Skip to content

cPanel Review

How to Configure SpamAssassin in cPanel: A Complete Guide to Fighting Spam

May 21, 2026 by cPanelPro

Spam is an ever-present problem for anyone running a website with email. If your cPanel server handles email for your domain, you already have one of the most powerful anti-spam tools available: SpamAssassin. This open-source spam filter scores every incoming message against thousands of rules and lets you decide what to block, tag, or deliver. But SpamAssassin only works well when it is properly configured.

Default settings will catch obvious spam, but they often miss more sophisticated messages or — worse — flag legitimate emails as spam. In this guide, you will learn how to configure SpamAssassin in cPanel to strike the right balance between aggressive filtering and accurate delivery. We will cover scoring, custom rulesets, the AutoLearn system, user-level preferences, and integration with Apache SpamAssassin daemon (spamd).

Accessing SpamAssassin Settings in cPanel

Before you can tune the filter, you need to know where to find its controls. cPanel provides SpamAssassin configuration at two levels: global (server-wide via WHM) and per-user (inside each cPanel account).

Per-User SpamAssassin Configuration

  1. Log in to your cPanel account.
  2. Navigate to the Email section and click Spam Filters (or Apache SpamAssassin in some themes).
  3. If SpamAssassin is not enabled, click the toggle to turn it on. You will see a message confirming activation.
  4. Once enabled, you can access the SpamAssassin User Preferences editor, where you can tweak rules and thresholds for this specific mailbox.

Global Configuration (WHM)

If you have reseller or root access, you can adjust server-wide SpamAssassin settings:

  1. Log in to WHM (WebHost Manager).
  2. Search for SpamAssassin in the left-hand navigation.
  3. Click SpamAssassin Configuration — here you control default scoring, AutoLearn parameters, and which rules run globally.

Server-wide settings act as defaults that every cPanel account inherits, but users can override specific values in their own preference files.

Understanding Spam Scores and Thresholds

SpamAssassin works on a scoring system. Every email is analyzed against hundreds of rules. Each rule adds or subtracts points based on how spammy the message appears.

Key Concepts

  • Score: The total points an email accumulates after all rules are applied.
  • Required Score: The minimum score needed before an email is flagged as spam. The default is 5.0.
  • Spam: Messages scoring at or above the required score are tagged with *****SPAM***** in the subject line (or moved to the spam folder, depending on your setup).
  • Hit: Each time a rule matches, it is called a hit and contributes its point value to the total score.

Adjusting the Required Score

The default threshold of 5.0 works reasonably well for most users, but you may need to adjust it:

  • Lower the threshold (e.g., 3.0–4.0): More aggressive filtering. Use if you receive a lot of spam and do not mind checking your spam folder occasionally for false positives.
  • Raise the threshold (e.g., 6.0–8.0): Less aggressive. Use if you frequently lose legitimate email to the spam folder.

To change your threshold in cPanel, open the SpamAssassin User Preferences editor and add or modify this line:

required_score 4.0

This tells SpamAssassin to tag any message scoring 4.0 or higher as spam.

Whitelisting and Blacklisting

One of the most powerful and underused SpamAssassin features is the ability to create trusted sender and blocked sender lists directly from cPanel.

Adding a Whitelist (Trusted Senders)

Whitelisted senders bypass SpamAssassin scoring entirely. Any email from these addresses or domains will always be delivered to your inbox. Add whitelist entries in the User Preferences editor using:

whitelist_from *@example.com
whitelist_from support@trustedcompany.com

The * wildcard covers every address at that domain.

Adding a Blacklist

Blacklisted senders are automatically scored very high, ensuring they are caught. In the preferences editor, use:

blacklist_from *@known-spam-domain.com
blacklist_from scammer@bad-actor.net

Using cPanel Interface Controls

cPanel also offers a simpler interface for managing the most common addresses:

  1. In Spam Filters, scroll to Spam Auto-Delete (or similar).
  2. You will often see a field labeled Always Deliver From (whitelist) and Always Mark as Spam From (blacklist).
  3. Enter email addresses or domains, one per line, and save.

Configuring AutoLearn: Train SpamAssassin Over Time

SpamAssassin can learn from your feedback using a feature called Bayesian AutoLearn. When you move messages into or out of your spam folder, AutoLearn adjusts the filter to better recognize what you consider spam versus legitimate mail.

