MailScanner Spam Configuration

MailScanner by default will not delete, filter or forward SPAM out of ones inbox. All SPAM is delivered to the inbox and is labeled as one of the following:


SPAM scores of 5-9 = {Spam?}
SPAM scores of 10+ = {Definitely Spam?}


The settings above are default and can be adjusted on a per domain basis.


Once the email has been identified as SPAM you can configure one of 4 different options. 3 options are listed within the MailScanner Configuration section of your cPanel account and are as follows:


1) Deliver – This is the default and will deliver email to the inbox as noted above.
2) Delete – Deletes the email permanently.
3) Forward to – This option allows you to forward all spam for every email account under the domain to a default spam@domain.com email address. You would need to create an email account called spam@domain.com in cPanel in order to login and retrieve any emails that are SPAM or mistakenly marked as SPAM.


Option 4 would be to filter out emails that are marked as SPAM to a specified folder. To do so you would need to log into cPanel account -> Email Filters (or User Level Filtering) -> Select ‘Manage Filters’ for the specified email account. From here you would click on ‘Create a New Filter’ -> Enter a name for the filter -> Under ‘Rules’ select ‘Subject’ in the drop down menu, then select ‘matches regex’, in the blank box below enter in the following:


^\{Spam\?\}|^\{Definitely Spam\?\}


Then for actions you may set ‘Deliver to folder’ then browse to the folder you wish to direct the SPAM emails to.


MailScanner also tags emails with other names in addition to {Spam} and {Defintely Spam}, most notably {Disarmed} Below is a list of common tags and their descriptions:


{Disarmed} – indicates that the email contained html tags that are considered dangerous, e.g. iframe and form tags
{Virus?} – indicates that the email contained a virus and has had the attachment removed.
{Filename?} – indicates that the email contained a dangerous file attachment which has been removed.
{Fraud?} – indicates the e-mail may be fraudulent or designed to collect personal information from you.
{Spam?} – indicates that the email is likely to be spam – you should filter these emails into a separate folder in your email client.
{Definitely Spam?} – indicates that the email is almost definitely spam because it got a very high detection score – you should filter these emails into a separate folder in your email client.

  • 7 gebruikers vonden dit artikel nuttig
Was dit antwoord nuttig?

Gerelateerde artikelen

What is a FCrDNS check?

A forward-confirmed reverse DNS check...

How Do I Change My Email Account's Password?

1. Log into your cPanel account.2. In the "Email" section click on the "Email Accounts" icon. 3....

How to Create "User Level Email Filter" in cPanel?

It is difficult to completely stop spam e-mail but you can filter it, discard it, deliver it to...

How do I migrate my email from a 3rd party to HostRocket?

If you are looking to transfer your email from an 3rd party provider to one of the mail servers...

Can email account users change their own passwords?

Yes. Users can change their passwords by logging into webmail. Before selecting a webmail...