How to Configure Spam Filters
Spam filters protect your inbox from unsolicited, malicious, and unwanted email. {{COMPANY_NAME}} hosting includes Apache SpamAssassin, a powerful open-source spam filter that scores incoming messages and takes action on those that exceed your threshold. This guide walks you through configuring spam filtering on your email hosting account.
How SpamAssassin Works
SpamAssassin examines each incoming email and assigns a spam score based on hundreds of rules. The higher the score, the more likely the message is spam.
| Score | Likelihood |
|---|---|
| 0–2 | Almost certainly legitimate |
| 3–4 | Possibly spam |
| 5+ | Likely spam (default threshold) |
| 10+ | Almost certainly spam |
When a message's score exceeds your configured threshold, SpamAssassin takes the action you specify — either marking it, moving it to a spam folder, or deleting it.
Enabling SpamAssassin in cPanel
Step 1: Access Spam Filters
- Log in to cPanel
- Navigate to Email → Spam Filters
Step 2: Enable SpamAssassin
- Toggle Process New Emails and Mark them as Spam to ON
- This enables SpamAssassin for all email accounts under your hosting
Step 3: Configure the Spam Threshold
Click Spam Threshold Score to adjust sensitivity:
- 1–3: Aggressive — catches more spam but may flag legitimate email (false positives)
- 4–5: Balanced — good for most users (recommended: 5)
- 6–8: Conservative — only catches obvious spam
- 9–10: Very permissive — lets most spam through
Tip: Start with the default score of 5. If you receive too much spam, lower it to 4. If legitimate emails are being flagged, raise it to 6.
Step 4: Enable Auto-Delete (Optional)
Click Auto-Delete Spam to automatically discard messages above a certain score:
- Toggle auto-delete to ON
- Set the auto-delete threshold (recommended: 8 or higher)
- Messages scoring above this threshold are permanently deleted
Warning: Auto-deleted messages cannot be recovered. Set the auto-delete threshold significantly higher than your spam threshold to avoid losing legitimate email.
Configuring Spam Filters in DirectAdmin
Step 1: Access SpamAssassin
- Log in to DirectAdmin
- Navigate to E-Mail Manager → SpamAssassin Setup
Step 2: Enable and Configure
- Toggle SpamAssassin to Enabled
- Set the Required Score (default: 5.0)
- Choose the action for spam messages:
- Rewrite subject — adds ***SPAM*** to the subject line
- Move to spam folder — delivers to a dedicated Junk folder
- Delete — permanently discards the message
- Click Save
Whitelisting and Blacklisting
Whitelisting (Allow List)
Whitelisting ensures that emails from specific senders or domains are never marked as spam.
In cPanel:
- Go to Email → Spam Filters → Show Additional Configurations
- Click Edit Spam Whitelist Settings
- Add email addresses or domains (e.g.,
[email protected]or*@trustedcompany.com) - Click Update Whitelist
In DirectAdmin:
- Go to SpamAssassin Setup → Whitelist
- Add entries one per line
- Save
Blacklisting (Block List)
Blacklisting forces SpamAssassin to always mark messages from specific senders as spam.
In cPanel:
- Go to Spam Filters → Show Additional Configurations
- Click Edit Spam Blacklist Settings
- Add email addresses or domains
- Click Update Blacklist
Email-Level Filters (cPanel)
For more granular control, cPanel offers per-account email filters:
- Go to Email → Email Filters
- Click Manage Filters next to the account
- Click Create a New Filter
- Define rules based on:
- From — sender address
- Subject — subject line contains specific words
- To — recipient address
- Body — message body contains specific text
- Headers — custom header matching
- Choose an action:
- Discard Message
- Redirect to another address
- Deliver to folder
- Fail with message
- Click Create
Example: Block All Email from a Domain
| Field | Value |
|---|---|
| Rule | From — contains — @spamdomain.com |
| Action | Discard Message |
Example: Auto-Sort Newsletters
| Field | Value |
|---|---|
| Rule | Subject — contains — newsletter |
| Action | Deliver to folder — Newsletters |
BoxTrapper (Challenge-Response)
cPanel includes BoxTrapper, a challenge-response spam filter that requires unknown senders to verify themselves before their email is delivered.
Note: BoxTrapper is aggressive and can block legitimate senders who do not respond to the challenge. Use it only if standard spam filtering is insufficient.
- Go to Email → BoxTrapper
- Click Manage next to the email account
- Toggle BoxTrapper ON
- Configure whitelist and blacklist as needed
Best Practices for Spam Management
- Never publish your email address publicly — Use contact forms on websites instead
- Use unique addresses for signups — Create aliases for newsletter subscriptions
- Regularly review your spam folder — Check for false positives
- Report spam — Mark spam in your email client to improve future filtering
- Keep DNS authentication current — SPF, DKIM, and DMARC help reduce inbound spam
- Avoid catch-all addresses — They attract massive volumes of spam
Troubleshooting
| Problem | Solution |
|---|---|
| Legitimate email marked as spam | Add sender to whitelist; raise spam threshold |
| Still receiving too much spam | Lower spam threshold; enable auto-delete for high scores |
| Spam filter not working | Verify SpamAssassin is enabled in cPanel/DirectAdmin |
| All email going to spam | Check if your own domain's SPF/DKIM records are misconfigured |
| Filter rules not applying | Verify filter order — filters are processed top to bottom |
Related Articles
- What to Do If Your Email Is Blacklisted
- Understanding SPF, DKIM, and DMARC Records
- Troubleshooting Email Not Receiving
Need help with spam filtering? Contact our support team at {{SUPPORT_URL}} or email {{SUPPORT_EMAIL}}.