Email is a problem for organizations of all sizes. Email consumes ever-increasing storage. Also, extra security features are necessary to pass scrutiny of email gateways at banks and other important suppliers. Without these utilities in place there is a risk that important emails might not reach their destination.

As businesses grow, increasing in-house management means it becomes cost-effective to migrate email to a platform like Microsoft 365. This way, email services are constantly improved behind the scenes by the people who help dictate the conditions for email logistics worldwide.

Organizations that need to cater for multiple email accounts should consider Microsoft 365, whose “out-of-the-box” platform (Exchange) is the overwhelming solution of choice for commerce, public sector, and military. Microsoft 365 scales to the needs of global enterprises. Also, 365’s nominal cost obviates unknown costs that organizations might incur with “self-serve” solutions.

Your web server is designed to deliver web pages promptly. As your historical email volume grows over time on your web server, resources will be increasoingly re-directed to manage email. This is one reason why most businesses use different equipment to manage web and email services.

Storage – how much?

Microsoft 365 provides 50GB expandable mailbox limits for individual accounts. This is not realistic for a web server that is designed for web page delivery. Without hardware upgrades, we recommend that email accounts should be limited to 2GB -5GB.

Attachments – links save disk space

Even at Microsoft’s larger scale, file attachment are limited to 15MB by default. This is because large files cause network congestion and rapidly increasing mailbox sizes. Organizations have learned to use file distribution via email with permission-enabled links to files stored elsewhere. This leaves large files out of the equation for email disk space and this approach is GDPR-compliant. We recommed that you adopt a similar approach to conserve mailbox space. cPanel can be configured to limit file attachment sizes, but this requires intervention by us to configure your hardware. Please contact us for help.

Long term storage – archiving

Archiving is available in cPanel email accounts, but archives still need cleaning. Microsoft 365 is capable of compressing email that is archived, and rules can automate spent email deletion. Note too that Microsoft enables network admins to prevent accidental or malicious deletion of email which is not possible in cPanel.

Modern email gateways perform a number of tests and scores to validate every email intended for receipients within its network. The principal security tests are SPF, Reverse DNS, DKIM, and DMARC. These tests are important because they help build a picture for receipients that verify that you are a legitimate sender and that the content in the message you have sent has not been altered or replaced between end-points.

cPanel can diagnose and recommend patchs to improve your email validation tools.

Without these four services, there is a risk that email can be rejected by organizations like banks, suppliers, and customers. Click on the links to find out more about each technology/protocol.

SPF

SPF is enabled by default in cPanel. You do not need to update your server.

Reverse DNS

Reverse DNS technology is installed in cPanel by default, however its functionality depends on where your domain name’s authoritative zone record is stored. If the zone record is established on your web server, the protocol’s record is determinative in that zone record. If your domain name’s zone record is managed at a domain name registrar, you will need to review and probably edit your record. The syntax for this record, including the correct IP address, is available in cPanel email configuration. Reverse DNS is important. because other technologies like DKIM and DMARC depend on Reverse DNS.

DKIM

DKIM was introduced worldwide in early 2025. The technology is installed on your server, but your domain name’s zone record needs to be modified for the protocol to work. This cannot be performed automatically, and therefore your domain name’s authoritative zone record has to be modified. cPanel provides the record that you need to add, however domain name zone records are notoriously fragile. Accidental corruption of a domain name’s zone record can crash your web site and associated services for up 72 hours. So, you should contact us for help.

DMARC

DMARC is another technology that is enabled in cPanel but requires implementation in your domain name’s authoritative zone record. Also, the security can be incremented in steps according to your zone record’s syntax. So, DMARC needs manually configuring. We recommend using DMARC in “test” mode initially.

Email is an evolving technology and industry standards change over time to respond to threat. cPanel email is provided as-is, so it is your responsibility to configure email services unless we provide support for your email environment. Please contact us for help with implementation.

You can centralize contacts in a centralized address book which can be accessed by all email account users. This is referred to as a system managed address book and it is equivalent to Microsoft 365’s Global Address Book. This is a GDPR compliant feature and is encouraged because it provides all users with a single point of contact for internal and external organizational contacts. Also, it reduces the risk of data leakage because it enables you to ringfence business contacts from employees’ personal address books.

To add or edit contacts, login to your webmail account, open contacts, and look for the address book called cPanelCardDav. Each email accont holder will see this address book in their contacts page.

Similarly, a shared calendar is available in Webmail calendar as cPanel CalDav Calendar.

Webnmail can be accessed from your mobile phone. You can bypass Roundcube and access server contacts/calendars via Apple and Android clients. We are developing user-friendly notes for enabling sync services. For now, see cPanel configurations notes for CalDAV (calendar) and CardDAV (contacts) here.

When sufficient emails from an email account in your organization fails a security tests as it transits the Internet, public authorities like Symantec can blacklist your server’s IP address and cause email associated with your domain name to be dropped before email reaches its destination. This is catastrophic. It can take hours to understand the nature of the problem, and it can take 72-96+ hours to purge your blacklisting. Meanwhile, you cannot send email.

Microsoft 365 and Google Workspace measure outgoing email forensically before it is released in public domain, and customers’ email servers are programmed “out-of-the-box” with toolsets that allow suspicious activity to be reconciled before corrupt email hits the public domain. 

Be aware that if you are using cPanel email without support,restoring services in the event of blacklisting is not subject to an SLA and may incur charges. Also, blacklistings may compromise web site performance and SEO rankings.

cPanel email accounts can be configured with protocols like those listed above to help secure email efficacy. Also, cPanel’s email module supports calendar sharing and shared address books. A centralised address book is a fundamental GDPR component.

There are several issues like data leakage and malicious deletion which are beyond the scope of this article that cPanel does not natively provide for. If you are considering using cPanel email accounts at an organizational level, bear in mind that Microsoft 365 and Google Workspace assume these obligations for minimal cost and save you from managing this complex technology yourself.  This saves an organization a lot of effort and trouble.

Lastly, by separating email and web servers, the risk of losing both services simultaneously in the event of one component failing is minimized.