Reducerea Cazurilor de Abuz Email si SPAM
Reducing Instances of Email Abuse for cPanel & WHM – version 11.36
This document provides best practices for preventing email abuse on your cPanel & WHM server.
Spammers commonly attempt to work around mail security settings by interacting directly with remote mail servers. WHM’s SMTP Restrictions can prevent users from doing so.
You can access this feature in 2 locations:
Enabling this setting restricts outgoing email connection attempts to the mail transfer agent (MTA), the mailman system user, and the root user. Ultimately, this forces both scripts and users to use Exim‘s Sendmail binary, rather than directly accessing the socket.
Important: Prior to version 11.32, this feature would simply block any attempt to connect to a remote mail server. Starting with cPanel & WHM 11.32, the software redirects the outgoing connection attempt to the local mail server.
Preventing the nobody system user from sending mail to remote addresses prevents would-be abusers from having any anonymity in process accounting. This is because PHP and CGI scripts generally run as nobody when the system is using
mod_php, or when suEXEC is disabled.
You can access the Prevent “nobody” from sending mail setting at Home >> Server Configuration >> Tweak Settings, under the Mail Tab.
Enabling suPHP and suEXEC or
mod_ruid2 will improve process accounting across your system. Ultimately, this step will allow you to know which users are running which processes system-wide.
mod_ruid2is a different suEXEC module for Apache. This module will also force CGI applications to run as the cPanel account user. This module attempts to provide some performance enhancements over Apache‘s default suEXEC configuration by taking advantage of some POSIX.1e capabilities.
You can limit the number of emails a domain can send per hour. To do so, you can use the Max hourly emails per domain option under the Mail tab at Home >> Server Configuration >> Tweak Settings. This setting defines a server-wide limit for every domain.
You may further refine this setting by specifying values for an individual package ( Home >> Packages >> Edit a Package) or for an individual account (Home >> Account Functions >> Modify an Account).
You may also specify values for individual domains by editing the
cpuser file at
/var/cpanel/users/. To do so, add a
MAX_EMAIL_PER_HOUR-[$domain] key and specify a value. Remember to replace
$domain with the domain you wish to limit. If you make any changes to the
cpuser file, make sure to run the
After configuring the maximum number of emails a domain on your system can send per hour, you need to also configure The percentage of email messages (above the account’s hourly maximum) to queue and retry for delivery setting. You can configure this setting under the Mail tab at Home >> Server Configuration >> Tweak Settings.
When an account exceeds the maximum number of emails it is allowed to send per hour, by default, any additional messages are queued for delivery and sent in the next hour. This setting allows you to limit the number of messages that will be queued by the system.
Setting the Max hourly emails per domain option to
500 would allow each of the domains you host to send 500 email messages per hour. Now, let’s assume one of your domains uses a mailing list with 500 members. If this domain sends a message to the mailing list, then sends an additional 25 email messages in the same hour, the domain would exceed the Max hourly emails per domain limit. In this scenario, a domain is sending a high volume of messages; however, these messages are not spam.
For this reason, you can specify a „soft limit” using the The percentage of email messages (above the account’s hourly maximum) to queue and retry for deliveryoption. If, for example, you have set the The percentage of email messages (above the account’s hourly maximum) to queue and retry for delivery value to
150, the domain can queue up to 250 messages to send in the next hour. In this scenario, the domain is able to queue the additional 25 email messages to send in the next hour.
Finally, you need to set a value for the Maximum percentage of failed or deferred messages a domain may send per hour setting. You can configure this option under the Mail tab at Home >> Server Configuration >> Tweak Settings.
This setting provides automated rate-limiting for accounts that generate significant quantities of failed delivery attempts. Specify the percentage of outgoing mail that can fail in an hour. Once the account exceeds this percentage, the account is temporarily prevented from sending mail.
A significantly high number of failed delivery attempts is a good indicator that the user may be sending unwanted bulk mail. It could also indicate a severe misconfiguration of that user’s mail forwarding settings.