Do not send e-mail to me!

cPanel® Irondome

The effective and low cost email protection for cPanel

cPanel® Irondome is an anti-spam filter that runs locally, but it queries the database in real time. The filter is installed by our script and cPanel will be immediately protected. Our system will interact with sender and recipient to try to resolve suspect cases and avoid your support team be called. All email passing by the filter can be visualized and managed through the control panel.

How it works

All notorious spammers will be blocked immediately and they will receive a rejection warning message from our system.

In the case of a false positive, the sender will be able to ask for release and our system will contact the recipient to confirm it.

If the recipient agrees with the release, then our system will send a warning message to the sender explaining that he was accepted and can now resend the message.

All suspect messages will be held in the cPanel queue and our system will send a warning message to the sender informing that.

If the sender asks for the message to be released, then our system will contact the recipient to confirm it.

If the recipient agrees with release, then our system will request cPanel to release the message so that it can be immediately delivered to the recipient.

All released senders will be added in the whitelist, so any other future messages from the same sender will pass directly. System works in a peer-to-peer collaboration environment, which means it is refined with each human interaction.


  • Uses a big reputation database shared with many other SPFBL network providers, involving IP ranges, domains and ASN.
  • Works with clamav-unofficial-sigs that have the most effective malware signatures. By the way, we work directly with a clamav-unofficial-sigs partner to provide new threats samples to improve its effectiveness.
  • Does anti-spoofing checking to avoid spoofing attacks come as sent by big companies or by the same recipient’s company.
  • Does deep analysis in the subject to find word combinations used for spam, leet and many other techniques to confuse anti-spam systems.
  • Creates spamtraps automatically considering the nonexistent accounts receiving massive spam and not receiving good emails.
  • Prevents from many phishing attacks, using our own phishing database and others like Google Safe Browsing® and Porcupine®.
  • Checks recent created domains and combine this criteria with others to get spammers. Many spammers uses recent and low cost domains to avoid bad reputation scores from old one.
  • All spam are reported to the origin data center or ISP, so the spammer will have to account for its bad deeds.
  • Integrated firewall capable of protecting your cPanel from massive abuses, which can even prevent DDoS to the SMTP service. It limits 8 SMTP connections every 10 minutes from IPs without legitimate sendings but with massive volume of abuses.

How to try it

You can try this solution for free for 30 days. You must contact us so we will release your cPanel IP to it have access to our SPFBL server. After that, you must follow these steps:

  1. Open the port 9877 TCP OUT in your cPanel firewall.
  2. Run this command as root in your cPanel shell:

    curl -s | sudo bash /dev/stdin install

  3. Go to “Exim Configuration->Manager->Basic Editor” in your WHM and do these changes there:
    1. Change the option “Introduce a delay into the SMTP transaction for unknown hosts and messages detected as spam” to OFF.
    2. Change the option “Allow DKIM verification for incoming messages” to ON.
    3. Change the option “Reject DKIM failures” to OFF.
    4. Include all your other company’s cPanel IPs in the list “Trusted SMTP IP addresses”.
    5. Click at “Save” button at the bottom.
  4. Go to “Exim Configuration->Manager->Advanced Editor”
    1. Uncheck the ACL “default_spam_scan”.
    2. Uncheck the ACL “default_spam_scan_check”.
    3. Uncheck the ACL “default_exiscan” if it exists.
    4. Uncheck the ACL “spam_scan_secondarymx” if it exists.
    5. Uncheck the ACL “outgoing_spam_scan” if it exists.
    6. Uncheck the ACL “outgoing_spam_scan_over_int” if it exists.
    7. Change the variable “spamd_address” to the value “ 9877 retry=30s tmo=3m”, or create it if not exists.
    8. Change the variable “timeout_frozen_after” to the value “7d”.


Once that’s done, disable any other incoming filters to avoid conflicts with Irondome, including RBL checks.


To uninstall, just close port 9877 TCP OUT, undo all actions in steps 3 and 4 and run the command below:


curl -s | sudo bash /dev/stdin uninstall