Skip to main content

Gmail sender

Maning
When I am checking mail delivery reports I found out that a gmail account (it is a gmail account of one of my clients) send email through server Mail delivery report: Event: success success Sender User: user Sender Domain: userdomain.com From Address: usergmailaccount@gmail.com Sender: user Sent Time: Apr 1, 2020, 10:07:10 AM Sender Host: localhost Sender IP: 127.0.0.1 Authentication: localuser Spam Score: Recipient: recipient@domain.tld Delivered To: recipient@domain.tld Delivery User: -remote- Delivery Domain: Router: dkim_lookuphost Transport: dkim_remote_smtp Out Time: Apr 1, 2020, 10:07:10 AM ID: 1jJXT6-0006ti-GM Delivery Host: mailsrv.domain.tld Delivery IP: xxx.xxx.xxx.xxx Size: 931 bytes Result: Accepted
Exim mainlog: 2020-04-01 10:07:20 1jJXT6-0006ti-GM <= usergmailaccount@gmail.com U=user P=local S=931 id=68676f436766bfacdc6767f43df571b3@userdomain.com T="userdomain: Wie war dein Tag?" for recipient@domain.tld 2020-04-01 10:07:20 cwd=/var/spool/exim 3 args: /usr/sbin/exim -Mc 1jJXT6-0006ti-GM 2020-04-01 10:07:20 cwd=/home/user/public_html 6 args: /usr/sbin/sendmail -t -i -oi -f usergmailaccount@gmail.com 2020-04-01 10:07:20 1jJXT6-0006ti-GM Sender identification U=user D=userdomain.com S=user 2020-04-01 10:07:20 1jJXT6-0006ti-GM SMTP connection outbound 1585724840 1jJXT6-0006ti-GM userdomain.com recipient@domain.tld 2020-04-01 10:07:22 1jJXT6-0006ti-GM TLS session: (SSL_connect): error:14077102:SSL routines:SSL23_GET_SERVER_HELLO:unsupported protocol: delivering unencrypted to H=mailsrv.domain.tld [xxx.xxx.xxx.xxx] (not in hosts_require_tls) 2020-04-01 10:07:22 SMTP connection from [127.0.0.1]:38240 (TCP/IP connection count = 7) 2020-04-01 10:07:24 1jJXT6-0006ti-GM => recipient@domain.tld R=dkim_lookuphost T=dkim_remote_smtp H=mailsrv.domain.tld [xxx.xxx.xxx.xxx] C="250 2.0.0 03177Mx6023622 Message accepted for delivery" 2020-04-01 10:07:24 1jJXT6-0006ti-GM Completed
I was wondering if this is normal?

Comments

2 comments

Date Votes
  • dalem
    Looks like they are just using a From mail on their site with the usergmailaccount@gmail.com as the return address
    0
  • cPanelLauren
    More like something like this: PHPMailer/PHPMailer - the script lives in /home/user/public_html per the exim logs - this is pretty normal behavior if they have a contact form on their site you can view it yourself though to ensure.
    0

Please sign in to leave a comment.

Didn't find what you were looking for?

New post