How to add a safety net in WHM to stop domain mail spam
If you run more than 1 website on the same server, it increases the chances of being hacked. Hackers often seek out vulnerable sites with outdated software such as old-Wordpress, or outdated plugins. The most common reason for hacking a web server is to spam out emails using your details / domains.
To add a safety net and to avoid being blacklisted you can limit the number of emails sent by any one domain.
If you open your WHM control panel and navigate to the following:
Main >> Server Configuration >> Tweak Settings
You will see the setting “Max hourly emails per domain” under the mail tab. For small sites i recommend setting this to less than 20 per hour, for medium sites less than 40 per hour. However, use your brain to see what figure will suit your environment depending on what the sites are used for.
How does this help with mail spam?
This setting won’t stop you from getting hacked, but what it will do is give you more time to spot a hacked website and fix it before things get out of hand. Hackers often use scripts that spam out hundreds of emails every hour, so with this ‘tweak’ in place; you can limit the spam to X amount of emails, stopping the spam in its tracks.
If you find that your mail queue is getting filled up with hundreds of emails, it may be because a domain has been hacked.
You can then investigate your server and find any malicious files.
Remember, if too many emails are being spammed out from your web server there is a good chance it will lead to your server ip being blacklisted. So this can also reduce this risk.