cPanel Email Forwarders: Redirect Mail Without a Mailbox
Someone on the team needs mail sent to info@yourdomain.com to land in their existing Gmail inbox, and they don't want another mailbox to log into. That's exactly what a cPanel email forwarder is for — and it's one of the most misunderstood features in the whole panel. Here's how it actually works, how to set it up, and how to fix it when forwarded mail goes missing or ends up in spam.
Forwarder vs. Email Account: what's the difference
An Email Account in cPanel creates a real mailbox on the server — it has its own quota, its own IMAP/POP3 login, and mail sits there until something (webmail, Outlook, a phone) picks it up.
A Forwarder creates none of that. It's just a rule Exim reads: "if mail arrives for this address, rewrite the recipient and resend it somewhere else." No storage, no login, no quota used. The mail never stops at your server — it passes through and keeps going.
That distinction matters because a forwarder can't be the final destination. It has to point at a mailbox that actually exists somewhere — your personal Gmail, a Microsoft 365 account, or another mailbox on the same server.
Setting up a single forwarder
- Log in to cPanel and open Email → Forwarders.
- Click Add Forwarder.
- In Address to Forward, type the local part (e.g.
info) and pick the domain from the dropdown. - Under Destination, choose Forward to Email Address and enter the full destination address, e.g.
yourname@gmail.com. - Click Add Forwarder.
That's it — no DNS change required. Mail for info@yourdomain.com already arrives at your server because your MX records point there; the forwarder just tells Exim what to do with it once it lands. Under the hood, cPanel writes this mapping into /etc/valiases/yourdomain.com, which you can read directly over SSH if you want to confirm a rule actually saved.
You can add several forwarders for the same source address — mail sent to sales@yourdomain.com can go to three different inboxes at once, each one an independent entry.
Catching everything with a Default Address
If you want any mail sent to a nonexistent address at your domain — a typo, an old alias someone still uses, a made-up address on a business card — to land somewhere instead of bouncing, go to Email → Default Address, select the domain, and set it to forward to a real mailbox.
Be careful with this one. A default address (often called a “catch-all”) is a magnet for spam and directory-harvest attacks, because spammers guess random local parts and yours will accept all of them. If you turn it on, watch that inbox's volume for a week and be ready to switch it to :fail: with error message if it turns into a firehose of garbage.
Forwarder destination options
| Destination type | What it does | When to use it |
|---|---|---|
| Forward to Email Address | Rewrites recipient, relays mail onward | Redirecting to Gmail, Outlook, or another mailbox |
| Discard (send an error) | Bounces the sender with an SMTP error | Retiring an old address without silent loss |
| Pipe to a Program | Feeds the raw message to a script | Automated processing, e.g. a ticket parser |
| Blackhole | Silently discards, no bounce sent | Rarely a good idea — senders get no feedback at all |
Symptom: "mail loop detected" bounce
Cause: a forwarding loop. This happens when address A forwards to B, and B (on the same server or another server you control) forwards back to A, or when a forwarder points at itself by mistake after a copy-paste. Exim's loop detector counts hops and kills the message once it exceeds the limit, then bounces it with a message like “too many ‘Received’ headers” or “mail forwarding loop detected.”
Fix: open Email → Forwarders for every domain involved and trace the chain manually — it's almost always two forwarders pointing at each other. Delete or repoint one of them. If you're not sure which domains are affected, check the bounce message itself; it usually lists the chain of addresses in the headers.
Symptom: forwarded mail never arrives, no bounce either
Cause: usually the destination mailbox's spam filter silently dropped it, or the receiving server (Gmail, in particular) accepted it during the SMTP conversation and then routed it to spam or trash after inspection — which won't generate a bounce back to you.
Fix: check the exim mail log on the source server first, to rule out a problem on your end:
exigrep user@yourdomain.com /var/log/exim_mainlog
If the log shows the message was accepted by the destination server (look for a line ending in => rather than ** or a timeout), the mail left your server successfully and the problem is on the receiving side. Check spam/junk folders and any receiving-side filters next.
Symptom: forwarded mail lands in spam at Gmail/Outlook
Cause: this is the one that trips people up. A forwarder doesn't rewrite the envelope sender by default — it just relays the message as-is, with the original From header intact. When Gmail's servers check SPF, they check it against the IP address that actually connected to them, which is now your server, not the original sender's mail server. Since your server's IP isn't in the original domain's SPF record, the check fails. DKIM usually still passes (the signature travels with the message body), but a failed SPF check combined with no DMARC alignment is often enough to tip a message into spam.
Fix: there's no way to make a plain forwarder pass SPF at the destination — that's a structural limitation of forwarding, not a misconfiguration you can patch. Two practical workarounds:
- Ask the recipient to add the forwarded sender to their contacts or safe-senders list, which most providers weight heavily against spam classification.
- For a business-critical address, skip the forwarder entirely and use IMAP fetching instead — keep a real mailbox on your server and have Gmail pull from it under Settings → Accounts → Check mail from other accounts. Gmail delivers it into your inbox without the SPF penalty, because there's no third-party relay involved.
Prevention checklist
- Keep a simple written list of every forwarder and where it points — loops are hard to spot months later when nobody remembers the chain.
- Avoid a Default Address unless you're actively monitoring the inbox it lands in; set it to bounce instead of silently vanishing important mail.
- For addresses that matter (billing, support, sales), prefer a real mailbox with IMAP fetch on the receiving end over a raw forwarder, to sidestep the SPF issue entirely.
- If you manage SPF for the domain, don't add your own server as a blanket "fix" for forwarding — it doesn't help the SPF check at the final destination and just bloats the record.
FAQ
Frequently asked questions
Does a forwarder use up my email hosting quota?
No. A forwarder holds no mail and has no storage of its own — it only rewrites the recipient and relays the message onward through Exim, so it doesn't count against your account's disk quota.
Can I forward one address to more than one destination?
Yes. Add a separate forwarder entry for the same source address for each destination you want — cPanel will deliver a copy to every one of them.
Why did I get a bounce saying 'mail forwarding loop detected'?
Two forwarders are pointing at each other, directly or through a chain, so the message keeps bouncing between servers until Exim's hop limit kills it. Check Email > Forwarders on every domain in the chain and break the loop.
Can I set up a forwarder if my domain uses Google Workspace or Microsoft 365 for mail instead of cPanel?
Not through cPanel — forwarders only work for mail that arrives at your cPanel server, which requires your MX records to point there. If mail is hosted elsewhere, set up the forwarding rule inside that provider's admin console instead.
How do I stop forwarded mail from landing in the recipient's spam folder?
It's a structural SPF limitation, not a settings bug, so there's no full fix on the forwarding side. Ask the recipient to whitelist the sender, or switch business-critical addresses to a real mailbox with IMAP fetch instead of a forwarder.