cPanel Email Deliverability Tool SPF and DKIM Records

September 17, 2022 . 2 MIN READ

Is your server at risk of being blacklisted? Spammers frequently target compromised websites and mail accounts to send thousands of unauthorized emails. By the time a host detects the surge, the server’s IP reputation is often already destroyed, causing legitimate mail to bounce or land in junk folders.

At Velan Server Support Services, we specialize in helping SME hosting providers recover from spam incidents and implement proactive defenses to keep IPs clean.

The Threat: Email Spoofing

Approximately 76% of spam in web hosting environments originates from email spoofing—where a sender uses a fake or invalid “From” address. This leads to:

  • Queue Bloat: Thousands of bounce-back failure messages clogging your mail queue.

  • Reputation Damage: Your server being identified as a source of “CEO fraud” or phishing.

  • Blacklisting: Major providers (Gmail, Outlook) blocking your entire IP range.

Typically, spoofed emails originate from three sources:

  1. Vulnerable PHP/mail scripts.

  2. Compromised email credentials.

  3. Weaknesses in default mail server configurations.

Solution: Blocking Outbound Spoofing in cPanel

To secure your cPanel server, we implement custom Access Control List (ACL) rules within the Exim mail server. These rules verify the domain in the “From” header against the server’s Local Domains and Remote Domains lists. If the domain doesn’t match, the email is rejected before it ever leaves your server.

[!CAUTION] Warning: Editing the Exim configuration file requires extreme precision. A single syntax error can take your mail server offline. Always back up your configuration before making changes.

1. Block Unauthenticated Spoofing

To prevent scripts from sending mail using unauthorized “From” headers, add the following code block under the acl_not_smtp section:

SQL

deny
  condition = ${if !match_domain{${domain:${address:$h_From:}}}{+local_domains : +remote_domains : +allow_domains}}
  message = Sorry, you don’t have permission to send email from this server with a header that states the email is from ${lc:${domain:${address:$h_from:}}}

accept

2. Block Authenticated Spoofing

Even if a user has a valid login, they should not be allowed to “ghost” as a different domain. Add this code below acl_check_data or your SMTP authentication filters:

SQL

deny
  authenticated = *
  condition = ${if !match_domain{${domain:${address:$h_From:}}}{+local_domains : +remote_domains : +allow_domains}}
  message = Sorry, you don’t have permission to send email from this server with a header that states the email is from ${lc:${domain:${address:$h_from:}}}

accept

Need Expert Assistance?

Managing mail server security is a full-time job. Velan’s engineers can help you set up custom security rules, monitor outbound traffic, and ensure your server maintains a 10/10 deliverability score.

Reference:

  1. https://velaninfo.com/rs/techtips/how-to-prevent-spoofed-emails-going-out-from-your-cpanel-whm-server/ 
  2. https://www.namecheap.com/support/knowledgebase/article.aspx/9214/31/cpanel-email-deliverability-tool-spf-and-dkim-records/ 
  3. https://blog.cpanel.com/3-ways-to-prevent-email-abuse/ 
  4. https://www.scalahosting.com/blog/protect-your-cpanel-hosting-from-spam/ 
  5. https://support.cpanel.net/hc/en-us/articles/1500006388841-How-to-enable-SMTP-Restrictions-in-WHM-to-prevent-spam-from-being-sent-from-your-server 
  6. https://docs.cpanel.net/knowledge-base/email/how-to-prevent-email-abuse/

Leave a Reply

Your email address will not be published. Required fields are marked *

Anwar

Anwar

RECENT POSTS

TAGS

You Might Be Interested In

Tags

Navigation

Newsletter