What are SMTP Restrictions?

SMTP Restrictions is a security feature in WHM that prevents users and services from bypassing your server's mail server (Exim) to send email directly to remote SMTP servers. When enabled, only the mail transport agent (MTA), Mailman mailing list software, and the root user are allowed to make outbound SMTP connections. This is a critical measure against spam — compromised scripts often attempt to send mail directly to external mail servers to evade logging and filtering.

Steps to Enable SMTP Restrictions

  1. Log in to WHM as the root user.
  2. Navigate to Home » Security Center » SMTP Restrictions.
  3. On the SMTP Restrictions page, you will see a description of the feature. Click Enable to activate the restriction.
  4. A confirmation message will appear indicating that SMTP restrictions are now active.

How It Works

  • When enabled, the system configures firewall rules (via iptables or firewalld) that block outbound connections to remote SMTP ports (port 25) from all users except root, the mail server (Exim), and Mailman.
  • This forces all email sent from the server to go through Exim, where it can be logged, filtered, and rate-limited.
  • Spam scripts and malicious processes that try to connect directly to external mail servers will be blocked.

Important Notes

  • This is strongly recommended for all shared hosting servers. It is one of the most effective anti-spam measures available in WHM.
  • Some applications or cron jobs may need to send mail through SMTP directly. After enabling, ensure these are configured to use the local mail server (localhost) instead of connecting to external SMTP servers directly.
  • If you are using a third-party SMTP relay service (like SendGrid, Mailgun, or Amazon SES), this restriction should not affect mail sent through Exim configured with a smart router.
  • To configure additional SMTP settings (such as the maximum number of simultaneous incoming connections), visit Home » Service Configuration » Exim Configuration Manager.

How to Disable SMTP Restrictions

  1. Navigate to Home » Security Center » SMTP Restrictions.
  2. Click Disable to remove the restriction and allow all users to make outbound SMTP connections.

Warning: Disabling SMTP restrictions makes your server more vulnerable to spam abuse. Only disable if you have alternative spam prevention measures in place.

Troubleshooting

  • Legitimate emails are not being sent: Check that the sending application or script is using the local mail server (localhost:25) rather than trying to connect to an external SMTP server directly.
  • Cron job emails are failing: Ensure your cron jobs route mail through the local MTA. If a cron job uses an external SMTP server, reconfigure it to use localhost or your server's relay settings.
  • SMTP Restrictions page not found: You may not have root-level access, or the feature may be restricted by your hosting provider. Contact your server administrator.

For official documentation, see the cPanel SMTP Restrictions guide.

Was this answer helpful? 0 Users Found This Useful (0 Votes)

Most Popular Articles

How to set Default maximum email quota for new packages via WHM?

The Default maximum email quota for new packages setting in WHM controls the maximum email...
How to set Default disk usage quota for new packages via WHM?

The Default disk usage quota for new packages setting in WHM lets you define a default disk space...
How to set Default bandwidth limit for new packages via WHM?

When you create a new hosting package in WHM, cPanel uses a default bandwidth limit if you don't...
How to change cPanel PHP max POST size via WHM?

The cPanel PHP max POST size setting controls the maximum size of HTTP POST requests that...
How to change cPanel PHP max upload size via WHM?

What is the cPanel PHP Max Upload Size? The cPanel PHP max upload size setting controls the...