View Tutorial Creating an Email Account within cPanel
View Tutorial E-Mail Configuration Settings - cPanel Environment
• Monitoring the Mail Queue Manager, or setting up notifications is a good way to keep an eye on the sites that are hosted on your VPS’s. Keeping your domains code and plugins (if using a CMS) will help to ensure that your sites have the latest security fixes.
• Ensure that your SPF record reflects every location you will be sending from, including scripts or 3rd party mailing services like MailChimp. For more information about what an SPF record is and the function it performs please visit the following link (SPF Records)
• Make sure that the DKIM record is enabled and present. For more information about what a DKIM record is and the function it performs please visit the following link (DKIM Records)
• Designing and implementing a DMARC policy will ensure that only mail you intend to mail will be sent (even if it isn’t from your server). This will also server as an insight into the health of your Mail configuration. For more information on what DMARC policy is and the function it serves please visit the following link (DMARC Record)
• Maintaining a strong password policy across all users will reduce the chance that an account will become compromised. You can visit https://hostek.com/password/ to generate a secure password.
• If mail will be sent as a result of a contact form, take care to include a captcha and to have protections in place to prevent SQL injection.
• If you are using a CMS (WordPress, Joomla, Drupal, etc…), make sure that plugins and the CMS application is always kept up to date. Updates include important fixes to security vulnerabilities as well as occasionally adding features.
The CAN-SPAM act sets requirements for commercial messages and gives recipients the right to have businesses stop emailing the consumer. This act also spells out tough penalties for violations. The points below and a full guide to compliance with messages sent for a business can be found at: https://www.ftc.gov/tips-advice/business-center/guidance/can-spam-act-compliance-guide-business .
• Make sure to include a functional way for the recipient to opt-out of any commercial emails from your organization. This is typically done with an email address to contact you or an opt-out form.
• The unsubscribe link must work for at least 30 days after sending.
• Avoid deceptive or ambiguous subject lines.
• Don’t purchase, rent, use scraped mailing lists. This is a violation of our Terms of Service and usually lead to a high bounce rate. Organic mailing list are the only mailing lists allowed. Avoid using words and phrases that frequently trigger SPAM filters. You can perform a search for pages that have compiled lists of these triggers.