Reject SPF failures

captainron19

• April 01, 2014 17:33

A person with a domain on my server is getting a lot of emails to her email account that appear to be coming from an email account on the same domain.... when the email does not exist. For example Her email .. jane@thisdomain.com Email going to her with viruses attached .... joe@thisdomain.com Obviously this is some sort of email spoofing as the account joe@thisdomain.com does not exist. Should I enable "Reject SPF failures" to possibly alleviate this problem or could it pose the possibility that legitimate emails may not come through ?

• 

  cPanelMichael

  • April 02, 2014 17:08

  Hello :) Rejecting messages that fail a SPF check is a good way to prevent spoofed email. You may want to monitor your Exim logs after enabling this option to see how much legitimate email is blocked to help make a better decision. Thank you.

  0
• 

  captainron19

  • April 02, 2014 18:49

  Thanks.... how would I monitor the exim logs? Would I have to SSH into server via the Power Panel? If so I have no idea on SSH I figured I could FTP into the server but I am use to FTP'ing into specific domains on the VPS. Never had to FTP into the root of server before. Attempted by using ip address of server, username "root" and my root password but could not get in via my ftp program

  0
• 

  cPanelMichael

  • April 04, 2014 18:21

  You would need to access your server as root via SSH and monitor /var/log/exim_mainlog with a command such as: tail -f /var/log/exim_mainlog
  Or, you could search the log with the exigrep utility. EX: exigrep search-term /var/log/exim_mainlog
  Information on how to access your server via SSH is available here: cPanel - SSH Access Thank you.

  0

Please sign in to leave a comment.