Comment notification header injection?

I just received the following in my server logs:

comment: to6759@[my domain]
redirect_to: to6759@[my domain]
url: to6759@[my domain]
author: portraits
Content-Type: multipart/alternative; boundary=4531a12f2b5c30d6106376b2881e01d6
MIME-Version: 1.0
Subject: comply or to refuse
bcc: [email protected]

This is a multi-part message in MIME format.

–4531a12f2b5c30d6106376b2881e01d6
Content-Type: text/plain; charset=\”us-ascii\”
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit

soothing him . o, darlint they only knocked off half
–4531a12f2b5c30d6106376b2881e01d6–

.

submit: to6759@[my domain]
subscribe: to6759@[my domain]
comment_post_ID: to6759@[my domain]
email: to6759@[my domain]

…sent with the following headers:

POST /home/wp-comments-post.php HTTP/1.1
Connection: Keep-Alive
Content-Length: 777
Content-Type: application/x-www-form-urlencoded
Host: [my domain]
Referer: [my domain]

Now I have searched for a related topic, but could find nothing really addressing this (but if I missed something, apologies in advance).
Is it possible for the comment notification e-mail to be injected using the information this spammer has submitted? I am using WP 2.0.2, if that helps at all.
Incidentally, this spammer’s attempt was blocked by one of my spam plugins, but I want to make sure that there is nothing vulnerable about WordPress that would allow the e-mail headers to be injected. I had a brief look at the code, but I wasn’t able to find the comment notification function to see whether or not it was vulnerable.

Thanks in advance for any info.