How to Filter Incoming Emails by Country and Domain in WHM

How to Filter Incoming Emails in WHM

Fast VPS server and Dedicated Server Hosting administrators can filter incoming email from specified countries, regions, and domains in WebHost Manager (WHM) to improve email security. This is a valuable option for your defense in depth strategy as it can block malicious emails before reaching any other spam filters in cPanel or the end user’s email client.

Below we cover how to:

Secure VPS HostingEnjoy high-performance, lightning-fast servers with increased security and maximum up-time with our Secure VPS Hosting!

check markLinux VPS check markcPanel or Control Web Panel check markScalable check markWebsite Migration Assistance

Linux VPS Hosting

Filter Incoming Emails

Filter Incoming Emails by Country

Follow these steps to block countries or regions from emailing your server.

This may also affect users emailing from a virtual private network (VPN).

  1. Log into WHM as root.
  2. On the left, select Filter Incoming Emails by Country.
  3. To block or allow a single country, select the toggle to the right.

    Changes are saved immediately.

  4. To block or allow multiple countries, select the select all check box at the top or check boxes beside multiple countries. Then select Block Selected or Allow Selected.
  5. Select Allowed or Blocked at the top to review changes.
Filter incoming emails by country in WHM

Filter Incoming Emails by Domain

Follow these steps to block domains from emailing your server.

  1. Log into WHM as root.
  2. On the left, select Filter Incoming Emails by Domain.
  3. Type domains to block under Blocked Domains (1 per line).
  4. Include subdomains for domains to block with an asterisk (*) (e.g. *
  5. Select Show domains as ASCII (relevant for IDNs) to add international domain names (IDNs) if needed.
  6. Save changes.
Filter incoming emails by domain in WHM

Improve Email Protection

After configuring these settings, follow these guides for further protection.

Real-time Blackhole Lists (RBLs) are third party databases with suspicious IPs and domains. They’re updated regularly so you can add a RBL link once and not have to manually maintain your list often or at all.

SpamExperts can be installed to filter emails from a 3rd party service via MX record configuration. This helps prevent malicious emails from reaching your web server.

Spam Filters (formerly SpamAssassin) checks all emails that reach that cPanel account against preset and custom rules in cPanel. This feature also allows you to manage a spam/junk folder and strengthen filtering to fit your server environment.

Email Filters and Global Email Filters in cPanel help you organize emails, making it easier it to identify suspicious email. You can set filters for an entire cPanel account and individual email accounts. The major benefit here is that emails with common characteristics can be automatically forwarded to labeled folders for better organization. When configured well, emails with familiar subjects or senders that aren’t automatically redirected will seem suspicious by default.

Webmail and desktop email clients have native options to aid filtering (e.g. Thunderbird junk settings). Your email application may have plugins available for additional spam protection similar to the ClamAV integration for Claws Mail.

Improve email authentication with SPF, DMARC, and other DNS records so more phishing and spoofing emails are mitigated with little need for manual labor.

Verizon’s Data Breach Investigations Report (DBIR) includes a tremendous amount of information regarding recent trends and best practices within the cybersecurity realm. You should review the DBIR to better understand what cyber attack vectors are targeted most in your country or region and how to protect your data at rest and in use.

Have you ever received a convincing spear-phishing email? We have. After seeing one enough times, we wrote an article explaining everything you should know about the tactics used to manipulate you into sending bitcoin currency to an unknown entity. Read more in our article on the “this day I hacked your OS” phishing email.”

There’s more to hardening a Linux server than spam filtering. Read more about how to secure your managed VPS or cloud server today.

InMotion Hosting Contributor
InMotion Hosting Contributor Content Writer

InMotion Hosting contributors are highly knowledgeable individuals who create relevant content on new trends and troubleshooting techniques to help you achieve your online goals!

More Articles by InMotion Hosting

Was this article helpful? Let us know!