We would like to inform clients that cPanel/WHM related services has been temporarily suspended as a precaution.
This is due to a recently announced critical cPanel security vulnerability that may allow unauthorized access on unpatched systems. If attackers gain access to a control panel, they may be able to modify or delete user data. To help prevent such risks, we have taken this temporary step as we highly value the security of client data.
For details, please refer to the following articles:
Receiving spam emails is a common issue for many email users. In most cases, this happens when an email address becomes publicly exposed on websites, social media, contact forms, data leaks, or is collected by automated bots that scan the internet for email addresses.
At TetraHost, we have already applied server-side spam protection settings to help reduce unwanted emails reaching user inboxes. However, no spam filtering system can block 100% of spam, so some unwanted emails may still arrive.
How Users Can Further Reduce Spam from cPanel
You can improve spam protection easily from your cPanel account:
1. Enable and Adjust Spam Filters
Go to cPanel > Spam Filters
From there you can:
Lower the spam score sensitivity to catch more spam emails
Automatically move detected spam to the Spam folder
Automatically delete high-score spam emails
2. Block Specific Email Addresses or Domains
If you keep receiving spam from the same sender:
Create email filters in cPanel > Email Filters
Block specific email addresses
Block entire domains
3. Use Strong Privacy Practices
To reduce future spam:
Avoid posting email addresses publicly online
Use contact forms instead of writing email addresses on websites
Do not reply to suspicious emails
Avoid subscribing your main email to unknown websites
4. Mark Spam in Webmail
If using webmail, mark unwanted emails as spam. This helps train filters over time.
By combining our server-level protections with these manual tweaks, you can significantly reduce the noise in your inbox.
Spam is any unsolicited or unwanted email sent in bulk. It can be promotional, misleading, or malicious (phishing, malware). Modern mail systems don’t rely on a single rule—they score multiple signals to decide whether a message is legitimate or spam.
What makes an email look like spam?
These are the main triggers:
1) Email body (content)
Excessive promotional language (“Buy now”, “100% FREE”, “Act fast”)
Too many links or shortened URLs
Mismatch between link text and actual URL
Poor formatting (all caps, too many colors, hidden text)
Suspicious HTML or tracking elements
2) Subject line
Clickbait or misleading wording
ALL CAPS or excessive punctuation (!!!)
Irrelevant to the actual content
3) Signature
Missing or inconsistent sender identity
No physical address or company details (for business emails)
Links to unrelated or low-reputation domains
4) Attachments
Executable files or risky types (.exe, .js, macro-enabled docs)
Password-protected archives (hard to scan)
Files that don’t match the context of the email
5) Sending system (very important)
Missing or incorrect SPF, DKIM, DMARC
No rDNS (PTR) for the sending IP
IP/domain listed on blacklists
Sudden spikes in sending volume
Poor sending history (high bounce or complaint rate)
How spam is detected on a cPanel server (Exim-based)
On most cPanel servers, email passes through Exim and spam filters like SpamAssassin.
Key mechanisms
1. SpamAssassin scoring
Each email gets a spam score based on rules
Factors include content, headers, links, and reputation
If score exceeds a threshold ? marked as spam or rejected
2. RBL (Realtime Blackhole Lists)
Checks if the sender IP is listed on known spam databases
If listed, emails may be rejected or heavily penalized
3. Authentication checks
SPF: verifies sending server is allowed
DKIM: verifies message integrity
DMARC: enforces policy and alignment
4. Rate limits & failure tracking
cPanel can block sending if:
Too many failed or deferred emails per hour
High percentage of delivery issues
Helps stop spam bursts or compromised accounts
5. Exim rules & ACLs
Server admins can define custom rules:
Block certain patterns, domains, or behaviors
Limit per-user sending rate
How providers like Gmail & Hotmail detect spam
Large providers (like Google and Microsoft) use advanced, multi-layered filtering:
1) Machine learning models
Analyze billions of emails daily
Learn from user behavior (opens, replies, spam reports)
Continuously adapt to new spam techniques
2) Sender reputation
IP and domain reputation over time
Considers:
Bounce rate
Spam complaints
Engagement (opens/clicks)
3) Authentication & alignment
Strict checks for SPF, DKIM, DMARC
Misalignment (From vs actual sender) increases spam score
4) User feedback signals
“Mark as spam” ? negative signal
“Not spam” ? positive signal
Deleting without reading can also affect reputation
5) Content & intent analysis
Natural language processing to detect:
Phishing attempts
Social engineering
Deceptive wording
6) Link and domain reputation
URLs inside emails are checked:
Known phishing domains
Newly registered domains (high risk)
URL shorteners
7) Attachment scanning
Malware detection
Suspicious file types blocked or quarantined
Key difference: cPanel vs Gmail/Hotmail
Feature
cPanel Server
Gmail / Hotmail
Filtering type
Rule-based + scoring
AI + behavioral + reputation
Learning ability
Limited
Advanced machine learning
User feedback impact
Minimal
Very high
Reputation tracking
Basic (RBL)
Deep historical tracking
Best practices to avoid spam classification
Configure SPF, DKIM, DMARC correctly
Maintain clean email lists (no invalid addresses)
Avoid bulk sending spikes
Use clear, honest subject lines
Include proper sender identity/signature
Monitor logs and bounce reports
Keep server and websites secure (no spam scripts)
Final takeaway
Spam detection is not triggered by a single factor—it’s a combination of content, technical setup, and reputation. Even perfectly written emails can land in spam if the sending system or history is poor.
Understanding these layers helps you not just fix issues—but build long-term email deliverability.