Stop SPAM with CPanel Email Setup

SPAM Advert 1945

Stop spammers discovering your mail addresses with this simple solution that takes 5 minutes to set up.
There are usually only 2 options in CPanel, but in this post I'll show you how we can introduce a 3rd option which makes it harder for the spammers to guess your email address.

What’s wrong with the existing options?
First let me explain how the spammers find email addresses. In a classic email harvesting attack, the spammers guess email addresses, and see which ones get delivered.
So they start with,, …. And keep going to . As you can imagine that’s millions of emails, all heading towards your domain.

Option 1 "Discard with error to sender". This is the worse possible option as the spammer can use these error codes to track which email accounts generate errors and which addresses don’t. We are basically telling the spammers when they guess correctly. Not good.

Option 2 in Cpanel is "Forward to email address ..." so that all invalid addressed email goes to a default mailbox. Well that’s not very useful in this situation. That mailbox will have every single guessed email address, and will very quickly flood your mailbox.

Option 3 We can use the "Forward to email address" option, but instead of sending the mail to our default mailbox, we can forward them to a free Anti-SPAM service which accepts the email without sending back error codes. They also keep the mail for a few hours, so you can retrieve email sent there by mistake, and after the short retention time all mail is automatically deleted for you.
Let me introduce
Please be aware that this is not a normal email service – read their FAQ so you understand their service, but in a sentence they provide a dumping ground for any SPAM that might be sent your way.

So Open up your web site management interface.
Go to the section that deals with email addresses, and configure it like this.

CPanel<br />
Forward Email options
You can choose any name before the “” address, but I would recommend you use a random string of letters and numbers. If you’re not sure why then you’ve not read their FAQ have you – Have a look at the bit that says

“If there is no password, can't someone else read my email? - Yes. For this reason, you might want to pick an unusual name”.

Before you start panicking about that statement, remember this is only a dumping ground for unwanted email, and genuine messages should not get delivered there.
Having said that, you should make a note of the mailinator address you are sending mail to. If you do want to see if a message was sent there by mistake, you will need that email address, and you had better be quick because they do auto-delete the mail quite quickly.
I hope that tip helps you configure your email delivery, and make the spammers job just that little bit harder.

image by dok1


Post new comment

  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd>
  • Lines and paragraphs break automatically.

More information about formatting options

Mollom CAPTCHA (play audio CAPTCHA)
Type the characters you see in the picture above; if you can't read them, submit the form and a new image will be generated. Not case sensitive.