cPanel Email Filtering to Stop Chinese or non-English Character SPAM

Customers complained about “Chinese SPAM” even after filtering was being handled by SpamExperts. This post is based on the good work from Dr. John.

I am long time cPanel/WHM user and customer for LAMP sites. I use EZPZ Hosting and highly recommend them; this an honest referral. Thankfully EZPZ uses SpamExperts to handle the “heavy lifting” for incoming SPAM filtering. However, even with SpamExperts, customers still got “Chinese SPAM” or emails containing non-English characters.

Here is a sample email that got through SpamExperts and needed to be blocked:
sample-chinese-email

Here is how to filter it easily with cPanel regex:

  1. Login to cPanel
  2. Go to “Account-Level Filtering” (or User-Level Filtering if you want to pick a specific email address)
  3. Hit “Create New Filter”
  4. And enter the following:
    non-english-spam-filter-settings
    The drop-down shows a few good options. You can outright discard the message, which is easy, but I recommend the “Deliver to Folder”. This places the filtered emails in a users’ email folder (e.g. Junk E-mail folder) for review or retrieval in case any of these filtered emails are needed. All email that matches the regex will go to this users’ email folder. If you want to filter per user and not globally for the domain, the User-Level Filtering allows you to create the same regex filter for each user.

Enforcing HTTPS & WWW prefix with Apache .htaccess redirects using cPanel

First post is simple.  I wanted a simple way to enforce both HTTPS (TLS/SSL) and the WWW prefix while gracefully handling whatever the user enters.

I am not going to get into the age old debate.  Every domain admin must make the choice.  The combination of sub-domain DNS round-robin, cookies, and the that every non-technical user expects WWW, I chose to redirect to the WWW prefix.  The wrinkle was I also wanted to enforce HTTPS.  After searching for a few minutes I cobbled together a working and flexible solution which does not hard code the domain name.  Kudos to this stackoverflow thread which did most of the heavy lifting.

RewriteOptions inherit
RewriteEngine On

#First rewrite any request to the correct one (i.e. adding "www." if it does not exist)
RewriteCond %{HTTP_HOST} !^www\.
RewriteRule ^(.*)$ https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

#After checking and adding "www." if necessary, then rewrite to HTTPS:
RewriteCond %{HTTP:X-Forwarded-Proto} =http
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

For those new to .htaccess configuration files (and since I am using cPanel) here is a simple article to get you started and how to apply the above config.

Speaking of cPanel/WHM and HTTPS, an honest referral to EZPZ Hosting.  Dan and his team have been superb since I became a customer back in 2010.  Their reseller accounts include unlimited free, basic SSL certificates.

EZPZ Hosting
ezpzlogo