Artificial Intelligence
tech guide & how tos..
Dealing with unwanted emails can be a significant headache. Fortunately, if your hosting plan is equipped with cPanel, you already have powerful tools to combat spam for your entire domain.
CPanel is a widely adopted control panel, and as such, it is typically included with a variety of web hosting plans, making website and server management more accessible. The most common type of hosting that provides cPanel is shared hosting, where many websites reside on a single server, and cPanel allows individual users to manage their specific portion of the server resources. Beyond shared hosting, cPanel is also a standard offering in reseller hosting packages, enabling resellers to create and manage hosting accounts for their own clients. Furthermore, it is frequently provided with Virtual Private Servers (VPS) and dedicated server plans, particularly those that are "managed", meaning the hosting provider handles server administration and maintenance, including the cPanel installation and updates. While unmanaged VPS or dedicated servers might require manual installation of a control panel, cPanel remains a popular choice due to its user-friendly interface and extensive features.
cPanel offers several layers of spam protection, primarily focusing on incoming emails. The key tools are:
Apache SpamAssassin™: A highly effective open-source spam filtering system that assigns a "spam score" to incoming emails based on various tests (content, headers, blacklists, etc.). You define a threshold, and emails exceeding it are marked as spam or acted upon.
Email Filters (Global and User-Level): These allow you to create custom rules to process incoming emails based on specific conditions (sender, subject, body content, size, etc.) and then perform actions like discarding, redirecting, or delivering to a specific folder.
BoxTrapper: A challenge-response verification system that requires un-whitelisted senders to reply to a verification email before their messages are delivered to your inbox. While effective, it can be intrusive for senders.
Email Authentication (SPF, DKIM, DMARC - Email Deliverability): While not direct spam filters, these are crucial for preventing email spoofing and ensuring your legitimate emails aren't marked as spam by other servers. They verify that emails originating from your domain are indeed sent by authorized servers. For more on this, please read our article on How to Fortify your Email with SPF, DKIM, and DMARC.
This guide provides step-by-step instructions to configure spam control for all email accounts under a domain in cPanel, utilizing Apache SpamAssassin, email filters, and other available tools to minimize unwanted emails while ensuring legitimate messages are preserved.
The two most effective ways to apply spam control across your entire domain is by leveraging SpamAssassin and Global Email Filters. These features are particularly convenient when you have several email accounts under your domain — setting up spam control individually for each email account may become quite tedious.
Apache SpamAssassin is cPanel’s primary spam filtering tool, assigning a score to incoming emails based on spam characteristics. Enabling and fine-tuning it ensures effective spam detection across all email accounts for a domain.
SpamAssassin is a robust, open-source spam filtering tool integrated into cPanel, designed to identify and manage unwanted emails across all email accounts for a domain. It analyzes incoming emails using a scoring system based on predefined rules, such as content patterns, sender reputation, and email headers, assigning a score to determine the likelihood of spam.
Emails exceeding a configurable threshold (default is 5) are flagged as spam, allowing users to redirect them to a Spam folder, tag them, or delete them. SpamAssassin’s flexibility, including whitelist/blacklist options and custom rule configurations, makes it a powerful solution for maintaining clean inboxes while minimizing the risk of blocking legitimate emails.
With its ability to process emails server-wide, SpamAssassin ensures consistent spam protection for all accounts under a domain without requiring individual setup. Its adaptive learning capabilities (with advanced configurations) allow it to improve accuracy over time, and integration with cPanel’s user-friendly interface simplifies management for both novice and experienced users. Here are the steps to setup SpamAssassin.
Log in to cPanel: Access your cPanel account, usually via yourdomain.com/cpanel.
Navigate to Spam Filters: In the cPanel dashboard, under the Email section, click Spam Filters (formerly labeled as SpamAssassin in older versions).
Enable SpamAssassin: If it is not already enabled, toggle the Process New Emails and Mark them as Spam option to On. This activates SpamAssassin for all email accounts under the domain, marking emails with a score of 5 or higher as spam by default (indicated by SPAM in the subject line of marked emails).
