If the SMTP Restrictions setting in WHM is turned off, users on the server can bypass Exim and all outgoing spam checks. When this happens, spam messages can be sent from your server and there would be no logs or method to identify the source of the spam. It is highly recommended to enable this setting.
Please note that when this setting is enabled, all websites and scripts must be configured to use your cPanel server as the SMTP host, and they must use a proper email address and password to authenticate.
- Login to WHM as the 'root' user.
- Navigate to "Home / Security Center / SMTP Restrictions."
- Click the blue "Enable" button.