Hi @yekusiel,
Thanks for reaching out! To confirm whether those emails are coming through the WP Mail SMTP plugin, you can copy the email header of a suspicious email and paste it into this tool.
When you analyze headers, check the “x-mailer” heading and see whether you can see the WP Mail SMTP plugin name like this.
This will provide you with an idea of what might be going on.
I hope this helps. Thanks!
Hi Darshana. I followed those steps and was able to confirm that the x-mailer heading does indeed show that the emails are coming from the plugin.
Please see screenshot.
Hi @yekusiel,
Thank you for the confirmation!
Most probably, you may have a form on your website without form validation it could be spammers submitting your form as well.
In that case, you can implement a captcha service on your forms. If you’re using a plugin like WPForms, you can follow this guide.
If you’re using a different plugin, you need to check their documentation on how to combat SPAM submissions.
I hope this helps. Thanks!
There is only one form on my website, and the fields are required. So no, it is not possible that that is what’s happening here. There is definitely an issue from within the plugin. From doing some Googling, it is evident that I am far from the only one experiencing this issue. I would suggest your team dedicates some effort into figuring it out.