Adjust Spam Threshold Score:
This is crucial. A lower score (e.g., 3) is more aggressive, flagging more emails as spam, but risks false positives. A higher score (e.g., 7) is more permissive, reducing false positives but allowing some spam. The default score of 5 is a balanced starting point.
Click Spam Threshold Score and select a value from the dropdown. Set the score (1–10) using the dropdown menu. Start with the default (5) and adjust it down (e.g., 4 or 3) if you are still receiving too much spam, or up (e.g., 6 or 7) if you are getting too many legitimate emails marked as spam (false positives). The Custom option allows you to enter a specific score value not in the dropdown list.
Click Update Scoring Options to save. Then return to overview for additional settings.
Enable Spam Box:
It is highly recommended to enable this feature. Instead of deleting spam automatically, it moves it to a "Spam" folder in your email account. This allows you to review flagged emails for any "false positives" (legitimate emails mistakenly identified as spam) before they are permanently deleted.
Toggle Move New Spam to a Separate Folder (Spam Box) to On. This redirects flagged emails to a dedicated Spam folder for all email accounts, preserving them for review to avoid losing legitimate emails.
You can then access this "Spam" folder via your webmail interface (e.g., Roundcube, Horde, SquirrelMail) or your email client. Remember to regularly review and empty this folder.
Configure Auto-Delete (Optional):
This is an aggressive option. If you enable it, emails exceeding a specific score will be automatically deleted. Use with caution, as you might lose legitimate emails.
If you choose to enable it, set a higher "Auto-Delete Threshold Score" (e.g., 7 or 8) than your regular Spam Threshold Score (e.g., 5). This provides a buffer, so only the most obvious spam is auto-deleted, while less certain spam goes to the Spam Box for review.
Click Configure Auto-Delete Settings under Automatically Delete New Spam. You will be taken to the below screen:
Set an Auto-Delete Threshold Score (e.g., 8) to delete emails with very high spam scores automatically. Warning: This is risky as it may delete legitimate emails; use cautiously and monitor regularly.
Click Update Auto-Delete Score to save. Then return to overview for additional settings.
Whitelisting and Blacklisting:
Under Additional Configurations (For Advanced Users), click Show Additional Configurations.
The expanded view will show up as below:
Click Edit Spam Whitelist Settings to add trusted email addresses (e.g., user@example.com) or entire domains (e.g., *@trusteddomain.com) using wildcards and on separate lines. This ensures emails from these sources bypass spam filters and you will always receive their emails regardless of their spam score. Avoid whitelisting your own domain to prevent spoofing.
Click Edit Spam Blacklist Settings to block specific email addresses (e.g., spammer@bad-domain.com) or entire domains (e.g., *@spamdomain.com) that you never want to receive emails from. These will be marked as spam automatically.
Update both lists by clicking Update Whitelist or Update Blacklist.
While SpamAssassin catches a lot, you can create custom rules using Global Email Filters to block specific patterns or redirect certain emails. These filters apply to all email accounts under your domain, allowing precise spam control based on SpamAssassin’s scoring or other criteria. However, if you wish to setup filters only for specific email accounts, you can use Email Filters instead. The method for setting filters in the latter case are the same as described below for global email filters.
Access Global Email Filters:
In cPanel, under the Email section, click Global Email Filters.
You will be taken to below screen:
Create a Spam Filter:
Click Create a New Filter.
The below screen will show up:
Define Filter Name: Give your filter a descriptive name (e.g., Block Pharma Spam).
Set Rules:
From: Filter by sender's email address.Subject: Filter by keywords in the subject line.Body: Filter by keywords in the email body.Spam Status: Filter based on SpamAssassin's Yes or No determination.Spam Bar: Filter based on the number of "+" signs SpamAssassin adds to the header (more "+" means higher spam score).Contains / Does not contain / Equals / Begins with / Ends with / Matches regex: Choose the comparison operator.Set Actions: Choose what happens when an email matches your rules:
Discard Message: Deletes the email without notifying the sender. Use with caution.Redirect to Email: Forwards the email to another address.Fail With Message: Discards the email and sends a failure notice to the sender.Stop Processing Rules: Stops any further filter rules from being applied to the email.Deliver to Folder: Delivers the email to a specific folder (e.g., a "Junk" folder other than the Spam Box).Example: Discarding emails with specific subject keywords:
Click Create to save and activate the filter.
