I recently started working in hosting/software firm. And currently we have problem with our DNS server.
Two days ago we started getting complaints from our clients that they are receiving emails but in the From section there is a mistake, it shows wrong email of a sender. The email address that's displayed is a random address from one of our clients.
After trying to solve this problem i realized that in Email Deliverability section in cPanel Problems Exist (DKIM, SPF, and Reverse DNS).
When clicked on manage it shows how the records should look and it says that I need to update them, the problem is those same inputs do exist and so the problem persists. It's important to note that this is a shared hosting server.
Is this some form of hacker attack? Did anyone ever had the same problem?
Turns off the problem was coming from a different IP address. We were being attacked. As soon as we blocked it it stopped, and that error cPanel was showing was because the configuration on our server, it was always there.
This was the problem. I advise all WHM/cPanel users to update ASAP because the problem is really hard to find once you get in the middle of it.