as this is no longer a roundcube issue, let's move it off list. if you'll send me a copy of the email with all the headers, i'll take a look. in gmail, click on "more options" then "show original", copy and paste everything to me in an email.
again, if someone has access to ANY open relay, they can arbitrarily set ALL the email headers to be anything they want, including yours. this has absolutely nothing to do with your mailserver, roundcube or anything else. it can be impossible to track down people who fake that stuff.
i just sent this email from your address. disabling the reply-to won't help and won't affect anything, email is very unreliable in terms of authentication.
Nipun Jain wrote:
I did check the email headers and could not find your original email address randy at sermo.net http://sermo.net anywhere except in the body of the message.
Anyways, the problem is that the person who is spoofing the email is most probably using roundcube (the webmail that my domain uses) as my domain ccet.in http://ccet.in is not an open relay and the only way I can think of spoofing it is using the Reply To field of roundcube.
Another reason that enforces the belief that my webmail running roundcube is being used is that my webhost has complained that my webmail is being used to send virus ridden emails (he has gone to such great lengths as to suspend my hosting, hopefully temporarily). Now the the recipient of these particulars is me, but I again could not figure out the actual sender from the headers which showed the sender as administrator@mydomain.com mailto:administrator@mydomain.com, an email id which doesnt exist at my domain. And without knowing the actual email account used to send these mails, I cannot suspend that account.
So the only possible solution I could think of now is to disable the Reply To field from roundcube so that that person is unable to spoof the email (atleast using roundcube), and if he sends virus ridden emails again, his actual email id can be traced and then suspended.
Someone please come up with a solution as my webhost won't re enable my account until a find a solution to this problem.