Title: Email Spoofing Security Problem
Last modified: November 14, 2018

---

# Email Spoofing Security Problem

 *  [renderingspace](https://wordpress.org/support/users/renderingspace/)
 * (@renderingspace)
 * [7 years, 7 months ago](https://wordpress.org/support/topic/email-spoofing-security-problem/)
 * Hello,
    I’ve been using this plugin for quite a while now without any problems.
   Recently I’ve started to have a major problem with email spoofing. Hundreds of
   emails are being sent from my domain to my clients disguised to come from me 
   but are actually Russian spammers with malicious links.
 * The technical team at Sitelock identified WP Mail SMTP as the faulty plugin that
   has led to this security breach.
 * My gmail mailer is completely configured and connected with Client ID/Secret.
   I’ve also implemented DKIM and DMARC to try to mitigate the problem with no success.
 * Currently running 1.3.3 on updated WordPress Version
 * Please advise
 * The page I need help with: _[[log in](https://login.wordpress.org/?redirect_to=https%3A%2F%2Fwordpress.org%2Fsupport%2Ftopic%2Femail-spoofing-security-problem%2F%3Foutput_format%3Dmd&locale=en_US)
   to see the link]_

Viewing 1 replies (of 1 total)

 *  Plugin Author [Slava Abakumov](https://wordpress.org/support/users/slaffik/)
 * (@slaffik)
 * [7 years, 7 months ago](https://wordpress.org/support/topic/email-spoofing-security-problem/#post-10879854)
 * Hello,
 * Most likely your site is compromised and someone placed certain `.php` files 
   inside your site directory structure (including in WP Mail SMTP plugin itself)
   that are backdoors for sending spam. Those PHP files may have `wp_mail()` function
   call, and as you have configured WP Mail SMTP – all the spam is starting to be
   sent through your Gmail account.
 * I’m more interested to know how exactly the technical team of Sitelock identified
   that WP Mail SMTP is the faulty plugin that led to this.
    Seeing random php files
   inside WP Mail SMTP plugin does not necessarily mean that WP Mail SMTP was hacked.
 * Here is a helpful document with tips of what to do if your site is hacked: [https://codex.wordpress.org/FAQ_My_site_was_hacked](https://codex.wordpress.org/FAQ_My_site_was_hacked)

Viewing 1 replies (of 1 total)

The topic ‘Email Spoofing Security Problem’ is closed to new replies.

 * ![](https://ps.w.org/wp-mail-smtp/assets/icon-256x256.png?rev=1755440)
 * [WP Mail SMTP by WPForms - The Most Popular SMTP and Email Log Plugin](https://wordpress.org/plugins/wp-mail-smtp/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/wp-mail-smtp/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/wp-mail-smtp/)
 * [Active Topics](https://wordpress.org/support/plugin/wp-mail-smtp/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/wp-mail-smtp/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/wp-mail-smtp/reviews/)

## Tags

 * [security breach](https://wordpress.org/support/topic-tag/security-breach/)
 * [spoofing](https://wordpress.org/support/topic-tag/spoofing/)

 * 1 reply
 * 2 participants
 * Last reply from: [Slava Abakumov](https://wordpress.org/support/users/slaffik/)
 * Last activity: [7 years, 7 months ago](https://wordpress.org/support/topic/email-spoofing-security-problem/#post-10879854)
 * Status: not resolved