If you are having problems with email spam, whether it be the occasional promotional mail, or 100's or even thousands of emails spamming your inbox each hour, Email Spam Protection can help.
This article covers the following topics (quick links to take you to the relevant part of the article):
- How to Enable
- Setting the Score
- How to Auto-Delete Spam
- Other Configuration Settings
- How to Filter or Move Spam Emails to the Spam Folder
SpamAssassin is an open source Apache Project, and the source was first made widely available back in April 2001 where it was imported into Sourceforge. If you are more technically-minded and want to see how it has evolved over the years, you can see a full change history here.
It works by using a variety of spam detection methods including:
- DNS-based and fuzzy checksum based spam detection
- Bayesian Filtering
- Sender Reputation System
- Online Databases (DCC, Pyzor, Razor2)
- Body phrase tests
- Header tests
- Character sets and locales
These tests are applied to both email headers (an excellent guide to finding email headers) and content to classify the email using various statistical methods (we will go into this a little later), and blocks unwanted emails before they reach your inbox. It is designed to be all encompassing and evolves to meet the changing ways spammers get to your inbox. It is a far cry from the keyword based spam detection systems used prior and other similar programs being created.
We will next go through a short tutorial on how to use service using the cPanel interface, followed by some more detail commentary looking at some of the more advanced technical features:
Enabling the spam protection is as easy as logging into your cPanel Account and clicking on the relevant icon that you will find under the Mail Section as shown below:
You will then be faced with the main configuration screen, which will demonstrate that it is currently disabled by default. You will also see various other options that we will come to shortly, but for now, to enable Spam Assassin you should click the "Enable Apache SpamAssassin" button as shown below:
You will then be taken to a confirmation page that will state that it is now enabled. You can click the "Go Back" button to take you back to the main configuration screen shown above so that you can configure the settings.
To set up the spam filter correctly, we must firstly understand the scoring system that it uses, and ultimately what happens to the emails when they are flagged as spam by that scoring system.
It will look at each incoming message and will give it a score based on its spam detection methods. By default, the score is set as 5. Every email with a score of 5 or below will be set as spam.
To set the score, click on the "Configure Apache SpamAssassin" as shown in the image above. Change the score required in the "required_score field" and then click save, as shown below:
The following gives an indication of what the scores mean:
- Score 0 — All incoming emails will be flagged as spam
- Score 5 — The default setting and works well for most users
- Score 10 — Any score with less than ten will be marked as spam.
When an email is marked as spam, all that happens is that "***SPAM***" will appear at the start of the subject field as shown below:
NOTE — Your emails will NOT be deleted or be moved to the spam folder unless you configure it.
Unless you set up the program to auto delete spam emails or you setup Email Filtering, the email will remain in your inbox. Of course, some email programs such as Outlook or Thunderbird can also be configured to move spam to the spam folder, and even something like Gmail Spam Filtering works well at doing this as well.
To set your spam to auto delete at the server level, you just select your Score setting and then select "Auto-Delete Spam". It can be disabled by selecting the "Disable Auto-Delete Spam".
As a word of warning, no email filtering system is 100 percent perfect, and you can read an interesting discussion on the StackExchange about that here. While spam filters try to catch all email that is spam, Spammers are continually adapting to create emails that are trusted not to be spam both by automatic filters and by humans themselves. For spammers they try to create emails that can bypass the filters, looks legitimate so it is opened and further look real and attractive enough so that a user clicks a link in the mail. It is a continuous battle.
As a result of the imperfection of email filters, we recommend that you do not use the auto-delete option unless you have to. However, if you are having a particular problem with email spam, you could easily set the auto-delete score to be higher than the spam score. This way, you can still set the spam filter to be quite strict and only delete the very worst spam.
As you will see under the "Configure Apache SpamAssassin" there are various other options. Here you cannot only set the required Spam Score as specified above, but you can add blacklists, whitelists (useful if someone you know keeps getting marked as spam) and even configure scores or disable individual tests used to calculate the score. The whitelist and blacklist permits wild cards and some examples of use are set out below:
- [email protected] — Blacklists or whitelists a single specified email address
- [email protected] — Blacklists or whitelists all of the email addresses at example.com
- [email protected] — Blacklists or whitelists a single character in the email address. So in this example [email protected] would be caught, but [email protected] would not.
If you are under attack from spammers from specific addresses, or there is a mailing list you are subscribed to that won't stop sending you spam from the same email you can insert their email address in this field. If you need to enter more than five email addresses here, they will automatically appear once you click "Save" after entering the 5th one.
There may be an email that keeps getting marked as spam but is not spam. You can enter that email address here.
As we have indicated previously, there are many rules that combine to give an email a score. We discussed how to set the Spam Score above, but you will see five fields with the name "score." This is where you can set individual scores to certain tests. However, there are hundreds of tests used by them, and configuring this section is only for those who know what they are doing. We would suggest leaving it at default, but if you wish to know more, you can find out how to locate the default scores here. Indeed, configuring this section is in the realms of experienced system admin territory.
To set up your server to carry out actions on emails marked as spam (apart from auto-delete which we mentioned above) you will need to create an Account Level Email Filter or User Level Email Filter. If you have many emails configured, you would probably want to set this up under the User Level Email filter for each email address so that each user can access their own spam mail. You will find this option within the Mail section in cPanel under "Account-Level Filtering." You will be presented with the following screen:
To create a new filter click "Create a New Filter", which will take you to the settings screen. The filters work a little differently to what you might expect, so we have included two example settings below:
Move Spam to Spam Folder
As you can see, to move all emails marked as spam you select Spam Status equals "Yes." You then pick an action (whether it be delete, move to a folder or "Fail with Message" to return a message to the sender to say you have not received it as it has been marked as spam.
Move Spam with Score 4 and above to Spam Folder
This one is a little more unusual. If you wish to specify a score, you need to use the plus sign to mark the actual score. So "+" = 1, "++" =2 and so on. The above example shows a score of 4. Again the actions you can take can vary depending on your needs.
Tips to avoid being flagged as Spam
It is not within the scope of this article to go through in detail on how to avoid being caught by the spam filters. However, the developers have very helpfully collated a list that you can read here.