How to enable spam assasin in cPanel

SpamAssassin is an open-source project of the Apache Software Foundation. it runs each email message through hundreds of tests that analyzes headers, text, and HTML coding and checks domains and IP addresses against DNS (define) blocklists and filtering databases.

When a message flunks a test, it scores anywhere from a fraction of a point to multiple points. If a message scores too many points, SpamAssassin rejects it. But the message can also receive negative points and that help offset the unwanted positive points.

Though it can reject permission-based messages, SpamAssassin has many positives:

Using a word such as "free" too often in copy might cost half a point, but the filter won't reject your message outright as some others do.

If your email is rejected, the ISP or receiving business may provide this detail in a bounce message; not inform you (the sender) at all; or simply insert the word "SPAM" at the beginning of the subject line when the message is delivered to the recipient. In some cases, the receiving entity will return the message with a detailed report showing exactly which tests it violated and how many points it accumulated. (This email can go back to either your reply-to email address listed in the header or your sender address.

You may also want to read:

7 Ways to Build Your Email List
Any listserv or mailing list service?
Email Problems: What Should I do?
How to Check and Send Emails Using Webmail
How to Solve Email Bounce Back Issues
How to configure Email Client


How Spam Assasin Works

Most of SpamAssassins behavior is controlled through a systemwide configuration file and a set of per-user configuration files. The per-user configuration can also be stored in an SQL database.

Here is a rundown on how SpamAssasin works


  • The message headers can be checked for consistency and adherence to Internet standards (e.g., is the date formatted properly?).
  • The headers and body can be checked for phrases or message elements commonly found in spam (e.g., MAKE MONEY FAST or instructions on how to be removed from future mailings)-in several languages.
  • The headers and body can be looked up in several online databases that track message checksums of verified spam messages. The sending systems IP address can be looked up in several online lists of sites that have been used by spammers or are otherwise suspicious. Specific addresses, hosts, or domains can be blacklisted or whitelisted. A whitelist can be automatically constructed based on the senders past history of messages.
  • SpamAssassin can be trained to recognize the types of spam that you that you consider non-spam. (SpamAssassin and the spam-filtering community often refer to non-spam messages as ham. )
  • The sending systems IP address can be compared to the senders domain name using the Sender Policy Framework (SPF) protocol (http://spf.pobox.com) to determine if that system is permitted to send messages from users at that domain. This feature requires SpamAssassin 3.0.
  • SpamAssassin can privilege senders who are willing to expend some extra computational power in the form of Hashcash (http://www.hashcash.org). Spammers cannot do these computations and still send out huge amounts of mail rapidly. This feature requires SpamAssassin 3.0.


Also read:

How Did My Email Get Compromised and What Can I Do to Stop It?

How to create an email forwarder in cPanel

How to fix error 500 no such user here

How to grow your mailing list ethically



A couple negatives, besides the rejection potential:

End users, whether individuals or corporations, can set the maximum score as high or low as they want, although a score of 5 or so is most common. They can also decide which tests to apply. The scores vary according to how SpamAssassin is configured, and users can boost or reduce them if they want.

Also, SpamAssassin penalizes messages more heavily for factors you might not control, such as using open relays or blacklisted IP addresses, or using malformed HTML or MIME coding. If you flunk one of those tests, notify your HTML designer or email service provider (ESP), pronto.

Also read:

Managing the Mail Function in CPanel
Webmail Programs in CPanel
What is Email Spoofing?
What is Spamming?


Suggestions on how to use the SpamAssassin tests to tune up your email program the right way:

Run your email marketing message through a content checker, whether a free or promotional service, third-party solution, or proprietary application provided in your email service provider's solution or in-house software, to spot and correct problems before you hit "send."

SpamAssassin breaks messages down into components instead of viewing it as all one piece: headers, subject and sender lines, body content, HTML code, pings on blacklists and whitelists, and so forth. You should adopt this manner of viewing email and work to correct problems in each component, not just the components that affect you most, such as subject line or body content.

Test your templates. Your primary newsletter or promotional message may not be the only email that gets tangled up in filters. Take all your email templates: company newsletter, sales promotion, order or subscription confirmation, welcome message, complaint response, announcement, and so forth, and run them through the content checker with no body copy or coding beyond what the template requires.

Use the checker with caution. Checkers provided as a free or promotional service on a company Web site may not be using the latest SpamAssassin version.

Review the content one more time. Check the IP address used to send your message against a blacklist clearinghouse. Monitor your reply mailbox for any filter or block reports.

