What is the Recommended cPFence Settings for Email, Backup, and DNS Servers?

If you're running DNS, backup, or email servers, optimizing cPFence settings can help ensure efficient use of resources while maintaining security. Below are the recommended configurations for different types of servers.

Recommended Settings for DNS and Backup Servers

For DNS and backup servers, it's best to turn off certain features that are unnecessary for these types of servers to conserve resources. You can disable real-time malware protection, proactive scanning, and the WAF module with the following commands:

cpfence --disable-MRTP  
cpfence --disable-proactive  
cpfence --disable-ols-waf

These commands will disable:

  • MRTP (Malware Real-Time Protection)
  • Proactive Scanning
  • OLS/LS Web Application Firewall (WAF)

Other cPFence modules will remain active to ensure basic security and performance without overloading server resources.

Recommended Settings for Email-Only Servers

For email-only servers, you can keep most of the default settings intact for security. However, it's recommended to disable the WAF module for optimal performance. Use the following command:

cpfence --disable-ols-waf

Additional Configuration Options

Depending on your needs, you can also choose to enable or disable the following options for email servers:

AUTO_QUARANTINE="off"  
EMAILS_QUARANTINE="off"  
EMAIL_SPAM_PROTECTION="off"

These options control automatic quarantine, email quarantine, and spam protection. Adjust them based on your server’s specific requirements.

Copying Settings to New Servers

To replicate these settings on new servers, you can copy the /opt/cpfence/config.conf file from your configured server. After copying the file, make sure to update the license key for the new server.


Need Further Assistance?

If you encounter any issues or need additional help, feel free to reach out to our support team via your client portal.

  • 1 Users Found This Useful
Was this answer helpful?

Related Articles

How to Manage cPFence License?

When cPFence is initially installed, the license should be added automatically. If you encounter...

Configuring cPFence

The default configuration of cPFence is highly recommended for the majority of use cases. Upon...

Installation Guide & Quick Start

cPFence installation is a straightforward process : Requirements - Ensure your server is...