Understanding Outbound Spam Protection in cPFence

Outbound Spam Protection is part of cPFence’s Spam AutoShield module. It automatically detects and blocks compromised or abusive email accounts that start sending spam, protecting your server’s IP reputation before major damage occurs. When triggered, it immediately blocks the sender and notifies administrators by email and Slack.

How It Works

  1. cPFence continuously monitors outbound email activity for patterns consistent with spam bursts or abuse.
  2. If detected, the offending account is automatically blocked from sending further emails.
  3. Admins receive instant email and Slack notifications detailing which account was blocked and why.
  4. Once the issue is resolved, you can remove the block using the WebUI or CLI.

Managing Outbound Spam Blocks (WebUI Method)

  1. Sign in to cPFence WebUI and select the server managing your mail service.
  2. Go to Tools & UtilitiesSpam AutoShield ToolsBlock / Unblock Outgoing Spam Email.
  3. Review any automatically blocked accounts. You can unblock accounts once verified clean.
  4. Outbound Spam Protection is enabled by default when the Spam AutoShield module is active. To disable this feature, set SPAM_AUTOSHIELD_LIMITS to off in the config file or through the WebUI settings page.

Tip: You can fine-tune spam detection thresholds by adjusting MAX_SMTP_MSGS_PER_HOUR and MAX_WEB_MSGS_PER_HOUR (default: 200). Edit these values in /opt/cpfence/config.conf or through the WebUI ➜ Settings page.

Command Line (CLI) Method

  1. SSH into the server running cPFence. Enable Spam AutoShield Module if not active cpfence --activate-spam-autoshield
  2. Block a specific sender manually: 
    cpfence --add-spam-autoshield-out-email [email protected]
  3. Remove the block after cleanup or verification: 
    cpfence --del-spam-autoshield-out-email [email protected]

Keep this module enabled for full protection. Only disable it temporarily if maintenance or testing requires it.

Compared to Enhance’s Default Behavior

  • Enhance limiter: Temporary throttling, no permanent auto-block, no notifications.
  • cPFence protection: Permanent block, real-time alerts, and fast recovery when you’re ready.

Need Further Assistance?

Visit our Knowledgebase or contact our support team for help.

  • 0 användare blev hjälpta av detta svar
Hjälpte svaret dig?

Relaterade artiklar

Using Spam AutoShield to Block Spam by IP, Email, Domain, Subject, or TLD

The Spam AutoShield module in cPFence is designed to give you full control over spam filtering...

How to Configure Spam AutoShield using cPFence Tools?

Apply Spam AutoShield Preset (WebUI Method)   In cPFence WebUI, go to Tools & Utilities ➜...

How to Reset Rspamd Training Data using cPFence Tools?

Reset Training Data (WebUI Method)   Open cPFence WebUI ➜ Tools & Utilities ➜ Spam...

How to Block/Unblock ASNs in Spam AutoShield using cPFence Tools?

Manage ASN Blocks (WebUI Method)   Open Tools & Utilities ➜ Spam AutoShield Tools. Click...

How to Whitelist/Unwhitelist ASNs in Spam AutoShield using cPFence Tools?

Manage ASN Whitelist (WebUI Method)   Open Tools & Utilities ➜ Spam AutoShield Tools....