New York wrote:
I'm not sure what you mean by "externally". If it's external, then it's not coming from nopCommerce. Could they have hacked your email account? Is it just them just spoofing your email address, but it's not really coming from your email account/server? How are you even seeing those, if they are going to someone else? Is it as per above that you're getting 'rejections' from other mail servers?
By externally I mean outside our organisation (e.g. to [email protected]
I see the activity (i.e. the emails being sent) in the Message Queue in the nopCommerce admin section.
I also checked the login-log of that email account (on the exchange server) and no logins have been registered for the past few weeks. The email account is not an admin account, so they couldn't have deleted the log. Spoofing isn't an option either as a) I would see this on our exchange server and b) we have taken several security measure to prevent this from happening (not mentioning these because of security reasons).
I have no clue how they can send emails from nopCommerce's backend without logging in as an admin. This is obviously a security breach on the front-end of our nopCommerce shop.