Reject SPF failures

[captainron19]

A person with a domain on my server is getting a lot of emails to her email account that appear to be coming from an email account on the same domain.... when the email does not exist.

For example

Her email .. [email protected]

Email going to her with viruses attached .... [email protected]

Obviously this is some sort of email spoofing as the account [email protected] does not exist.

Should I enable "Reject SPF failures" to possibly alleviate this problem or could it pose the possibility that legitimate emails may not come through ?

 

[cPanelMichael]

Hello

Rejecting messages that fail a SPF check is a good way to prevent spoofed email. You may want to monitor your Exim logs after enabling this option to see how much legitimate email is blocked to help make a better decision.

Thank you.

 

[captainron19]

Thanks.... how would I monitor the exim logs? Would I have to SSH into server via the Power Panel? If so I have no idea on SSH

I figured I could FTP into the server but I am use to FTP'ing into specific domains on the VPS. Never had to FTP into the root of server before. Attempted by using ip address of server, username "root" and my root password but could not get in via my ftp program

 

[cPanelMichael]

You would need to access your server as root via SSH and monitor /var/log/exim_mainlog with a command such as:

tail -f /var/log/exim_mainlog

Or, you could search the log with the exigrep utility. EX:

exigrep search-term /var/log/exim_mainlog

Information on how to access your server via SSH is available here:

cPanel - SSH Access

Thank you.