Child pages
  • Spam Filters
Skip to end of metadata
Go to start of metadata

For cPanel & WHM version 70

(cPanel >> Home >> Email >> Spam Filters)

Overview

This interface allows you to configure the spam filter settings (powered by Apache SpamAssassin™) for your account. The spam filters can identify, sort, and delete unsolicited mail. This interface examines and scores incoming email messages for spam characteristics. This calculated spam score helps determine the likelihood that a message contains spam.

For more information, read Apache SpamAssassin's overview documentation.

Note:

If you experience trouble when you use BoxTrapper and Apache SpamAssassin simultaneously, contact your hosting provider for more information about your server's configuration. 

Process new emails and mark them as spam

Enable this toggle to identify potential spam. Apache SpamAssassin examines every email message for spam characteristics and assigns the message a calculated spam score. The Spam Box and Auto-Delete features require that you enable Apache SpamAssassin first.

Note:

You cannot disable Apache SpamAssassin if your hosting provider enables the Apache SpamAssassin™: Forced Global ON setting in WHM's Exim Configuration Manager interface (WHM >> Home >> Service Configuration >> Exim Configuration Manager).

Move new spam to a separate folder

The Spam Box feature sends spam messages to a separate folder. We recommend that you use Spam Box instead Auto-Delete because you can still view the messages. However, you should occasionally empty this folder because the space that it uses counts towards your email quota limit.

Enable Spam Box

Enable this toggle to cause Exim to create a spam folder the next time that you receive spam mail.

  • Spam Box sends any mail with a calculated spam score that exceeds the Spam Threshold Score to this folder.
  • This feature preserves mail that Apache SpamAssassin may mistakenly classify as spam mail.

Empty the Spam Box folder

To empty the spam folder, or remove selected messages, click Configure Spam Box Settings. A new interface will appear.

  • Click Clear Entire Spam Box Folder to permanently delete every message in the spam box. 
  • Click Manage Disk Usage to remove only the messages that you select. A new interface will appear.

Troubleshooting

View the following information if you check your mail through a POP3 client, or if the Spam Box feature does not appear in your interface.

POP3 client

If you check your mail through a POP3 client, access and empty your spam box with the youraddress@example.com/spam username and your email account password. If you do not delete email in the spam box frequently, spam may accumulate and cause you to reach your email account quota.

Notes:

  • You cannot use this method to access other folders on your account. Some webmail clients may require additional steps. For more information, read our How to Set Up Webmail Folders for Archived Email documentation.
  • If you are unsure whether you use POP3 or IMAP to receive mail, search for this information in your email application's Preferences interface.

The Spam Box feature does not appear

For the Spam Box feature to appear, your hosting provider must enable the Enable Apache SpamAssassin™ Spam Box delivery for messages marked as spam setting in WHM's Tweak Settings interface (WHM >> Home >> Server Configuration >> Tweak Settings).

Notes:

  • If you do not enable the Spam Box feature but you do enable Apache SpamAssassin, Apache SpamAssassin will deliver the message to the email account's inbox normally. The subject line will contain the phrase ***SPAM*** if your hosting provider enables the Apache SpamAssassin™: X-Spam-Subject/Subject header prefix for spam emails setting in WHM's  Exim Configuration Manager interface (WHM >> Home >> Service Configuration >> Exim Configuration Manager).
  • You can create filters for spam messages for all of your email accounts in cPanel's Global Email Filters interface (cPanel >> Home >>  Email >> Global Email Filters), or for individual accounts in the Email Filters interface (cPanel >> Home >> Email >> Email Filters). You can use email filters to direct spam if the Spam Box option does not appear in your interface.

Automatically delete new spam

Enable this toggle to automatically delete messages that meet or exceed the Auto-Delete Threshold Score.

Note:

Auto-Delete permanently deletes all messages with a calculated spam score that exceeds the Auto-Delete Threshold Score. This could include non-spam messages, which would cause you to lose those messages. Make certain that you properly configure the Auto-Delete Threshold Score.

Additional configurations (for advanced users)

Additional configurations allow you to customize the whitelist, blacklist, and adjust individual test scores.

Important:

Only advanced users should configure these settings.

Click Show Additional Configurations to display the additional configurations.

Whitelist (emails always allowed)

Click Edit Spam Whitelist Settings to configure the Spam Filters whitelist settings. A new interface will appear.

Notes:

  • When you add addresses to the whitelist, use * as a wildcard to represent multiple characters and ? to represent a single-character wildcard. The following examples demonstrate how to properly use wildcards in the whitelist:
    • user@example.com — Whitelists a single email address.
    • *@example.com — Whitelists all of the addresses at example.com.
    • ?ser@example.com — Whitelists a single character in an address at example.com (for example, user@example.com, but not Auser@example.com).

Add email addresses that Apache SpamAssassin falsely marks as spam, but from which you wish to receive mail. To add an email address to the whitelist, perform the following steps:

  1. Enter the address in the whitelist_from text box.
  2. Click Add A New "whitelist_from" Item to add additional addresses.
  3. Click Update Whitelist (whitelist_from).

Blacklist (emails never allowed)

Click Edit Spam Blacklist Settings to configure the Spam Filters blacklist settings. A new interface will appear.

Notes:

  • When you add addresses to the blacklist, use * as a wildcard to represent multiple characters and ? to represent a single-character wildcard. The following examples demonstrate how to properly use wildcards in the blacklist:
    • user@example.com — Blacklist a single email address.
    • *@example.com — Blacklist all of the addresses at example.com.
    • ?ser@example.com — Blacklist a single character in an address at example.com (for example, user@example.com, but not Auser@example.com).

Add email addresses that Apache SpamAssassin falsely marks as non-spam, but you wish to mark as spam. To add an email address to the blacklist, perform the following steps:

  1. Enter the address in the blacklist_from text box.
  2. Click Add A New "blacklist_from" Item to add additional addresses.
  3. Click Update Blacklist (blacklist_from).

Note:

To blacklist email addresses on multiple accounts, use the Exim System Filter File.

Calculated spam score settings

We strongly recommend that only advanced users edit the spam testing scores. Improper configurations will create unintended consequences.

Click Configure Calculated Spam Score to configure individual test scores. A new interface will appear.

Use this interface to set individual test scores that Apache SpamAssassin uses to mark a message as spam. You can increase the score of a test that incorrectly allows spam messages through. Conversely, you can disable or reduce the score of a test that falsely marks messages as spam. For example, disable tests that mark bankruptcy emails as spam for a user who is a bankruptcy lawyer. To update the score of an individual test, perform the following steps:

  1. Select a test from the scores menu.
  2. Enter a score that contains up to three decimal places.

    Note:

    Set a score to 0 to disable the test.

  3. Click Add A New "scores" Item to customize additional test scores.
  4. Click Update Scoring Options.

Apache SpamAssassin uses hundreds of tests, and you can assign scores to individual tests to configure Apache SpamAssassin for your server. To review the default scores, run the following command:

grep -R score /var/lib/spamassassin/* | less