How to avoid Bulk Emails sent out on shared CPanel servers

What settings do you recommend for the Exim Configuration Editor Standard Options settings on a server running MailScanner?
Our recommended Exim Configuration Editor Standard Options settings in WHM version 11.25+ (with MailScanner installed and running):
Access Lists: Leave cPanel's defaults or modify as desired.
ACL Options: Enable the following:
* Attempt to block dictionary attacks
* Ratelimit: incoming SMTP connections that do not send QUIT.
* Require incoming SMTP connection to send HELO before MAIL
* Require incoming SMTP connections to send a HELO that does not match the primary hostname or a local IP address
* Require incoming SMTP connection to send a HELO conforming to internet standards (RFC2821
Disable the following:
* SpamAssassinTM: Reject mail with a spam score greater than x at SMTP time.
* SpamAssassinTM: Ratelimit hosts that transport messages with a spam score greater than x.
Domains and Ips: You can use this if you wish and it should not affect the operation of MailScanner, but we do not particularly recommend it nor can we provide any support for issues with this configuration.
Filters: Disable the following:
* Attachments: Filter dangerous attachments
* SpamAssassinTM: Bounce mail when the spam score is greater than 20
* SpamAssassinTM: Global Subject Rewrite
System Filter File = /etc/antivirus.empty
Mail: Enable the following:
* Add sender rates to the mail log
* Reject mail for users over quota at SMTP time. (CPU Expensive)
* Sender Verification
The two options that say "Skip scanning messages for virii/malware or spam when the scanner is unavailable" do not have any impact if you are using MailScanner instead of cPanel's implementation of SpamAssassin.
We recommend disabling:
* Sender Verification Callouts
RBLs: Enable one or both of these RBLs if you would prefer to block such emails at exim rather than have them processed by MailScanner. If you enable this you should set "Spam List = " to a blank field in the MailScanner Configuration. Enabling this in exim rather than MailScanner should reduce the resource usage by MailScanner.
Security: Leave as cPanel default or modify as desired.
SpamAssassinTM Options: None enabled.
Note: None of the SpamAssassin options in any of the sections should be enabled if you are running MailScanner.
Another note: If any of the above options are missing or there are additional options, you are probably using an earlier or later version of cPanel/WHM than the one referred to in this FAQ. We try to update this FAQ when these options change but there may be a slight delay.

Post a Comment