Fake email addresses

  • Hi

    I hope someone can help me. Hosting provider Crazy Domains has suspended without any warning the WP website of one of my clients due to the following:

    – Website sends spam X-PHP-Script: @domainname/ for 127.0.0.1, 127.0.0.1 X-Mailer: PHPMailer 5.2.9 (https://github.com/PHPMailer/PHPMailer/). –

    According to Crazy Domains this could be caused by an email plugin (that’s what Crazy Domains said) but I don’t think that’s the case. I think someone is creating false email addresses used for spamming using the domain name of my client outside of the Crazy Domains hosting environment.

    I did a security scan through managewp.com and everything is clean.

    What steps should I take to avoid this from happening again. I’ve got security plugins installed (iThemes Security version 4.6.13).

    Any advice / suggestions are most welcome!

    Sandra

Viewing 4 replies - 1 through 4 (of 4 total)
  • Moderator James Huff

    (@macmanx)

    That’s from PHPMailer though, which means it’s happening on your server via PHP, not externally.

    Trust your hosting provider and ask for more descriptive logs, also look through your site for suspicious PHP files that aren’t part of WordPress’s core file set.

    Thread Starter Sandra van der Lingen

    (@svanderlingen)

    Thank James for the reply. I will go back to Crazy Domains and ask for the logs. I’ll also check the files as you suggested. ??????

    Moderator James Huff

    (@macmanx)

    You’re welcome!

    That’s from PHPMailer though, which means it’s happening on your server via PHP, not externally.

    This helps a lot! Thanks, @james!

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Fake email addresses’ is closed to new replies.