How to Set Up Efficient Spam Rules with cPanel

How to Set Up Efficient Spam Rules with cPanel

Updated: 07/09/2024

Spam emails can be a significant nuisance, cluttering your inbox and posing security risks. Fortunately, cPanel provides robust tools to help you manage and filter out spam effectively. In this article, we will guide you through setting up efficient spam rules using cPanel to keep your inbox clean and secure.

What You'll Need

Before you begin, ensure you have the following:

  • Access to cPanel for your domain.
  • Basic understanding of email filters and spam.

Step-by-Step Guide

Step 1: Access cPanel

  1. Log in to your cPanel account.
  2. Navigate to the "Email" section. You can find this section by scrolling down or using the search bar at the top.

Step 2: Enable SpamAssassin

SpamAssassin is a powerful spam filter included with cPanel. It gives a spam score to each email based on several criteria ("the email body contains a text about large sums of money", "the domain the email is sent from is a known spammer"...) and can then take an action depending on the overall spam score of the email.

  1. Click on "Spam Filters" under the Email section.
  2. Enable Apache SpamAssassin. Toggle the switch to enable SpamAssassin. This will start filtering incoming emails for spam.

Step 3: Configure SpamAssassin

Once SpamAssassin is enabled, you can configure its settings for optimal performance.

  1. Click on "Spam Threshold Score." Adjust the score to determine how aggressively SpamAssassin filters emails. The default is 5, but you can lower it to catch more spam or increase it if legitimate emails are being marked as spam.
  2. Enable "Auto-Delete Spam" (Optional). This will automatically delete emails marked as spam. Be cautious with this setting, as it might delete legitimate emails if the threshold is set too low.
  3. Configure Whitelist and Blacklist. Add trusted senders to the whitelist to ensure their emails are never marked as spam. Conversely, add known spam addresses to the blacklist to always mark their emails as spam.

Step 4: Set Up Email Filters

Email filters allow for more granular control over incoming emails.

  1. Go back to the cPanel home screen.
  2. Click on "Email Filters" under the Email section.
  3. Select the email account you want to manage.
  4. Click on "Create a New Filter."

Creating a Filter

  1. Name your filter. Give it a descriptive name.
  2. Set the rules. Define the conditions for your filter, such as:
    • From: Specific email addresses or domains.
    • Subject: Keywords commonly used in spam emails.
    • Body: Specific phrases that appear in spam emails.
  3. Choose an action. Decide what happens to emails that meet the filter conditions. Common actions include:
    • Discard Message: Permanently delete the email.
    • Redirect to Email: Forward the email to another address.
    • Move to Folder: Move the email to a specific folder, such as a spam or junk folder. Note that we suggest using this option in case you get false positives. You can then keep an eye on this folder from time to time and restore legitimate emails if any.
  4. Click "Create" to save the filter.

Step 5: Test Your Filters

It's important to test your spam filters to ensure they are working correctly.

  1. Send test emails from different addresses, including ones that should be marked as spam and legitimate ones.
  2. Check your inbox and spam folder to see if the filters are correctly identifying and processing the emails.

Step 6: Monitor and Adjust

Spam filtering is not a set-it-and-forget-it task. Regularly monitor your spam filters and adjust them as needed.

  1. Check your spam folder periodically. Ensure that legitimate emails are not being caught by your filters.
  2. Adjust the SpamAssassin threshold if you find that too much spam is getting through or too many legitimate emails are being marked as spam.
  3. Update your whitelists and blacklists as you encounter new trusted or spam email addresses.

Fighting @your-domain.com spam

In order to reach your mailbox, some spammers will send emails using addresses ending by your domain name. It is fairly easy to target this type of spam:

  • Set up SPF and DKIM: Under cPanel > Email Deliverability, click on "Manage" next to your domain and install the SPF and DKIM records by clicking on "Install the suggested record". Note that, depending on your setup, you may not be able to automatically install your records and you would then have to contact your hosting provider. Alternatively feel free to contact us for help.
  • Create a new email filter using the steps above
  • Enter a field "From" followed by "Ends with" and, in the value box, enter @your-domain.com> . So if your domain is www.flower-shop.com you should enter @flower-shop.com>
  • At the end of the line, select "And"
  • Enter another field "Any header" followed by "Contains" and, in the value box, enter KAM_DMARC_STATUS
  • Save

This will automatically filter out incoming emails ending by @your-domain.com if they are not sent from your server. If you are sending emails from other servers, make sure to either update your SPF rules or send the emails using authenticated SMTP.

Creating targeted spam rules

When creating rules you need to first identify the types of spam:

  • Multiple emails from the same address: This type of spam is fairly easy to stop, you can create a filter "From" and "Contains" then enter @thedomain.com> (don't forget the > , it is important) and it will stop all spam coming from that domain, even if the spammer uses other email addresses. Be wary not to use it for popular domains such as @gmail.com> - except if it is your intention - or it would filter-out all emails coming from that domain.
  • Different email addresses and domains but coming from the same range of IP: In this scenario, you can create a filter "Any Header" and "Contains" then enter [195.133.39.12 (don't forget the [ , it is important). For instance if you are getting spam from 195.133.39.12, 195.133.39.44 and 195.133.39.49 you can filter out all traffic from IP addresses starting by 195.133.39. using [195.133.39.
  • Different email addresses with a reply-to address: This is fairly easy to target as the spammers will want to receive an answer on the reply-to address. You can create a filter "Reply" and "Contains" then the domain that is indicated in the reply-to field (for instance @manektech.com).
  • Spam coming from popular domain names (for instance @gmail.com): In this scenario you can create a combined rule that detects the source (@gmail.com) , looks for specific keywords/headers and, if both conditions are met, filters-out the email. To do-so create a filter "From" and "Ends with" with the value @gmail.com> then make sure to select "And" at the end of the line then you can combine it with another filter such as "Body" "Contains" then "guest post" as value.
  • Spam on a personal email address from mailing lists: In order to evade detection by anti-spam tools, some spammers either use popular mailing tools (Mailjet, Sendinblue...) or add a list-unsubscribe to their headers. If you are receiving this type of spam on a personal work email - typically an email in which you do not necessarily want to receive newsletters - you can simply filter these out. To do-so, create a filter "Any header" and "Contains" and add "List-Unsubscribe:" as value, this will be activated by any email containing a header with an unsubscription list.

Important: The difficulty of fighting spam is to ensure that you are not deleting legitimate emails when doing-so. Your rules must be targetted enough to be effective yet permissive when it comes to other emails. Always test your filters, including with legitimate emails to ensure that the filters do not apply to them.

Conclusion

By following these steps, you can set up efficient spam rules in cPanel, significantly reducing the amount of spam that reaches your inbox. Regular monitoring and adjustments will help keep your email experience smooth and secure.

However, on the long run, creating spam rules can prove tedious and time-consuming, especially if your email addresses are in email lists of spammers. In this case you may want to opt to use Office 365 or Gmail for business emails that come out-of-the-box with strong anti-spam features.

If you have help fighting spam or setting up SPF/DKIM records, feel free to contact us at https://www.thedigitalcube.com/contact-us

Share this article

Table of contents

Blog categories

> Web development> Advertising> Email campaigns> Server management> Entrepreneurship> Web design> CMS> E-commerce