MailScanner is an add-on product for cPanel that allows users to control how they want their email scanned for spam and viruses. This application is available for installation on Virtual Private Servers and Dedicated Servers. There are no recurring license renewal fees.

This application provides a user front-end to a MailScanner installation on cPanel. It consists of three parts:

  1. A front-end that becomes part of the cPanel theme. This allows users to maintain their own settings, via a script, that modifies a text file stored in their cPanel account. This allows users to configure:
    • Per domain actions for two score levels for spam scanning
    • Per domain actions for virus scanning
    • Per cPanel account whitelists and blacklists
    • Per cPanel account low and high score settings
    • Per cPanel account configurable forwarding email address for spam
    • New in v8:

    • cPanel users can have access to MailControl for their domains
    • cPanel users can view their emails in the global message store
    • cPanel users can search their emails in the global message store
    • cPanel users can release Spam, and optionally other emails, from the global message store
    • cPanel users can optionally tag emails as Spam or Ham
    • cPanel users can view Statistics related to their email
    • cPanel users can optionally perform Bulk actions on their emails
  2. A WHM front-end for server-wide management of MailScanner:
    • Enable/Disable per cPanel account access from within WHM
    • Enable all cPanel accounts access from within WHM
    • Configure MailScanner from within WHM
    • Configure front-end settings from within WHM
    • Server-wide Black and White spam lists from within WHM
    • MailControl access in WHM for statistical information, SpamAssassin learning and releasing of attachments from quarantine (Available with root WHM login only)
    • Accessible only through root access (i.e. no reseller access)

  3. A back-end script that checks the user files to see if they have been modified. It then generates the appropriate entries for their domain in the MailScanner ruleset files

Installation

The installation service consists of:

  • MailScanner
  • ClamAV for MailScanner
  • DCC to improve spam scoring
  • MailScanner front-end for cPanel Users. Note that this replaces the SpamAssassin front-end in cPanel which has to be disabled
  • Mail Queue Management utility
  • Access to MailControl from within WHM
  • Modify ClamAV and MailScanner to use the clamd process, which reduces server load and speeds up mail scanning dramatically
  • Configure SpamAssassin to use server-wide bayesian filter database to increase identification of spam. Disables cPanel SpamAssassin to provide central control of mail scanning services
  • Modification to MailScanner configuration to allow you to offer a per domain email scanning service for spam and/or viruses, together with per domain actions for dealing with detected spam
  • cPanel -> MailScanner sync script – keeps your configured domains in sync with the MailScanner rulesets, so that new domains are always included and domains no longer hosted are removed
  • The MailScanner Front-End Service includes one week of informational support tickets where we are happy to answer any questions you may have about the service and configuring the package to suit your requirements. After this time support is limited to the MailScanner Front-End itself. We do not provide ongoing support for MailScanner itself or clamav.
MailScanner is designed to help protect users’ mailboxes from incoming spam and viruses. The MailScanner Front-End is licensed on a per server basis and includes updates for the life of the product, all at a reasonable price!

If you have any questions about the MailScanner package, please feel free to Contact Us and/or check the Frequently Asked Questions.

Important Notes

  • The cPanel front-end only works properly with skins that correctly implement the cPanel theme API.
  • The MailScanner Front-End for WHM is only available with root WHM login.
  • Mailscanner Installation does not support use of a remote MySQL server for MailControl, an option is provided however for a local SQLite database.
  • While MailScanner is configured to be as efficient as possible, the application inevitably uses server resources. Due to this additional load, we recommend caution when installing MailScanner on a server which has less than 1GB of memory.
  • cPanel will not provide support for email issues while MailScanner is part of the mail delivery system on a server. MailScanner can be disabled if reporting email issues to cPanel
  • The MailScanner Front-End Service can be performed on dedicated servers and VPS’s running supported releases of Redhat or CentOS  Linux. You also need to be running at least cPanel v11 before this Service can be performed.

MailScanner can be order as an Add-On during the initial ordering process for Virtual Private Servers or Dedicated Servers. It can also be added after the initial provisioning of a VPS or Dedicated Server.

