BoxTrapper is an application included with cPanel that filters spam by requiring would-be senders to reply to a verification email (also known as challenge-response verification). Only after the sender is verified through the reply will his or her original email be accepted. Theoretically, this is supposed to stop the recipient from seeing any spam whatsoever as the system requires human intervention of some kind to take the email out of the trap.
While in theory this seems like a great system, in practicality it causes almost as many problems as it tries to solve.
When email boxes send the challenge email, that email will go to an actual email account of an actual person that emailed you (in which case, we have no problem), or it will go to a “do not reply” email from a mailing list, to a non-existent email account, to someone’s email account that was hijacked to be used for spam. If the challenge email goes back to accounts that don’t exist, it becomes collateral spam called backscatter.
Backscatter can and frequently does land shared servers on blacklists, disrupting communications for an entire server full of folks. As we have worked diligently to improve outgoing spam detection, it became clear the BoxTrapper issue was one that we needed to address to continue to improve services.
By Friday, we will have BoxTrapper disabled on all shared servers. In addition, we will be running several scripts to ensure that anyone using BoxTrapper will have their settings reverted to normal so that mail delivery is not disrupted in any way. There should be nothing at all that you need to do to ensure this discontinuation goes smoothly – we’ll take care of it all for you.
If you have any questions about this at all, please contact our support department and we will be happy to help you out.