Replies: 0
I am a paid user of WPForms and a free user of WP Mail SMTP. I have a site that is set up with Ithemes Security as the site protection. I have WP Mail SMTP set up to use “other smtp” set up to send mail and it works. The IThemes Security plugin will send notification emails about failed logins, etc. I received a password reset request for my username on the wordpress site this morning. The request is for a different domain name entirely. Investigating this as a possible hack or fake email, it looked like it actually came from my site via my mail provider by smtp login. There were some password reset requests from other countries on the site. To try to find out what happened, I requested a password reset and compared the full message and headers to the first email. They both appear to come from the site server via WP Mail SMTP.