Email delivered to my default address, is this a problem on my server?

GoWilkes

• June 07, 2020 01:39

I have the default emails for my main domain being forward to a Gmail account, so I can just keep up with any issues. Today I found one that is obvious spam, but Gmail shows:

from:	Fake dontknowthisaddress@gmail.com
date:	Jun 3, 2020, 10:09 PM
subject:	Hi!
signed-by:	mydomain.com
security:	Standard encryption (TLS) fake@mailbox.gr	gmail-smtp-in.l.google.com[74.125.192.27] myemail@gmail.com

(Those are real IPs... the first belongs to RIPE, the other belongs to Gmail. Neither belong to my server) So there it seems like plain old spam, but the fact that Gmail shows "via mydomain.com" really throws me off. What do you guys and gals think?

• 

  keat63

  • June 08, 2020 10:40

  Could you try to explain in a different way please. I can't get my head around it.

  0
• 

  Handssler Lopez

  • June 09, 2020 03:37

  the way cPanel displays it is correct. The Spam message is received in yourdomain.tdl and this Spam message is forwarded from yourdomain.tdl to yourname@gmail.com this is the reason why in my case I do not recommend re-sending to accounts outside the domain or server since if you receive many emails and some with a high spam score, the domain or server marked as spammer will be yours. To avoid inconvenience, add the account or domain in general as a secure sender in gmail.

  0
• 

  GoWilkes

  • June 09, 2020 03:40

  Hmm. I'll try. I own the server, so I have access to both WHM and cPanel for the domains. At my main domain, I have set up a few email addresses, and anything email that's sent to something other than those addresses goes to a Gmail that I set up to be a default. That Gmail mostly gets junk mail, but I check it every so often to make sure something good didn't go there. When I checked it a few days ago, I saw the one email that was sent from a spam address and to some address I don't know; maybe it was BCCed to an address on my domain? I don't know. But the concern was the Gmail showed the headers with "via mydomain.com", and then "signed by: mydomain.com" (but of course it had my actual domain name, not literally "mydomain.com"). So I'm not sure if my server has a breach and it's actually sending out spam? If not, I don't understand how the Gmail headers have my domain name in them.

  0
• 

  GoWilkes

  • June 09, 2020 03:43

  Oops, sorry Handssler, I was replying to @keat63 while you were replying :-) I understand what you're saying, that makes sense. I didn't think about my domain being considered a spammer because of that! I guess I need to come up with a better alternative...

  0
• 

  SamuelM

  • June 10, 2020 21:31

  Hello @GoWilkes One alternative to forwarding mail to Gmail is to simply uses Gmail's POP3 functionality to add the email account that was created on your cPanel server to your Gmail account. You can find instructions for doing this on the following page:

  0

Please sign in to leave a comment.