***************************************************************************
1. Enable SMTP Restrictions
-------
Home >> Security Center >> SMTP Restrictions
-------
Click Enable to restrict outgoing email connection attempts to the mail transfer agent (MTA), the mailman system user, and the root user.
2. Restrict the nobody system user's send mail permissions
-------
Home >> Server Configuration >> Tweak Settings
-------
Set the Prevent "nobody" from sending mail setting to On.
3. Configure PHP and enable suEXEC or mod_ruid2
-------
Configure PHP and suEXEC or the mod_ruid2 module to improve server performance and security. This allows you to know which users run which processes system-wide.
-------
4. Configure the max hourly emails settings
-------
Home >> Server Configuration >> Tweak Settings >> Max hourly emails per domain >> Enter the value that you wish to set.
-------
5. Configure high failure rate protection
-------
Home >> Server Configuration >> Tweak Settings >> Maximum percentage of failed or deferred messages a domain >> Enter the percentage that you wish to set
-------
6. Increase your minimum password strength
-------
Home >> Security Center >> Password Strength Configuration
-------
7. In the WHM Exim Configuration editor, you can enable RBL filtering and Spamassasin.
-------
cPanel>>Mail>>Spam Assassin
-------
8. Installing CSF & enabling SMTP_BLOCk
-------
mkdir /usr/local/src
cd /usr/local/src
wget
http://www.configserver.com/free/csf.tgztar xfz csf.tgz
cd csf
./install.sh
-------
On a cPanel based server, all the default settings are what you want, with 2 exceptions:
Open the configuration file in your favorite text editor (/etc/csf.conf) and change the following lines:
TESTING = “1” change to TESTING = “0”
NEXT: you need to change 2 more lines, the SMTP_BLOCK and SMTP_ALLOWLOCAL to the following values:
SMTP_BLOCK = “1”
SMTP_ALLOWLOCAL = “0”
***********************************************************************************
