The Exim mail server in WHM can automatically filter incoming emails that contain potentially dangerous file attachments, such as executables, scripts, and other file types commonly used to distribute malware. Enabling this filter helps protect your server and your users from email-borne threats.

Step 1: Log in to WHM

Open your browser and navigate to https://your-server-ip:2087. Enter your root credentials to access the WHM dashboard.

Step 2: Open Exim Configuration Manager

In the left-hand sidebar, navigate to Home » Service Configuration » Exim Configuration Manager.

Step 3: Go to the Filters Tab

Click on the Filters tab at the top of the Exim Configuration Manager page.

Step 4: Enable Dangerous Attachment Filtering

Find the option labelled Attachments: Filter messages with dangerous attachments. Toggle this setting to On.

When enabled, Exim will block emails containing attachments with the following file extensions:

  • Executable files: .exe, .com, .bat, .cmd, .pif, .scr
  • Script files: .vbs, .js, .wsf, .wsh
  • Shortcut files: .lnk
  • Other potentially dangerous types as defined by your Exim configuration

Step 5: Save Changes

Scroll to the bottom of the page and click Save. The Exim mail server will restart automatically to apply the new configuration.

Important Notes

  • This filter scans all incoming mail server-wide — it cannot be configured per individual cPanel account.
  • Blocked messages are typically rejected at the SMTP level with a bounce message to the sender.
  • This feature is separate from SpamAssassin — it is a hard filter based on file extension, not a scoring system.
  • If legitimate emails are being blocked, you may need to adjust the blocked attachment types via the Advanced Exim editor.
  • Ensure your Exim Configuration Manager is set to Basic mode to see this toggle. In Advanced mode, the ACL rules handle this directly.

Troubleshooting

  • Cannot find the option: Make sure you are on the Filters tab, not the Basic Editor tab. If using Advanced mode, the filter rules are managed through ACLs.
  • Legitimate attachments being blocked: Instruct senders to archive files in a .zip format, or use the Advanced Exim Editor to customise the filter rules.
  • Filter not working after saving: Verify that Exim restarted successfully. Check WHM » Service Status to confirm the Exim mail server is running.
Was this answer helpful? 0 Users Found This Useful (0 Votes)

Most Popular Articles

How to set Default maximum email quota for new packages via WHM?

The Default maximum email quota for new packages setting in WHM controls the maximum email...
How to set Default disk usage quota for new packages via WHM?

The Default disk usage quota for new packages setting in WHM lets you define a default disk space...
How to set Default bandwidth limit for new packages via WHM?

When you create a new hosting package in WHM, cPanel uses a default bandwidth limit if you don't...
How to change cPanel PHP max POST size via WHM?

The cPanel PHP max POST size setting controls the maximum size of HTTP POST requests that...
How to change cPanel PHP max upload size via WHM?

What is the cPanel PHP Max Upload Size? The cPanel PHP max upload size setting controls the...