badrihippo Posted October 21, 2019 Share Posted October 21, 2019 I got a spam email today, ostensibly from myself, claiming to have access to my data. I know they don't, but the email was "sent-by: gmail" and "signed-by: [my domain]" so I'm wondering if they have access to that password. Is there any way to check server logs and see if an email was sent from my account on Sun 20 Oct 2019 17:00:29 (PDT)? I can provide my ID details and the email header if required (don't want to post it on a public forum). Quick overview of my current setup: I have an "send email" account via cPanel (eg. email@example.com), and several forwarders to my Gmail (firstname.lastname@example.org, email@example.com). When I'm sending, I send via the firstname.lastname@example.org credentials so that it gets signed etc, but the "from" is from email@example.com). Usually, if someone sends a scam email setting the "from" then it'll say something like "from firstname.lastname@example.org via gmail.com", but this seems to have been sent from example.me itself, meaning they might actually have server access Quote Link to comment Share on other sites More sharing options...
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.