Skip to main content

HTML Spam filter?

Comments

3 comments

  • cPRex Jurassic Moderator
    Hey there! Using a single pixel link is kind of old-school, but it still can cause issues. I would recommend making sure you have the following option enabled in WHM >> Tweak Settings: Restrict outgoing SMTP to root, exim, and mailman (FKA SMTP Tweak) as that will keep automated scripts and forms from being able to send mail. That may be all you need to get this taken care of. It would also be good to know how the HTML code injection is happening in the first place, so having your users that have access to that account perform a local scan of their machine may also be a good plan.
    0
  • Greatgonzo
    Hi, thank you for replying. I don't know if I'm misunderstanding what you're saying. I'm trying to BLOCK all emails which have that HTML code snippet embedded. I'm getting bombarded by emails, obviously originating from the same sender, but the content is very different. The format of these emails however is always the same... and only only consistent snippet (that I can tell wouldn't impact banning other HTML emails) is this.. [CODE=html]color:#fff;text-decoration:none;'>

    Do you know what filter I could set in cpanel to make sure I can block incoming emails with this snippet? Thank you!
    Hey there! Using a single pixel link is kind of old-school, but it still can cause issues. I would recommend making sure you have the following option enabled in WHM >> Tweak Settings: Restrict outgoing SMTP to root, exim, and mailman (FKA SMTP Tweak) as that will keep automated scripts and forms from being able to send mail. That may be all you need to get this taken care of. It would also be good to know how the HTML code injection is happening in the first place, so having your users that have access to that account perform a local scan of their machine may also be a good plan.

    0
  • cPRex Jurassic Moderator
    Hey there! Is the sender is always the same, could you not block the IP address to keep the connection from that user blocked entirely? Or does the IP address sending the messages change? For filtering by content, I'd recommend the Global Email Filters area inside the cPanel interface: This will help stop messages from spammers by essentially making them send the message twice to provide they are a valid email server sending a legitimate message. You could also make sure the "Introduce a delay into the SMTP transaction for unknown hosts and messages detected as spam" option is enabled, as that is also a tool we have to verify if the message is coming from a legitimate mail server.
    0

Please sign in to leave a comment.