(1) Select the option SpamAssasin located under Mail panel.

(2) Select Enable SpamAssassin button

(3) SpamAssassin will be automatically enabled as soon as you select the above displayed button and the following page will be displayed

(4) You can easily deactivate SpamAssasin by selecting Disable SpamAssassin button

It is also possible to automatically delete messages which are marked as SPAM with an option to disable this feature.

You can configure the various configuration settings by selecting Configure SpamAssassin button. These settings include blacklisting and whitelisting of emails. You will find more details on the SpamAssassin Configuration page.

SpamAssassin will help you to get rid of unwanted and unsolicited messages.


How to create spam filters in cPanel


Spams are dangerous for both hosting servers and individual accounts on the server. It is the easiest way to get a penalty from web hosts. Web hosts want to protect the integrity of their network and so will never want to tolerate spamming from any account holder.

Spam is dangerous and no one likes spam. That is why it has become a reoccurring subject on our blog and knowledgebase. In this tutorial, we want to show you how you can use the cPanel , Apache SpamAssassin, to keep spam out of your inbox.

How to Create a Spam Filter

In the Mail section of your cPanel account, choose Apache SpamAssassin. (If your hosting provider hasn’t already enabled this feature, select Apache SpamAssassin and then switch it on.)

Now you’re ready to set up email filters and specify how powerfully you’d like SpamAssassin to gate and vet incoming messages.

First, head to the “Email” section, navigate to “Global Filters,” and select “Create New Filter.”

Then, select “Spam Bar” from the first menu in the “Rules” section and then choose “Contains” from the second menu in that same section.
In that field, enter a spam score using a series of (+) symbols, with 5 being an adequate number for an individual user. Select “Deliver to folder” from the “Actions” section and enter the name of the folder to which you would like to direct spam.

Finally, click “Create” to activate the spam filter and, voila, your first filter is set up! (Be sure to check to occasionally check this folder to ensure items that are NOT spam aren’t being flagged.)

Spam Filter Settings

To set up the spam filter correctly, you need to first of all, understand the scoring system that it uses, and what happens to the emails when they are flagged as spam by that scoring system.
The scoring system will look at each incoming message and will give it a score based on its spam detection methods. By default, the score is set as 5. Every email with a score of 5 or below will be set as spam.
Setting the Score
To set the score, click on the "Configure Apache SpamAssassin" and change the score required in the "required_score field" and then click save.
The following gives an indication of what the scores mean:
Score 0 — All incoming emails will be flagged as spam
Score 5 — The default setting and works well for most users
Score 10 — Any score with less than ten will be marked as spam.
When an email is marked as spam, all that happens is that "***SPAM***" will appear at the start of the subject field as shown below:
NOTE — Your emails will NOT be deleted or be moved to the spam folder unless you configure it.
Unless you set up the program to auto delete spam emails or you setup Email Filtering, the email will remain in your inbox. Of course, some email programs such as Outlook or Thunderbird can also be configured to move spam to the spam folder, and even something like Gmail Spam Filtering works well at doing this as well.
How to Auto-Delete Spam
To set your spam to auto delete at the server level, you just select your Score setting and then select "Auto-Delete Spam". It can be disabled by selecting the "Disable Auto-Delete Spam".
As a warning, no email filtering system is 100 percent perfect effective. While spam filters try to catch all email that is spam, Spammers are continually adapting to create emails that are trusted not to be spam both by automatic filters and by humans themselves.

How to Stop Someone (Blacklist) from Emailing You

You may use Spam Assassin to blacklist (stop) someone from emailing you.

Login to cPanel and click the SpamAssassin icon.
If you have not already, please enable SpamAssassin.
Enter any IP address or email address in the blacklist_from field.
Scroll down and hit Save.

That will be all you need to get the cPanel SpamAssasin to work for you.
  • 51 Users Found This Useful
Was this answer helpful?

Related Articles

Managing the Mail Function in CPanel

Mail functions allow a user to do many different tasks with email accounts. This includes...

How to Check and Send Emails Using Webmail

To access the Webmail feature on Todhost server, there are two routes that can be taken which...

How to configure Email Client

You can use either the webmail interface or an email client. Check our tutorial on how to use...

Webmail Programs in CPanel

Todhost offers you a choice in webmail programs. You can choose whichever program you are most...

How to fix error 550 no such user here

Basically, this error message tells you that the email you sent was blocked by the recipient's...

Powered by WHMCompleteSolution