You can set cPanel Email filters from within the cPanel control panel dashboard. They can either be set globally or on a per-email address basis. They give you another level of control over what emails you receive and are particularly beneficial for helping prevent spam emails.
With the email filters, you can set conditions to target messages that contain a specific word or phrase, From, To, or based on the subject. You can add multiple levels of email filters to precisely fine-tune what you wish to happen with the email received.
The emails your filter discarded can be sent to another email address or delivered to a third-party program, such as a support ticketing system. cPanel email forwarding is often used for this purpose).
Email filters can be set either on a user level or globally. I’ll cover these in turn, even though they are virtually identical, apart from the first couple of steps.
I will then look at a couple of practical examples.
How to Setup cPanel Email Filters for an Individual Email Address
- Click on the “Email Filters” icon on the cPanel dashboard.
- Click “Manage Filters” next to the email address you wish to create a filter for.
You can choose from email addresses you have created, as well as the default email address.
You will see a list of your current email filters on this page. Here, you can also create a new filter for that email address.
- Click the “Create a New Filter” button to create the new filter.
- Filter Name - Choose the name for your filter.
The name you give cannot contain “Rule #” or “Converted Rule,” as shown in the above image.
The filter name must also be unique. The existing filter will be overwritten if you choose the same name as another filter.
You have several options to choose from here:
- From - This is the “from” email address that you wish to match
- Subject - This will filter by the subject of the email
- To - This filters by the “To” email address
- Reply Address - This filters by the “Reply” email address
- Body - This will check the email body for any matches
- Any Header - This will check the headers of the email
- Any Recipient - This will check all the different recipients of the email
- Has not been previously delivered - This will only filter emails that are still in the servers email queue
- Is an error message - This will check the error message received by autoresponders, or email forwarders.
- List ID - The account’s mailing lists.
- Spam Status - Whether Apache SpamAssassin marked the message as spam. The Spam Status begins with a “Yes” or “No.”
- Spam Bar - The content of the Spam Bar header that Apache SpamAssassin generated. This is depicted using plus signs (+).
- Spam Score - The total number of plus signs (+) in the Spam Bar. This is depicted as an integer (number).
You have several rules to choose from here:
- Equals - This will match identically the text entered
- Matches Regex - You can enter a Regular Expression here
- Contains - This will do a partial match of the specified string of characters
- Does not Contain - This will check whether the email does NOT have a partial match of the specified string of characters
- Begins with - This will check whether the Rule begins with the characters specified
- Ends with - This will check whether the Rule ends with the characters specified
- Does not begin with - This will check whether the Rule DOES NOT begin with the characters specified
- Does not end with - This will check whether the Rule DOES NOT end with the characters specified
- Does not match - This will check that it does not match the characters specified
The following relates to the SpamAssassin Spam Score:
- is above (numbers only) - The Spam Score is greater than.
- is not above (numbers only) - The Spam Score is equal to or less than.
- is below (numbers only) - The Spam Score is less than.
- is not below (numbers only) - The Spam Score is greater than or equal to.
Once you have chosen a Rule Option and Rule Operator, you will need to add what those will need to match.
This could be an email address, spam score, or emails containing a specific subject or keyword.
I’ll walk you through a couple of examples later, but for now, I will highlight all emails received from [email protected]
.
- Discard Message - Deletes the message with no Failure message.
- Redirect to Email - Sends the email to another email address.
- Fail with Message - Deletes the email and sends a failure message.
- Stop processing rules - Does not run any filter rules.
- Deliver to folder - Sends the email to a specified folder.
- Pipe to program - Sends the email to a program or script on the server.
If you choose to pipe the action to a program, the path should be relative to your home directory. If the script the Perl or PHP interpreter, you should omit the /usr/bin/perl
or /usr/local/bin/php
portion. Make sure your script is executable and has the appropriate hash.
- For PHP:
#!/usr/local/bin/php -q
- For Perl:
#!/usr/bin/perl
In the example screenshot, I chose ‘Deliver to Folder’. Doing this will allow you to browse and select the specific folder you wish it to be delivered. I have chosen the Junk folder in my example in the screenshot.
You can configure each filter with multiple rules or actions by clicking the plus sign next to the first to add a second rule.
In the screenshot, you will see that I can add a second Rule Match Criteria to send a slight variation of the email address to the Junk filter.
