cPanel spam mitigation – How we fight spamming in cPanel servers
Incoming spam to their cPanel servers is a worrisome situation for web hosts. When mail queue gets filled up by spam, it will block valid email delivery, overload the server and cause nuisance to customers.
At Bobcares, we help businesses block spam and avoid mail server failures as a part of our Outsourced technical support services. Preventing outbound spamming is an equally important task for us, as inbound spam prevention.
We’ve dealt with servers that sent out too much spam, which led to server IP being blacklisted and every other mail server blocking mails from that server. Today, we’ll see the security measures we adopt to prevent cPanel spam.
How to block incoming spam in cPanel servers?
Protecting the mail servers from being spammed is a major security task we perform as a part of our Dedicated Tech Support services for web hosting providers.
Here, we’ll give a sneak-peak into what we do to prevent inbound spamming in cPanel servers.
1. Spam filters to filter out incoming spam
In cPanel servers, the most commonly installed Spam filters are ‘Spamassassin’ and Mailscanner. But simply installing SpamAssassin will not be sufficient to prevent spamming in servers.
The default rule-set of SpamAssassin is configured for generic spam and may not filter all types of spam that hits your mail server. To ensure that no spam get missed, we add custom spam filters and rules to examine incoming mails and to block spam.
At Bobcares, we use extended email logging and email header inspection to identify the spam mails that escape the default rule-set and reach the mailboxes. We then configure custom spam filter rules to block those spam mails.
We also scan the incoming mails for malicious attachments and viruses, using antivirus software such as ClamAV. Our 24/7 security experts monitor the mail queue and exim logs constantly regularly to track and filter out new spam patterns in emails.
[ Making your server stable doesn’t have to be hard, or costly. Hire Our Hosting Support Specialists at $9.99/hr. ]
2. Anti-spam record lookup
Many spam mails are generated out of email spoofing. Spammers can take valid email addresses and send forged mails with ‘From’ addresses as those IDs, without really authenticating them.
Enabling sender and recipient validation helps us to confirm that they are valid domains. Using anti-spam record lookup, we validate that the mails are originated from genuine senders and not spammers who spoof the email addresses.
To prevent email spoofing, the commonly configured anti-spam records are SPF (Sender Policy Framework), DKIM (Domainkeys Identified Mail) and RDNS (Reverse DNS).
While SPF and SKIM are domain authentication records, RDNS is configured to map mail server IP to its hostname. By default, many mail servers do not have SPF checks configured or even if they do, the rule set would be generic.
For instance, a rule that uses ‘+all’ will let mails from every host to pass, which is not useful to block spam. Bobcares’ cPanel experts configure custom ACLs (Access Control Lists) to validate mails and implement filtering to exclude whitelisted domains.
3. Using blacklists in mail server
A blacklist, also known as DNSBL or RBL (DNS Blacklist or Realtime Blacklist), is a spam blocking list. SpamCop and SpamHaus are two famous DNS blacklists that contain database of spamming servers.
At Bobcares, we configure ACLs in the customer mail servers to lookup these blacklists and to block spam from those blacklisted servers. To further block abusers, we configure personalized blacklists for each customer server based on the source of the spam coming to them.
4. Blocking IPs
In some worst-case scenarios, where the spamming is out of control and cannot be prevented with spam filters or ACLs alone, we resort to more security measures such as blocking suspicious IPs using firewalls, changing the mail server port, encrypting mails using TLS, etc.
To temporarily defer mails from unknown sources to verify if they are spammers or not, we configure ‘Greylisting’ feature in the cPanel server. This helps us to reduce spam mails without missing out legitimate ones.
Disabling direct access to SMTP ports of mail server, running mail server as an unprivileged user, setting up firewall to monitor SMTP connection traffic, etc. are other security measures we do to prevent cPanel spam.
[ Use your time to build your business. We’ll take care of your customers. Hire Our Hosting Support Specialists at $9.99/hr. ]