MailScanner Service for cPanel
MailScanner is an add-on product for cPanel that allows users to control how they want their email scanned for spam and viruses. This application is available for installation on Virtual Private Servers and Dedicated Servers. There are no recurring license renewal fees.
This application provides a user front-end to a MailScanner installation on cPanel. It consists of three parts:
- A front-end interface available within cPanel. This allows users to maintain their own settings. This allows users to configure:
- Per domain actions for two score levels for spam scanning.
- Per domain actions for virus scanning.
- Whitelists and blacklists.
- Low and high spam score settings.
- Configurable forwarding email address for spam.
-
New in v8:
- Access to MailControl for their domains.
- View emails in the global message store.
- Search for emails in the global message store.
- Release Spam, and optionally other emails, from the global message store.
- Tag emails as Spam or Ham.
- View Statistics related to email messages.
- Perform Bulk actions on email messages.
- WHM front-end for server-wide management of MailScanner:
- Enable/Disable per cPanel account access from within WHM.
- Enable cPanel accounts access from within WHM.
- Configure MailScanner from within WHM.
- Configure front-end settings from within WHM.
- Server-wide Black and White spam lists from within WHM.
- MailControl access in WHM for statistical information, SpamAssassin learning and releasing of attachments from quarantine (Available with root WHM login only).
- Accessible only through root access (i.e. no reseller access).
- A back-end script that checks user files to see if they have been modified. It then generates the appropriate entries for their domain in the MailScanner ruleset files
Installation
The installation service consists of:
- MailScanner
- ClamAV for MailScanner.
- DCC to improve spam scoring.
- MailScanner front-end for cPanel Users. Note that this replaces the SpamAssassin front-end in cPanel which has to be disabled.
- Mail Queue Management utility.
- Access to MailControl from within WHM.
- Modify ClamAV and MailScanner to use the clamd process, which reduces server load and speeds up mail scanning dramatically.
- Configure SpamAssassin to use server-wide bayesian filter database to increase identification of spam. Disables cPanel SpamAssassin to provide central control of mail scanning services.
- Modification of the MailScanner configuration to allow you to offer a per domain email scanning service for spam and/or viruses, together with per domain actions for dealing with detected spam.
- cPanel -> MailScanner sync script – keeps your configured domains in sync with the MailScanner rulesets, so that new domains are always included and domains no longer hosted are removed.
If you have any questions about the MailScanner package, please feel free to Contact Us and/or check the Frequently Asked Questions.
Important Notes
- The cPanel front-end only works properly with skins that correctly implement the cPanel theme API.
- The MailScanner Front-End for WHM is only available with root WHM login.
- Mailscanner Installation does not support use of a remote MySQL server for MailControl, an option is provided however for a local SQLite database.
- While MailScanner is configured to be as efficient as possible, the application inevitably uses server resources. Due to this additional load, we recommend installing MailScanner on a server which has a minimum of 1GB of memory – 2GB recommended.
- cPanel will not provide support for email issues while MailScanner is part of the mail delivery system on a server. MailScanner can be disabled if reporting email issues to cPanel
- The MailScanner Front-End Service can be performed on dedicated servers and VPS’s running supported releases of Redhat or CentOS Linux.
MailScanner can be order as an Add-On during the initial ordering process for Virtual Private Servers or Dedicated Servers. It can also be added after the initial provisioning of a VPS or Dedicated Server.
Does MailScanner scan both incoming and outgoing mail to my server?
MailScanner scans incoming mail for spam, and both incoming and outgoing mail for viruses and dangerous file attachments. However, it is designed primarily to protect users on your server from incoming spam and viruse and is not a good solution for an outgiong spam problem.
There are many better ways to detect and prevent outgoing spam. Some suggestions:
1) Use a malware detection system to detect exploits that may be used for sending spam, and check any reported files and remove them if necessary.
2) Configure relay tracking in csf, monitor the alerts that are sent when the relay limit is exceeded, and check the reported accounts for vulnerable scripts.
3) If you can get the header of one of the outgoing spams, search the exim log to find out what script is sending the mail.
4) Check this webpage on our site which gives some suggestions for finding spammers on your server:
http://www.configserver.com/free/spammers.html#outbound
5) Set WHM > Tweak Settings > Mail > Max hourly emails per domain to a low figure such as 100 to ensure that thousands of messages are not sent out before you detect it.
6) If you have users that forward email on to yahoo or hotmail accounts (for example), make sure that they are educated NOT to mark forwarded mail as spam in their yahoo/hotmail account, as that could lead to your server being blacklisted. MailScanner can help with this if you configure it to delete all spam messages.
If someone is spamming FROM my server, will the MailScanner Front-End service stop them from sending out spam?
No. The MailScanner Front-End service is designed to protect your server and your users from incoming spam only. If you think someone is using your server to send out spam emails, there are many better ways to detect and prevent outgoing spam. Some suggestions:
- Use a malware detection system to detect exploits that may be used for sending spam, and check any reported files and remove them if necessary.
- Configure relay tracking in CSF, monitor the alerts that are sent when the relay limit is exceeded, and check the reported accounts for vulnerable scripts.
- If you can get the header of one of the outgoing spams, search the exim log to find out what script is sending the mail.
- Check this webpage which gives some suggestions for finding spammers on your server:
- In WHM set:
WHM > Tweak Settings > Mail > Max hourly emails per domain
to a low figure such as 100 to ensure that thousands of messages are not sent out before you detect it.
Can the SpamAssassin spam box feature be duplicated within MailScanner?
No, MailScanner not include a feature exactly like the cPanel spamassassin spam box.
However, you can achieve a similar or better scenario using one of the following methods:
1. Enable MailControl for your users and allow them to view and release emails trapped as spam. This is the best solution.
2. Manually set up spam@domain.com mailboxes for each domain in cPanel and configure MailScanner to forward mail to this mailbox. This can create problems if users do not check and delete the spam regularly and spam emails are bounced. This will bounce back spam to innocent parties, clutter the exim queue, risk your server getting reported for spamming, and increase the overall load on your server.
Is there a way to teach or train MailScanner what is spam and what isn’t, when there are false positives or false negatives?
Yes, as the server administrator through the root access in WHM you will have access to MailControl which is included as part of the MailScanner package. MailScanner can be configured such that all email is stored in the quarantine directories that MailControl accesses so that you can then teach SpamAssassin through it’s ham/spam facility when it passes a false-positive or false-negative email on. However, normally it is not necessary to manually teach the spam filtering system as it automatically learns as mail goes through the system.
Does MailScanner require frequent updates? How are these done?
Updates to MailScanner and the MailScanner Front-end are not frequent and can be updated via Upgrade buttons in the WHM MailScanner Front-End. Clamav will be kept up to date automatically via cPanel’s clamavconnector feature. However, cPanel may not keep clamav at the very latest available version so you still may see errors saying clamav is out of date. This is nothing to do with MailScanner or the MailScanner Front-End but is due to cPanel’s implementation of clamav.
Are MailScanner upgrades free when updates become available?
The MailScanner Front-End Service is a one-time service of installation and configuration of the MailScanner Front-End and the associated applications. The most important components of this service (MailScanner, MailScanner Front-End, and ClamAV) can be upgraded via upgrade buttons within the WHM MailScanner Front-End itself.