Hey there,
Bit of a concerning one potentially, I received an exhortation email today to my primary domain email address ([email protected]). But strangely, it was from that same email address ([email protected]).
I currently use Cloudflare to forward emails from my domain to my gmail address.
For outbound emails, I use gmail’s smtp servers.
Looking at this email though, it appears to have come from email.cloudflare.net.
Although the exhortation doesn’t bother me (it’s been forwarded to the NCSC), I am a little concerned that my domain is sending out email without my knowledge or permission.
Does anyone have any ideas on how this happened?
Cloudflare doesn’t have outgoing mail service, what you see is that the incoming was handled by the Email Forwarding service. All emails will have that on Gmail.
The fact that someone can use your address to appear as the sender is a common problem if your address ended up in a database leak, or just was crawled from the mail client of an infected partner.
DKIM, SPF, and DMARC are supposed to stop these emails to appear as legit, and thus land in spam automatically.
Send a mail from your forwarded address to the MXToolBox deliverability checker service (ping at tools.mxtoolbox.com) and see how your domain performs. It should be all green (check the full report).