Select Page

cPanel spam mitigation – How we fight spamming in cPanel servers

Spam mails are more than a mere nuisance for web hosts. When a server is spammed, valid mails get lost or delayed indefinitely in the pool of spam mails.

Equally panicky situation is outbound spamming from your server. Your mail server IP can easily get blacklisted, causing email delivery failures for your customers.


How we block inbound spam in cPanel servers

Our Dedicated Support Specialists help hundreds of web hosts, digital marketers and website owners keep their servers spam free.

Here, we’ll give a sneak-peak into what we do to prevent inbound spamming in cPanel servers.


1. Spam filters to filter out incoming spam

In cPanel servers, the most commonly installed Spam filters are ‘Spamassassin’ and Mailscanner. But simply installing SpamAssassin will not be sufficient to prevent spamming in servers.

The default rule-set of SpamAssassin is configured for generic spam and may not filter all types of spam that hits your mail server. To ensure that no spam gets into your server, we configure custom rules to examine incoming mails and filters to block spam.

Bobcares engineers also use extended email logging and email header inspection to identify the spam mails that escape the default rule-set and reach the mailboxes. We then configure custom spam filter rules to block those spam mails.



SpamAssassin to block spam


Another security feature we implement in mail servers, is the scanning of incoming mails for malicious attachments and viruses, using antivirus software such as ClamAV.

We don’t stop here. At Bobcares, security updates and server tuning are an ongoing process. This is because new spam patterns and vulnerabilities can pop up any time in the internet world.

Our 24/7 security experts monitor the mail queue and exim logs regularly to track and filter out new spam patterns in emails, thus ensuring an ongoing 360 degree protection for the mail servers.

See how our 24/7 support team helps you!


2. Anti-spam record lookup

We’ve seen that many spam mails get generated out of email spoofing, where spammers steal valid email addresses and send forged mails with ‘From’ addresses as those IDs, without really authenticating them.

We configure sender and recipient validation in servers to confirm that they are valid domains. Using anti-spam record lookup, we validate that the mails are originated from genuine senders and not spammers who spoof the email addresses.

To prevent email spoofing, the commonly configured anti-spam records are SPF (Sender Policy Framework),  DKIM (Domainkeys Identified Mail) and RDNS (Reverse DNS).

While SPF and SKIM are domain authentication records, RDNS is configured to map mail server IP to its hostname. By default, many mail servers do not have SPF checks configured or even if they do, the rule set would be generic.

For instance, a rule that uses ‘+all’ will let mails from every host to pass, which is not useful to block spam. Bobcares’ cPanel experts configure custom ACLs (Access Control Lists) to validate mails and implement filtering to exclude whitelisted domains.



Never again lose customers to poor server speed! Let us help you.

Our server experts will monitor & maintain your server 24/7 so that it remains lightning fast and secure.


1 Comment

  1. awesome 🙂

    ive written this and open source it.
    it sort of scan exim mainlog and detect for repeative abuse attack from each user.
    thinking to add your advice on relay not matching from: email of the logged in domain



Submit a Comment

Your email address will not be published. Required fields are marked *

Bobcares is a server management company that helps businesses deliver uninterrupted and secure online services. Our engineers manage close to 51,500 servers that include virtualized servers, cloud infrastructure, physical server clusters, and more.