Enabling AutoLearn

In WHM under SpamAssassin Configuration, look for the AutoLearn settings:

  • auto_learn: Set to 1 (enabled).
  • auto_learn_threshold_nonspam: Messages with a score below this value are considered non-spam and used for training. Default: 0.1.
  • auto_learn_threshold_spam: Messages with a score above this value are considered spam for training. Default: 12.0.

These defaults mean only very clearly non-spam (score below 0.1) and very clearly spam (score above 12.0) are used for AutoLearn. You can narrow the gap:

auto_learn_threshold_nonspam -1.0
auto_learn_threshold_spam 8.0

This tells AutoLearn to learn from a wider range of messages, making the filter smarter faster.

Training Manually (sa-learn)

If your server receives high volumes, you can manually train SpamAssassin using the command-line tool sa-learn. Access your server via SSH and run:

# Train with known spam
sa-learn --spam /path/to/maildir/.Junk/cur/

# Train with known ham (legitimate mail)
sa-learn --ham /path/to/maildir/.Sent/cur/

# Check training stats
sa-learn --progress

Run these commands weekly or monthly to keep the Bayesian database accurate.

Testing Your SpamAssassin Configuration

After making changes, you should test that SpamAssassin behaves as expected. The easiest method is using the spamassassin command-line tool with a test email.

Testing with a Sample Message

Save a raw email to a file, then run:

spamassassin -t < test-email.txt

The -t flag shows a detailed report — every rule check, the points added, and the final score. Look for lines like:

X-Spam-Status: Yes, hits=7.3 required=5.0
X-Spam-Flag: YES

If the score is lower than you expected, check which rules fired. You may need to adjust your threshold or add specific rules to target the types of spam you receive most.

GTUBE Test

SpamAssassin includes a built-in test string called GTUBE (Generic Test for Unsolicited Bulk Email). Sending an email containing XJS*C4JDBQADN1.NSBN3*2IDNEN*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL*C.34X will score exactly 1000 points, confirming the filter is working.

Use GTUBE only in test environments or on your own accounts. Sending it to external addresses is considered abuse.

Additional SpamAssassin Best Practices

  • Combine with DKIM and SPF: SpamAssassin checks email authentication. Properly configured DKIM, SPF, and DMARC records reduce false positives significantly.
  • Enable Spam Auto-Delete carefully: cPanel offers an option to delete messages above a certain score automatically. Start by setting this high (e.g., score of 15+) to avoid deleting legitimate mail by accident.
  • Monitor spam reports: Review the spam folder periodically to identify false positives. If a legitimate sender is consistently flagged, add them to your whitelist.
  • Update rules regularly: New spam techniques emerge constantly. Ensure your server updates SpamAssassin rules via sa-update on a daily cron schedule.
  • Use SpamAssassin in conjunction with greylisting: Many cPanel servers offer greylisting as a first line of defense. Combined with SpamAssassin, it reduces total spam volume by 60–80% before scoring even begins.

Key Takeaways

  • SpamAssassin scores inbound email against thousands of rules; the default threshold of 5.0 works for most setups, but you can lower or raise it depending on your tolerance for false positives.
  • Whitelisting trusted senders and blacklisting known spammers in your User Preferences editor is a fast way to improve accuracy.
  • Bayesian AutoLearn trains the filter based on your actual email behavior — enable it with appropriately wide thresholds for best results.
  • Use the spamassassin -t command to test how messages are scored before and after configuration changes.
  • SpamAssassin works best alongside DKIM/SPF/DMARC, greylisting, and a well-maintained rules update schedule via sa-update.
Categories Email Configuration Tags cPanel Email Security, cPanel SpamAssassin guide, email spam protection, spam filtering cPanel, SpamAssassin Configuration
How to Fix AutoSSL Errors in cPanel: A Step-by-Step Guide
How to Troubleshoot and Fix 403 and 500 Errors in cPanel

Recent Posts

  • How to Set Up and Manage Cron Jobs in cPanel: A Complete Guide
  • How to Configure and Use Webmail Clients in cPanel: Roundcube, Horde, and SnappyMail
  • How to Troubleshoot and Fix 403 and 500 Errors in cPanel
  • How to Configure SpamAssassin in cPanel: A Complete Guide to Fighting Spam
  • How to Fix AutoSSL Errors in cPanel: A Step-by-Step Guide
No comments to show.
  • Database Management
  • Domain Management
  • Email Configuration
  • General
  • Performance
  • Security
  • Site Management
  • WordPress Management
© 2026 cPanel Review • Built with GeneratePress