Likewise you can create multiple filters.
Beyond SpamAssassin and email filters, cPanel offers additional tools to enhance spam protection for your email accounts.
This tool requires senders not on a whitelist to verify themselves before their email is delivered to your inbox, effectively blocking automated spam. BoxTrapper is not available across your entire domain - you need to set it up individually for each email account where you wish to activate it.
How it works: When someone sends an email to an account with BoxTrapper enabled, if the sender is not on your whitelist, BoxTrapper sends an automated verification email back to them. The original email will only be delivered after the sender replies to this verification email.
Setup: In the Email section of your cPanel, click BoxTrapper. You will be taken to a screen as below:
You can enable it for individual email accounts.
Enable BoxTrapper for an email account by clicking at Manage against the email address and then clicking Enable on the next screen. Configure settings to auto-whitelist known contacts.
Considerations: While effective, it can be annoying for legitimate senders who aren't used to this system, potentially leading to missed emails. It is generally less recommended for general use on a domain with many external contacts.
Warning: BoxTrapper can interfere with SpamAssassin if both are enabled simultaneously. Use one or the other, or contact your hosting provider for guidance.
If you consistently receive spam from a specific IP address or range, you can block it using the IP Blocker tool.
This tool is available under the Security section of your cPanel, as shown below:
Click IP Blocker to navigate to the related screen from your you can add multiple rules to block emails originating from IP addresses sending spam to your domain’s email accounts. Enter specific IPs or ranges, but verify they aren’t used by legitimate senders.
Use with caution: Only block IPs you are certain are malicious, as you could inadvertently block legitimate users.
cPanel includes a dedicated Greylisting feature that can be enabled by individual cPanel users for their domains.
When Greylisting is active, for any sender that the mail server doesn't recognize (i.e., not whitelisted), it will temporarily reject the email with a temporary error message. Legitimate mail servers are designed to retry sending the email after a short delay, at which point cPanel's Greylisting will accept it and then whitelist that sender-recipient "triplet" (sender IP, sender email, recipient email) for future deliveries.
Spammers, however, typically do not bother with retries, effectively blocking their messages. While it can introduce a slight delay for first-time senders, Greylisting is a powerful and popular anti-spam technique available in cPanel.
For advanced users with root access or technical expertise:
Custom SpamAssassin Rules:
Edit /etc/mail/spamassassin/local.cf via SSH to add custom rules or adjust rule weights (e.g., increase scores for specific keywords like viagra). Back up the file before editing.
Install third-party rulesets for enhanced spam detection, but ensure compatibility with cPanel.
Train SpamAssassin:
Use the sa-learn command to train SpamAssassin by marking emails as spam or ham (non-spam). This requires system administrator access and user cooperation.
Exim Configuration:
In WHM, under Service Configuration > Exim Configuration Manager, enable options like Apache SpamAssassin: X-Spam-Subject/Subject header prefix to add spam tags or configure server-wide blocking.
Note: Advanced configurations can break email functionality if misconfigured. Consult your hosting provider or a system administrator if unsure.
The Email Deliverability section in cPanel is a crucial tool designed to help ensure your outgoing emails reach their intended recipients' inboxes, rather than being flagged as spam or rejected outright. This feature acts as a diagnostic and management hub for email authentication records, specifically SPF (Sender Policy Framework), DKIM (DomainKeys Identified Mail), and DMARC (Domain-based Message Authentication, Reporting, and Conformance). These records in your domain's DNS help verify that emails sent from your domain are legitimate and prevent spammers from "spoofing" your domain. This doesn't filter incoming spam to you, but it prevents your domain from being used to send spam and helps your outgoing emails reach their recipients' inboxes rather than their spam folders.
It actively monitors the presence and correctness of these records for your domain, alerting you to any issues that might be hindering your email's deliverability. By providing a clear status (e.g., "Valid," "Problems," or "Not configured") for each authentication method, it empowers you to proactively address potential problems that could negatively impact your domain's email reputation.
