I work email and security for a living, and I’ve never seen this particular situation before. It’s a weird problem, and I’m off for a few days, so I’m intrigued.
What you see in this area of the email client is controlled by the From: header. Specifically the “friendly name” portion of this header. It’s possible that the one in this message is constructed like this:
From: " Your Name firstname.lastname@example.org<email@example.com>"
There could be even more addresses in the header, since that is valid. But I’m just guessing at this point, and there’s no substitute for actually seeing the headers. I’m not sure how to pull the headers out of Hotmail’s email client, if you can send them to me in a PM, I’ll let you know what I can see. Or, PM me for an email address for you to send a message to, and I’ll let you know what I get in the initial message headers. In fact, I’d prefer the latter, since we’ll be isolating one part of the chain, and I know how to get the headers from the client I use.
rat avatar, I don’t mean to gainsay you, but if the connection to your SMTP servers are TLS encrypted, and your connections to their MX servers are encrypted, the SMTP session is encrypted as far as transit is concerned, and preferring/allowing TLS is pretty common among large providers now. The From: header (and the rest of the headers) are encrypted in these cases, and only the EHLO exchange is done in plain text. That does effectively stop a third party from modifying a message in transit (both endpoints can do all kinds of stuff, though). It’s far more common for this kind of forging to be done by a phisher/spammer with a message they’re sending themselves - that’s why this seems like an interesting problem.