When using multiple rules, you will have another Operator option. In this case, I have set “or” so that either email address is caught.
- The final step is to click the Create button.
You will then see a confirmation message.
How to Setup cPanel Global Email Filters
- Click on the “Global Email Filters” icon on the cPanel dashboard.
- Follow my “How to Setup cPanel Email Filters for an Individual Email Address” tutorial from Step 3 above.
Example: Using Multiple Email Filters with SpamAssassin
I have created a very [detailed SpamAssassin tutorial/spamassassin-email-spam-protection-in-cpanel/) which goes into detail about all the steps required to configure SpamAssassin to create a spam filter properly. It includes setting the SpamAssassin Score (Spam Threshold Score), moving spam to the junk folder (Spam Box), auto-delete, and adding emails to either the whitelist or blacklist.
When you create rules within the Spam Filters section, it will automatically create Global Email Filters. It can be easier to configure basic SpamAssassin rules through this interface.
You sometimes want more granular control over when SpamAssassin triggers an action. For example, you may wish for random newsletters you receive to be marked as spam unless the body matches the “keyword”. This may be a particular topic you are interested in.
I will now make a SpamAssassin rule that satisfies the following conditions:
- Spam Score is less than 4.
- The body does not contain the keyword “SEO”.
You will see a list of your current email filters on this page. You will also be able to create a new filter for that email account.
- Click the “Create a New Filter” button to create the new filter.
Enter the following settings:
- Filter Name: Delete spam with a score of 4 or below that does not contain SEO in the body
- Rule 1: “Spam Bar” “contains” “++++” AND
- Rule 2: “Body” “does not contain” “SEO” AND
- Rule 3: “Body” “does not contain” “seo”
- Actions: Discard Message
Using cPanel Email Filter Wildcards
You can use wildcards in Spam Filters by using Regex. Providing a full breakdown of how Regex works is beyond the scope of this tutorial.
However, I will provide you with some basic examples to get you started:
Anchors - ^
and $
^The
- matches any string that starts with “The”end$
- matches a string that ends with “end”^The end$
- exact string matchfiltering
- matches any string that has the text “filtering” in it
Quantifiers - *
, +
, ?
abc*
- matches a string containing “ab” followed by “zero” or more “c”abc+
- matches a string that has “ab” followed by one or more “c”abc?
- matches a string that has “ab” followed by zero or one “c”abc{2}
- matches a string that has “ab” followed by 2 “c”abc{2,}
- matches a string that has “ab” followed by 2 or more “c”abc{2,5}
- matches a string that has “ab” followed by 2 up to 5 “c”a(bc)*
- matches a string that has “a” followed by “zero” or more copies of the sequence “bc”a(bc){2,5}
- matches a string that has “a” followed by 2 up to 5 copies of the sequence “bc”
OR operator - |
or []
a(b|c)
- matches a string that has “a” followed by “b” or “c”a[bc]
- matches a string that has “a” followed by “b” or “c”
Grouping - ()
a(bc)
- parentheses create a group with the value “bc”
For more detailed examples see this cheat sheet.
Example Email Filter using a Wildcard
Let’s take the example I used previously configuring a SpamAssassin filter that contained several rules. I can simplify the rules match field as follows:
You will see a list of your current email filters on this page. You will also be able to create a new filter for that email address.
- Click the “Create a New Filter” button to create the new filter.
Enter the following settings:
- Filter Name: Delete spam with a score of 4 or below that does not contain SEO in the body
- Rule 1: “Spam Bar” “contains” “++++” AND
- Rule 2: “Body” “does not contain” “SEO|seo”
- Actions: Discard Message
You can use the “OR” operator in this instance because the rule is set to delete the message if the body does not contain “SEO” or “seo”. If any of those variations match, then the message is NOT deleted.
How to Test your Email Filters
On the main Email Filter Screen, you will see an option to “Test Filter.” You will see a preset simple email message that you can modify to test any of your Filters.
In my example below, I set a filter to delete any emails from [email protected]
.
- Add an example email that you want to test.
- Click Test Filter
In this example, I added [email protected]
to the From section. As I want to delete all of these emails, the result should match.
- It shows a match.
You may then want to test emails that should not get matched to ensure it does not match emails that it is not supposed to.