Within the "Email Deliverability" interface, you can easily manage and repair your domain's SPF, DKIM, and DMARC records with just a few clicks. For instance, if an SPF record is missing or incorrect, cPanel can generate and install the correct one directly into the domain's DNS zone. Similarly, it facilitates the setup and management of DKIM keys, ensuring outgoing emails are digitally signed. For DMARC, it helps configure policies that instruct receiving mail servers on how to handle emails that fail SPF or DKIM checks, and it can even set up reporting to provide insights into email authentication results. This centralized management simplifies the often-complex task of configuring email authentication, significantly improving the chances that legitimate emails sent from your domain (such as transactional emails, newsletter updates, or customer communications) are successfully delivered, thereby maintaining trust and effective communication with recipients.
Check and Enable: Go to Email Deliverability in the Email section. cPanel usually allows you to review and fix or enable SPF, DKIM, and DMARC records automatically. Ensure their status is "Valid". See an example below:
For more on this, please read our article on How to Fortify your Email with SPF, DKIM, and DMARC.
Start with SpamAssassin: Enable it and adjust the threshold score gradually.
Avoid Overly Aggressive Settings: A Spam Threshold Score below 3 or excessive auto-deletion can block legitimate emails. Start with the default score of 5 and tweak gradually.
Utilize Spam Box: Always send detected spam to a Spam Box for review instead of auto-deleting it.
Regularly Review Spam Box: Check your spam folder daily for false positives. If you find any, whitelist the sender, or move legitimate emails to the inbox and adjust thresholds or whitelist settings as needed.
Update Whitelists and Blacklists: Periodically review and update lists to reflect new trusted or problematic senders.
Educate Users: If managing multiple accounts, inform users to check their Spam folders and report issues to fine-tune filters.
Use Global Email Filters for specific issues: Create filters for persistent spam patterns that SpamAssassin might miss.
Avoid Catch-All Email Addresses: Avoid setting a "Default Address" (also known as a "catch-all" email address) unless absolutely necessary. A catch-all address collects all emails sent to non-existent email addresses on your domain. This is a massive magnet for spam, as spammers often guess email addresses. Disable them to significantly reduce incoming spam. Set the default address to "Discard with error to sender (at SMTP time)" or "Fail" if you don't need a catch-all. This will immediately reject emails sent to invalid addresses, saving server resources and preventing spam accumulation.
Be cautious with auto-deletion: Only use it for very high spam scores, or if you are confident you won't miss important emails.
Backup Emails: Before enabling auto-delete or clearing Spam folders, back up emails to avoid accidental data loss.
Check for Conflicts: Avoid using BoxTrapper and SpamAssassin simultaneously unless configured carefully to prevent filtering issues.
Ensure Email Authentication: SPF, DKIM, and DMARC are vital for your own domain's outbound email reputation.
Keep cPanel updated: Your hosting provider should handle this, but ensure your cPanel version and its components (like SpamAssassin) are up-to-date to benefit from the latest spam detection improvements.
By implementing these strategies, you can significantly reduce the amount of spam hitting your domain's inboxes and maintain a cleaner, more secure email environment.
How to move your Email accounts from one hosting provider to another without losing any mails?
How to resolve the issue of receiving same email message multiple times when using Outlook?
Self Referential Data Structure in C - create a singly linked list
Mosquito Demystified - interesting facts about mosquitoes
Elements of the C Language - Identifiers, Keywords, Data types and Data objects
How to pass Structure as a parameter to a function in C?
Rajeev Kumar is the primary author of How2Lab. He is a B.Tech. from IIT Kanpur with several years of experience in IT education and Software development. He has taught a wide spectrum of people including fresh young talents, students of premier engineering colleges & management institutes, and IT professionals.
Rajeev has founded Computer Solutions & Web Services Worldwide. He has hands-on experience of building variety of websites and business applications, that include - SaaS based erp & e-commerce systems, and cloud deployed operations management software for health-care, manufacturing and other industries.