Site blocked on Spamhouse - can mainwp-child be responsible?

Our site was blacklisted a few days ago. Wpx looked into the issue and came up with this:

we never had an email created on the domain. And I do not think wpchild is the culprit. What do you guys think??

1/ On the day that Spamhaus has provided information to you regarding a high number of messages sent, there haven’t been a lot of outgoing emails from our server, since we have a specific limit, beyond which point a mail queue is being created, which wasn’t the case this time. In fact, there hasn’t been a single mail queue this month on the server that your site is hosted on.

2/ We noticed that the mailer function has been turned off shortly after Spamhaus blacklisted the domain.

3/ After that, we reviewed the plugins that your website is using. A specific one came to attention: mainwp-child

The plugin appears to deal with another panel, which connects to your website, but the specific thing that came up was an SMTP integration, specifically in the file: /home/d*******/public_html/wp-content/plugins/mainwp-child/class/class-mainwp-child-back-wp-up.php](http://******/public_html/wp-content/plugins/mainwp-child/class/class-mainwp-child-back-wp-up.php)

With such SMTP integration, the headers of an email can be tweaked so that they contain additional data, which is usually helpful, but can be used wrongly.

We do have a protection against email spoofing via our SPF record, however please note that in case emails are sent from an outer panel, we cannot guarantee that the headers will not be changed and the SPF cannot protect outer records which are different from the ones by the origin server.


Hi @surfdog,

We reviewed our code, and we believe that this is not what caused the problem.

The code that your host pointed out uses the PHPMailer library, which is part of WordPress itself, and there are no customizations in the code that would cause this kind of problem.

Furthermore, the code sends email only if you use the BackWPup plugin and the MainWP BackWPup Extension and manually trigger the Test Email function from the extension.

I would strongly advise reaching out to the Spamhouse support team and asking them for more details.


Thank you very much. I was sure it is not your plugin.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.