Question posted in 
I recently started working in hosting/software firm. And currently we have problem with our DNS server.
Two days ago we started getting complaints from our clients that they are receiving emails but in the From section there is a mistake, it shows wrong email of a sender. The email address that’s displayed is a random address from one of our clients.
After trying to solve this problem i realized that in Email Deliverability section in cPanel Problems Exist (DKIM, SPF, and Reverse DNS).
When clicked on manage it shows how the records should look and it says that I need to update them, the problem is those same inputs do exist and so the problem persists.
It’s important to note that this is a shared hosting server.
Is this some form of hacker attack? Did anyone ever had the same problem?
3
Answers
Turns off the problem was coming from a different IP address. We were being attacked. As soon as we blocked it it stopped, and that error cPanel was showing was because the configuration on our server, it was always there.
This was the problem. I advise all WHM/cPanel users to update ASAP because the problem is really hard to find once you get in the middle of it.
https://www.tenable.com/blog/cve-2019-10149-critical-remote-command-execution-vulnerability-discovered-in-exim
The sender email address is always specified by the mail client used to send that email (it’s common to make mistakes in mail client settings). If those emails are not really sent by your team/server, it could be spoofing. You can implement SPF/DKIM + DMARC in your domain so that recipients can reject spoofed messages whenever they’re not coming from your server.
You can monitor your email health score with a mail testing service.
These services allow you to check for deliverability issues along with spam activity on your email. Warmup Inbox provides a health score to all users. It’s nice to keep track of how your email is performing/what needs to be improved.
Implementing a SPF record alongside proper DMARC and DKIM settings for your domain will drastically increase the overall deliverability rates of all outgoing mail coming from your domain. DKIM and DMARC increase deliverability rating as well as keep your mail server safe from malicious attacks and damaging spam mail.