the outgoing server of the company you're trying to report it to.
Personally, I wouldn't bother reporting it - Delete it and move on

I don't pretend to understand the technicalities of spoofed addressing but looking through the message sources I don't see any addresses corresponding to the actual organisations from which the messages purport to come. I presume from what you've said that the Alert is coming from the destination mailserver rather than the Plusnet mailserver which would explain why this junk doesn't get filtered out before I get it.
I forward the messages to addresses supplied by Action Fraud so I have to assume that they are going to the correct destination. I happen to believe that unless we pass these on in sufficient numbers the problem will never be treated seriously. I obviously have no way of knowing if the organisations ever follow up on the information.
Each time I receive one after I've forwarded it I create a message filter for that sender address but, of course, I realise that the scumbags are going to keep trying by using a multiplicity of different addresses and I'm probably on a hiding to nothing.

Quote from: Buggwrit

I presume from what you've said that the Alert is coming from the destination mailserver rather than the Plusnet mailserver which would explain why this junk doesn't get filtered out before I get it.

If you're referring to the message in your original post then this will almost certainly be generated by our relay server and not the destination MTA.

Quote from: Buggwrit

What I would be interested to know, however, is if the server won't let me send the message because of something dodgy it has detected why did it allow me to receive it in the first place?

Good question. The logic for inbound/outbound isn't the same. You might find that you can get inbound to block these messages by increasing the aggressiveness of the spam filter.