Moon,
I'm afraid to say that I think the email did originate from Battlefront rather than just having a faked sender address.
This is the header of the email I received (if you would like a copy of the unredacted header or the full SMTP session log from my mail server please let me know)
From - Tue Mar 23 12:59:20 2010
X-Account-Key: account2
X-UIDL: 2VWY65Q.CNM3C772A49
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
X-Mozilla-Keys:
Received: from spooler by redacted.com (Mercury/32 v4.72); 23 Mar 2010 12:53:58 -0000
X-Envelope-To: <redacted@redacted.com>
Return-path: <SRS0=c5ac8e96f672fac7a2880cc597f443fe26ee986c=355=battlefront.com=bounce@battlefront.com>
Received: from mail.battlefront.com (216.121.6.209) by Mercury SMTP Server (smtp.redacted.com) (Mercury/32 v4.72) with ESMTP
ID MG0000F0 (Using SSL/TLS, 3DES, CBC mode, keysize 192 bits) ; 23 Mar 2010 12:53:47 -0000
Received: from www.battlefront.com (mail.battlefront.com [216.121.6.209])
by mail.battlefront.com (Battlefront.com Mail Server) with ESMTP id FPY03252
for <redacted@redacted.com>; Tue, 23 Mar 2010 06:53:52 -0600
Date: Tue, 23 Mar 2010 06:53:51 -0600
To: Paul Redacted <redacted@redacted.com>
From: Battlefront Newsletter <newsletter@battlefront.com>
Subject: We are proudly presenting new update client for all games from battlefront for FREE.
Message-ID: <33263b74e9603f47ff06263526fdb143@www.battlefront.com>
X-Priority: 3
X-Mailer: PHPMailer [version 1.73]
X-Mailer: SM2 Email Marketing
X-SM2MessageID: 227
Precedence: bulk
X-SM2Recipient: redacted@redacted.com
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="b1_33263b74e9603f47ff06263526fdb143"
The relavent line is
Received: from mail.battlefront.com (216.121.6.209) by Mercury SMTP Server (smtp.redacted.com) (Mercury/32 v4.72) with ESMTP
ID MG0000F0 (Using SSL/TLS, 3DES, CBC mode, keysize 192 bits) ; 23 Mar 2010 12:53:47 -0000
This indicates that the IP address of the server that actually sent the message to my mail server is 216.121.6.209 which is the same IP address as www.battlefront.com (and also the address I've receieved other Battlefront mail from) which, I'm afraid, makes me think that there's something more here going on than just a hack of the front page.
Can I also suggest that the download that the email points to http://www.battlefront.com/products/battlefront_client.exe
is, as a matter of urgency, replaced with a webpage that details what Battlefront know about what has happened and what they are doing to investiage.