Certbot does not send emails.
LetsEncrypt will send advisory emails to the registered ACME account holder if a certificate has not been removed and is in imminent danger of expiring. This address can be controlled by the information shared by @aarongable above.
The emails you are experiencing are most likely sent by the cron program on your machine, not Certbot or LetsEncrypt. They are most likely sent due to the a configuration in the root
user's crontab. They are most likely sent to the root@domain
email address because the hostname
of that machine is configured to be domain
, and they are originating from the root
account. This is basic cron
behavior, and you will get the most help from a forum like ServerFault.
It's possible this is coming from another user, but I think it's probably the root user.
I would do the following:
su root # or sudo root
crontab -e
And look for a MAILTO setting in there.
This is probably due to a global "MAILTO" setting in cron. It might appear in the crontab for root, or in another configuration file. ServerFault can help as this will be dependent on your Operating System and Version.
You can also su
into each user on that machine, and see if they are the ones invoking certbot with cron. I would not be surprised if more than one account is configured to do this.
When cron is configured with a mailto, it will send the output of every cronjob to the address(es). In this case, crontab is most likely capturing the STDOUT and then emailing that to root@domain
.
Your server is probably either configured to deliver that mail via SMTP to the another server, or dropping it into a local mailbox - which happens to be what the higher level person uses.
This may be something the higher level person should be configuring, as many times the output of a cronjob like this is used for uptime monitoring or daily statistics and tracking.