Categories
cPanel Email

Email Spam Settings (Spam Assassin)

Why are some of my emails showing “****SPAM****” in the subject? Does my cPanel have a built in spam filter?

Overview

Unfortunately, a big part of using email is dealing with spam emails. And with more people using email for both work and personal reasons, the volume of spam has exploded. Fortunately, there are tools included with your cPanel to combat these time wasters. Here is a guide on the spam filter included with your cPanel hosting, Spam Assassin. We also offer an advanced spam filtering tool called Email Defense.


Does cPanel have a spam filter?

Yes, of course! cPanel uses Apache Spam Assassin for spam filtering. Spam Assassin is the most popular open source spam filter available. It uses its robust scoring system and advanced analysis tools to scan your email for potential spam and phishing emails.

Essentially, what it does is check your incoming email headers (the hidden part of every email that contains information on where the email came from and how it was delivered) for known spam signatures and potential new threats. How it handles these threats is configured by the user.

Back to Top


How does Spam Assassin determine what mail are spam?

Spam Assassin scans the email content and headers, looking for signatures and items that it uses to determine if an email is legit or not. For every item that the filter finds suspicious, it will assign a score. This could be anything from the name of images in the email, the sending server or whether the email passed SPF and DKIM checks.

As long as the score is lower then the the score set in the Spam Assassin settings, the email will not be flagged. If the score is higher then the set score, the email are flagged and “****SPAM****” is added to the subject. Depending on your settings, the email may also be deleted.

You can see the spam score of any email by looking at the headers of the email. In Webmail, you can see this by clicking on the More icon and then Show Source. You should see this within the headers.

X-Ham-Report: Spam detection software, running on the system "vmcp143.myhostcenter.com",
 has NOT identified this incoming email as spam.  The original
 message has been attached to this so you can view it or label
 similar future email.  If you have any questions, see
 root\@localhost for details.
 Content preview:  This is a test spam 
 Content analysis details:   (2.0 points, 5.0 required)
  pts rule name              description
 ---- ---------------------- --------------------------------------------------
  0.0 URIBL_BLOCKED          ADMINISTRATOR NOTICE: The query to URIBL was
                             blocked.  See
                             http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block
                              for more information.
                             [URIs: megamailservers.com]
  0.2 KAM_BLANKSUBJECT       Message has a blank Subject
 -0.0 SPF_PASS               SPF: sender matches SPF record
 -0.1 DKIM_VALID             Message has at least one valid DKIM or DK signature
  0.1 DKIM_SIGNED            Message has a DKIM or DK signature, not necessarily
                             valid
  1.8 MISSING_SUBJECT        Missing Subject: header
X-Spam-Flag: NO

Notice this line:

Content analysis details:   (2.0 points, 5.0 required)

This email received a spam score of 2, but the threshold on this account is set to 5, so it was not flagged. You can also see that the reason this email got a score of 2 is because it had no subject line.

Back to Top


How do I use Spam Assassin?

Spam Assassin is enabled by default when your cPanel hosting is first set up. For most users, it can continue to work using its default settings without any other input from the user.

However, if you would like to tweak the settings, you can do this from your cPanel.

If you do not know how to access your cPanel, you can find out here.

The Email section of cPanel.

Once logged into your cPanel, go to the Email section and click on the Spam Filters app.

The Spam Assassin advanced settings.

Here you can alter your Spam Assassin filter settings to get it to work for you.

Process New Emails and Mark them as Spam

[On by Default]

This is the main toggle for the spam filter. If you would not like to use the Spam Assassin mail filter, you can disable it here.

Here is also where you can set the threshold score for the filter, by clicking on Spam Threshold Score. Keep in mind that this is the score that any email needs to hit before it is flagged as spam, so a lower score is more aggressive and will lead to more flagged mail.

Move New Spam to a Separate Folder (Spam Box)

[On by Default]

When enabled, any mail that the filter flags as spam will also be moved into the Spam Box (your spam folder). If you disable this, any flagged mail will still have the “****SPAM****” flag in the subject line, but still be delivered to your Inbox.

There is also an option to Configure Spam Box Settings. Here you will have the option to set your Spam Threshold Score, as well as empty your Spam Box. You can also empty all the spam folders on your account here.

Automatically Delete New Spam (Auto-Delete)

[Off by Default]

You can set your Spam Assassin to automatically delete mail that it flags as Spam. These mail are permanently deleted and cannot be recovered. For that reason, we recommend that you leave this option disabled.

If you do decide to enable it, you can set the auto-delete threshold here as well. This threshold is separate from the spam threshold, so you can have your auto-delete set to a high number so only the most obvious spam emails are deleted automatically, and others are only flagged.

Additional Configurations (For Advanced Users)

The Spam Assassin advanced settings.

Here is where you can add domains or emails to your white or blacklists. If you are not sure what whitelists and blacklists are, we will offer a simplified explanation here.

Click on the Edit Spam Whitelist (or Blacklist) Settings.

The spam assassin whitelisting interface.

You can enter an email address to whitelist it in your spam filter or enter the domain name to whitelist all email from that domain. Click on Add A New “Whitelist_from” Item to add a new line and click on the X to the right of any line to remove it. Be sure to click Update Whitelist (Whitelist_from) once you are done to save your changes.

The Blacklist section functions the exact same way.

The Calculated Spam Score settings section is an advanced feature that is beyond the scope of this guide.

Back to Top


What are Whitelists and Blacklists?

An email whitelist is a list of domains or email addresses that the spam filter will ignore the spam score and allow through. If you have a certain client that you get a lot of email from, it would be a good idea to whitelist their email address. If you receive several emails from different mailboxes with the same domain name, you can whitelist the entire domain, so any mail from that domain will be ignored by the filter.

An email blacklist is the same as a whitelist, but in reverse. Emails and domains on your blacklist are flagged regardless of the spam score. This can be useful if you are receiving spam from a single source, or if there is an email or domain you do not want to hear from. While the email blacklist can be a powerful tool for blocking know spam senders, most “professional” spammers do not reuse the same email or domain, so trying to block these spam senders here typically does not work.

Back to Top


If you have any further questions, please be sure to reach out to our support staff by using our chat service in your client area or by submitting a ticket.

One reply on “Email Spam Settings (Spam Assassin)”