What settings do you recommend for the Exim Configuration Editor Standard Options settings on a cPanel server running MailScanner?

Our recommended Exim Configuration Editor Standard Options settings in WHM version 11.40 and above (with MailScanner installed and running):

ACL Options: Leave cPanel's defaults or modify as desired. We recommend enabling the following:
* Dictionary attack protection
* Require HELO before MAIL
* Require remote (domain) HELO
* Require RFC-compliant HELO

You should leave "No reject rule by spam score" and "No ratelimiting by spam score" disabled as they are set by default. No SpamAssassin options should be enabled at all in this section.

Access Lists: Leave cPanel's defaults or modify as desired.

Domains and Ips: These settings should not affect MailScanner.

Filters: Disable the following:
* Attachments: Filter messages with dangerous attachments
* Apache SpamAssassin: Global Subject Rewrite
* Apache SpamAssassin: bounce spam score threshold - set to No bouncing by spam score
* SpamAssassinTM: X-Spam-Subject/Subject header prefix for spam emails - leave default

System Filter File = /etc/antivirus.empty

Mail: Leave the cPanel default settings. We specifically recommend disabling Sender Verification Callouts

RBLs: We recommend enabling one or both of the default RBLs (bl.spamcop.net and zen.spamhaus.org) in order to block such emails at exim rather than have them processed by MailScanner. If you enable this you should set "Spam List = " to a blank field in the MailScanner Configuration. Enabling this in exim rather than MailScanner should help reduce the resource usage by MailScanner. Leave as cPanel default or modify the other settings as desired.

Security: Leave as cPanel default or modify as desired.

SpamAssassinTM Options: All should be Off or Disabled except for the ruleset options (the last four settings) which can be enabled as they will apply to spamassassin as used by MailScanner.

Note: None of the SpamAssassin options in any of the sections should be enabled if you are running MailScanner, except for the last 4 settings for SpamAssassin rulesets.

Another note: If any of the above options are missing or there are additional options, you are probably using an earlier or later version of cPanel/WHM than the one referred to in this FAQ. We try to update this FAQ when these options change but there may be a slight delay.