The purpose of this guide is to help you set up your email system to reduce the amount of spam you receive as much as possible. By following these steps
you should be able to reduce the amount of spam in your inbox by around 90%
to 95%.
1) Log into your cPanel hosting management area. (Click here if
you need help.)
STEP 1 - Allow Only Valid Email Addresses
This will configure your account so that only valid email addresses
will be able to receive email. Any incoming email addressed to a fake email address will be rejected
and a brief error message will be sent back to the sender. This will stop all
those random a343ffdd@yourdomain.com emails
from arriving in your inbox.
2) First you need to create any desired POP3
Email Accounts or Email
Forwarding Addresses.
3) Now that all the valid email addresses you want to have
are created, you must configure the "default" (catchall) email address. Go
back to the cPanel main page and then click the Default E-mail account link,
located within the Email Management Tools section.
4) Select the "Discard with error to sender (at SMTP time)" option,
and then enter a failure message into the box. For example:
This address does not exist
5) Press the Change button to save.
STEP 2 - Enable the Email Authentication Systems
All our email servers fully support the DomainKeys and Sender Policy Framework (SPF) methods of fighting spam. These tools are very good to prevent forged email from arriving to or being sent from your email addresses.
6) Go
back to the cPanel main page and then click the Email Authentication link,
located within the Email Management Tools section.
7) Press the Enable button for the Domain Keys feature.
8) Go back to the previous page, and now press the Enable button for the SPF feature.
Note: The majority of customers should accept the defaults, and should not need to modify anything after this feature is enabled. However, some customers might want to adjust the Advanced Settings if necessary. For example, if you have an email application that send mail from a different mail server, then you should add the IP address of the "allowed sending servers". Or if your email is hosted "offsite" by a 3rd party service (Exchange Hosting, etc.) then you will want to add your provider's MX servers. If you need help with this, please let us know or contact whomever is hosting your email for assistance.
STEP 3 - Enable the Spam Assassin Software
The Spam Assassin software analyzes incoming email and uses various tests
to determine how likely the messages is to be spam. A "score" is
then given to the email, depending on the test results. An email with a high
enough "score" is probably spam, and an email with a low
score is probably not spam. (Keep in mind that no automated tests
are perfect, so we use the word "probably" here.)
9) Go back to the cPanel main page and then click the SpamAssassin link, located within the Email Management Tools section.
10) Click the Enable Spam Assassin button
to turn on the software.
11) Once cPanel indicates the change was processed, click
on Go Back link to go back to the Spam Assassin menu screen.
12) Scroll down and press the Configure SpamAssassin (required to
rewrite subjects) button to enter the configuration screen.
13) Set the required_score to 5.
You can enter any number here. The number you specify is how "aggressive"
you want the Spam Assassin tests to be. A lower number means more emails
will be tagged as spam, and a higher number means more spam will arrive into
your inbox. Using a number that is "too low" might mean that some legitimate
email will be incorrectly tagged as spam, so be careful not to go too low.
We recommend starting with a number of 5 or 6 -- most of the ET Web Hosting
helpdesk staff use a score of between 4.5 and 5 and find it works well. You can always come back later and lower this number if you find too much spam is getting through.
14) Enter the following text into the box beside the rewrite_header
subject value:
**SPAM**
15) If you have any email addresses that you want to always be
received and never tagged as spam, then you can enter them into the whitelist_from boxes.
This is useful when you want to receive newsletters or other emails from someone
and want to make sure their emails don't end up getting filtered as spam. For
example, if you know that all email from company.com should be let through
without testing, then you would enter the following into one of the whitelist_from
boxes:
*@company.com
16) Once you are finished configuring the Spam Assassin options,
click the Save button to continue.
STEP 4 - Enable Filtering Of Emails Tagged As
Spam
Now that we have tagged some emails as spam, we need a way to actually take
action against those emails so that they don't arrive in your inbox.
Note: This step is optional. If you skip this step, any emails
that are tagged as "spam" will arrive in your inbox with the subject text
that you specified in step #14. You may want to stop here and leave things alone for a few days to make sure the emails being "tagged" as spam are actually spam and that there are no emails being incorrectly identified as spam. You may want to adjust the spam score (step #13) a little if needed.
17) Go back to the cPanel main page and then click the Account Level
Filtering link, located within the Email Management Tools section.
18) Click the Create A New Filter button to enter the
new filter configuration screen.
19) In the Filter Name box, you can type anything you want to identify this filter. ie: "SpamAssassin Email Filter"
20) In the Rules section, choose "Spam Status" that "begins
with", and then enter "Yes" (no quotes)
in the box.
21) In the Actions box select the "Discard Message" option:
Note: If you prefer to save the emails that are tagged as spam,
you can select the "Redirect to email" option and then enter an email address. For example, you might want to create
a new email account called "spam@yourdomain.com" and then enter that here.
Then you can periodically check the mail in the spam@yourdomain.com account
and confirm there are no legitimate emails that were tagged as spam by mistake
(and adjust the spam threshold from step 13 if needed). After a few weeks
when you are confident the spam filtering system is working well, you
can change the filter destination to Discard Message and delete the spam@yourdomain.com
mailbox.
22) Click the Activate button to save the filter.
Done!
