What should I do if my email account is blocked by SPAM?

Introduction

When an email account is detected as sending SPAM (either intentionally or because it has been compromised), the SW Hosting team acts immediately to protect the reputation of the server and prevent other services from being affected.

This normally involves:

• Blocking outgoing mail ports (SMTP).
• Temporarily suspending the mail service associated with an IP address, mailbox or server.

This document will guide you step by step to:

1. Locate and secure the compromised account.
2. Change your password securely.
3. Apply protective measures to your devices.
4. Request service reactivation.
5. Prevent future incidents.

⚠️ Important: Do not request email activation until you have verified that the issue has been completely resolved.

1. Identify the affected service from SWPanel

If you have received a SPAM notification from our team, the message will clearly indicate which account is involved (for example: [email protected]).

To manage it:

1. In the SWPanel search bar, type the name of the service and access its Dashboard.

The screenshot is for illustrative purposes only. It was taken from version 2025.004.0001 dated 10/05/2025. It may differ from what is shown in the current version of SWPanel

2. In the left side menu, click on Service Management and Email Management.

The screenshot is for illustrative purposes only. It was taken from version 2025.004.0001 dated 10/05/2025. It may differ from what is shown in the current version of SWPanel

3. Find the affected email address in the list.

2. Change the password for the affected account

It is essential to change the password immediately. To do so:

1. Locate the account in the list or search for it using the email management search engin.

The screenshot is for illustrative purposes only. It was taken from version 2025.004.0001 dated 10/05/2025. It may differ from what is shown in the current version of SWPanel

2. Go to the three dots on the right side of your email account and click Edit this email account.

The screenshot is for illustrative purposes only. It was taken from version 2025.004.0001 dated 10/05/2025. It may differ from what is shown in the current version of SWPanel

3. Enter a new secure password or click Generate random password.

The screenshot is for illustrative purposes only. It was taken from version 2025.004.0001 dated 10/05/2025. It may differ from what is shown in the current version of SWPanel

4. Save your changes.

Recommendations for your new password:

• Use at least 12 characters.
• Combine upper-case letters, lower-case letters, numbers and symbols.
• Avoid using the same password on other platforms or emails.

3. Protect your devices

Misuse of an email account is usually due to:

• Devices infected with malware.
• Password theft (phishing, malware, etc.).
• Insecure settings in email clients.

We recommend:

• Scan all devices used to access this account with an up-to-date antivirus.
• Change the passwords for all email accounts configured on that device if any infection is detected.
• Make sure that the password has not been shared with third parties.

4. Request service reactivation

Once you are certain that your account is secure and your password has been changed, request activation of the email service by opening a support ticket.:

📃 Manual: Talk to support with Quick Help

📝 Example message:

Hello, We have detected SPAM being sent from the account [email protected]. We have already changed the password and checked the devices. Please reactivate the email service. Thank you.

5. What if the problem comes from my website?

In some cases, even though the email account appears to be the source of the SPAM, the actual source may be a poorly protected form or script within your website.

How can you tell if your website is involved?

• The affected account is not used on any device, but appears to be sending emails.
• Emails are sent from generic accounts such as [email protected].
• You have received notifications of mass mailings without SMTP authentication.
• SPAM is generated after submissions from contact forms or PHP scripts.

What to do if you think your website has been compromised?

1. Download all your website files via FTP and save them locally.
2. Scan the files with a specialised antivirus program:
   • Wordfence (if you use WordPress).
   • VirusTotal for specific files.
3. Check for suspicious files, such as:
   • mail.php, sendmail.php, or similar modified files.
   • New files in folders such as /uploads, /tmp, or /wp-content.
4. Update your CMS (WordPress, Joomla, etc.) and all plugins.
5. Protect forms:
   • Use CAPTCHA o reCAPTCHA.
   • Check and clean the data entered by users to prevent malicious code injections..
6. Check file and folder permissions. Avoid 777 permissions.

🧠 Tip: If you don't have technical experience, contact your developer or trusted web maintenance company.

6. Recommendations to avoid future blockages

• Never share your email account passwords.
• Use different passwords for each service.
• Avoid accessing your email from public or unsecure networks.
• Keep your operating system, antivirus and email programs up to date.
• Periodically review your access and configured devices.
• If you use a CMS (such as WordPress, Joomla, etc.), always keep all plugins, themes and the CMS itself up to date.
• Remove any plugins or themes that you do not use.
• Regularly check your website's source code and look for files that you do not recognise.
• Protect contact forms with CAPTCHA and avoid insecure scripts.
• Control the permissions of your files and folders; avoid 777 permissions.

For more information on security and how to protect your WordPress:

• Security blog:
  How to protect your email account