Frequently Asked Questions

Does MailScanner scan both incoming and outgoing mail to my server?

MailScanner scans incoming mail for spam, and both incoming and outgoing mail for viruses and dangerous file attachments. However, it is designed primarily to protect users on your server from incoming spam and viruse and is not a good solution for an outgiong spam problem.

There are many better ways to detect and prevent outgoing spam. Some suggestions:

1) Use a malware detection system to detect exploits that may be used for sending spam, and check any reported files and remove them if necessary.
2) Configure relay tracking in csf, monitor the alerts that are sent when the relay limit is exceeded, and check the reported accounts for vulnerable scripts.
3) If you can get the header of one of the outgoing spams, search the exim log to find out what script is sending the mail.
4) Check this webpage on our site which gives some suggestions for finding spammers on your server:
http://www.configserver.com/free/spammers.html#outbound
5) Set WHM > Tweak Settings > Mail > Max hourly emails per domain to a low figure such as 100 to ensure that thousands of messages are not sent out before you detect it.
6) If you have users that forward email on to yahoo or hotmail accounts (for example), make sure that they are educated NOT to mark forwarded mail as spam in their yahoo/hotmail account, as that could lead to your server being blacklisted. MailScanner can help with this if you configure it to delete all spam messages.

Does your MailScanner Front-End package require frequent updates? How are these done?

Updates to MailScanner and the MailScanner Front-end are not frequent and can be updated via Upgrade buttons in the WHM MailScanner Front-End. Clamav will be kept up to date automatically via cPanel’s clamavconnector feature. However, cPanel may not keep clamav at the very latest available version so you still may see errors saying clamav is out of date. This is nothing to do with MailScanner or the MailScanner Front-End but is due to cPanel’s implementation of clamav.

If someone is spamming FROM my server, will the MailScanner Front-End service stop them from sending out spam?

No. The MailScanner Front-End service is designed to protect your server and your users from incoming spam only. If you think someone is using your server to send out spam emails, there are many better ways to detect and prevent outgoing spam. Some suggestions:

1) Use a malware detection system to detect exploits that may be used for sending spam, and check any reported files and remove them if necessary.
2) Configure relay tracking in csf, monitor the alerts that are sent when the relay limit is exceeded, and check the reported accounts for vulnerable scripts.
3) If you can get the header of one of the outgoing spams, search the exim log to find out what script is sending the mail.
4) Check this webpage on our site which gives some suggestions for finding spammers on your server:
http://www.configserver.com/free/spammers.html#outbound
5) Set WHM > Tweak Settings > Mail > Max hourly emails per domain to a low figure such as 100 to ensure that thousands of messages are not sent out before you detect it.

My users like the SpamAssassin spam box feature. Can this be duplicated within MailScanner?

No, MailScanner and the MailScanner front-end does not include a feature exactly like the cPanel spamassassin spam box.

However, you can achieve a similar or better scenario using one of the following methods:

1. Enable MailControl for your users and allow them to view and release emails trapped as spam. This is the best solution.

2. Manually set up [email protected] mailboxes for each domain in cPanel and configure MailScanner to forward mail to this mailbox. This can create problems if users do not check and delete the spam regularly and spam emails are bounced. This will bounce back spam to innocent parties, clutter the exim queue, risk your server getting reported for spamming, and increase the overall load on your server.

With your MailScanner Front-End Service, is there a way to teach or train the system what is spam and what isn’t, when there are false positives or false negatives?

Yes, as the server administrator through the root access in WHM you will have access to MailControl which is included as part of the MailScanner package. MailScanner can be configured such that all email is stored in the quarantine directories that MailControl accesses so that you can then teach SpamAssassin through it’s ham/spam facility when it passes a false-positive or false-negative email on. However, normally it is not necessary to manually teach the spam filtering system as it automatically learns as mail goes through the system.

Does the MailScanner Front-End Service include free future upgrades when updates are available?

The MailScanner Front-End Service is a one-time service of installation and configuration of the MailScanner Front-End and the associated applications. The most important components of this service (MailScanner, MailScanner Front-End, and ClamAV) can be upgraded via upgrade buttons within the WHM MailScanner Front-End itself.