Are email headers still easy to forge? I'd like to think there have been significant improvements in 15 years, but I know it used to be common for some email to to have falsified return paths (among other things).
I would check the actual IP address that was sending the spam and sure enough it was genuine Google IP addresses. I once tried black listing them only to stop receiving mail from friends so it was definitely the same IPs being used for both spam and actual ham mail. At the time I ran my own mail server it was not unusual for north of 50 per cent of spam to be originating from Google.
Valid DKIM signature is the best confidence marker that these are actually originating with Gmail. I have always seen the DKIM signature check out to a Gmail public key.