cPanel spam mitigation – How we fight spamming in cPanel servers
Spam mails are more than a mere nuisance for web hosts. When a server is being spammed, valid mails get lost or delayed indefinitely in the pool of spam mails.
Equally panicky situation is outbound spamming from your server. Your mail server IP can easily get blacklisted, causing email delivery failures for your customers.
How we block inbound spam in cPanel servers
Uncontrolled spamming can crash the server. Our 24/7 US based phone support team coordinates with the helpdesk support team to quickly resolve the issues of our customers. Learn more.
In our role as Outsourced technical support services for web hosts, we avoid both inbound and outbound spamming in their mail servers to avoid email delivery delays or failures.
Here, we’ll give a sneak-peak into what we do to prevent inbound spamming in cPanel servers.
1. Spam filters to filter out incoming spam
In cPanel servers, the most commonly installed Spam filters are ‘Spamassassin’ and Mailscanner. But simply installing SpamAssassin will not be sufficient to prevent spamming in servers.
The default rule-set of SpamAssassin is configured for generic spam and may not filter all types of spam that hits your mail server. To ensure that no spam gets into your server, we configure custom rules to examine incoming mails and filters to block spam.
Bobcares engineers also use extended email logging and email header inspection to identify the spam mails that escape the default rule-set and reach the mailboxes. We then configure custom spam filter rules to block those spam mails.
Another security feature we implement in mail servers, is the scanning of incoming mails for malicious attachments and viruses, using antivirus software such as ClamAV.
We don’t stop here. At Bobcares, security updates and server tuning are an ongoing process. This is because new spam patterns and vulnerabilities can pop up any time in the internet world.
Our 24/7 security experts monitor the mail queue and exim logs regularly to track and filter out new spam patterns in emails, thus ensuring an ongoing 360 degree protection for the mail servers.
2. Anti-spam record lookup
We’ve seen that many spam mails get generated out of email spoofing, where spammers steal valid email addresses and send forged mails with ‘From’ addresses as those IDs, without really authenticating them.
We configure sender and recipient validation in servers to confirm that they are valid domains. Using anti-spam record lookup, we validate that the mails are originated from genuine senders and not spammers who spoof the email addresses.
To prevent email spoofing, the commonly configured anti-spam records are SPF (Sender Policy Framework), DKIM (Domainkeys Identified Mail) and RDNS (Reverse DNS).
While SPF and SKIM are domain authentication records, RDNS is configured to map mail server IP to its hostname. By default, many mail servers do not have SPF checks configured or even if they do, the rule set would be generic.
For instance, a rule that uses ‘+all’ will let mails from every host to pass, which is not useful to block spam. Bobcares’ cPanel experts configure custom ACLs (Access Control Lists) to validate mails and implement filtering to exclude whitelisted domains.