My Cloudflare's email routing is hacked
I got an email in my spam inbox that strangely send by it's own email address.
From: [email protected]
To: [email protected]
The email address seems to be using my domain, I did use email routing to forward every email that sent to my domain into a single inbox in my gmail.
This might be coming from a bug or this is can be a serious issue if the attacker can have control over my domain mail.
Please I need immidiate help.
3 Replies
This is the email routing rule that I setup
This happens and isn't something to worry about. It went to spam which means SPF/DKIM likely failed. The way email works, anyone can send from any domain they like, but if it fails SPF/DKIM it'll likely go straight to the recipient's junk folder.
The reason you see "signed-by: cloudflare-email.net" is just because it went through Email Routing and Gmail is saying that "yes it came from Cloudflare". But that doesn't meant that Email Routing it hacked it just means that Email Routing forwarded it onto you as it was told to do.
Thank you for the quick response, I just worried over nothing apperantly