If you are going to share your server with any one, Make sure you ask these to him / Get these done before sharing
1. Always try to keep the thirdparty software like wordpress and joomla secure as hacking in such things is the most common way of spamming now a days. Please ask them to have enough protection against this login brute force attacks.
2. Keep all plugins updated and make sure they remove unwanted plugins and themes from the account time to time.
3. Never use simple passwords for Email accounts, Database user and also for Wordpress/joomla admin accounts.
( You can set a minimum password strength required for all accounts now in cpanel)
4. Put a maldet scan or some other custom scan method for your accounts on a daily / weekly basis
5. If he is just a normal mail user and do not have to sent more emails like newsletter, then limit the hourly mail limit to a lower limit like max email per hour to 100 or below.
6. Setup DKIM and SPF for all domains in your account and if possible Setup DMARC record as well for all accounts.
7. Disable Boxtrapper in tweak settings
8. Change the default setting of accepting non existent mails to your default account to reject saying account do not exist.
9. If you have a CSF firewall installed, add a CC to RELAY Email templates so that you can be aware of any kind of spamming and can block the script or change the password of the compromised account in the starting itself
10. Getting a Modsec for the server with Free Comodo rules is also suggestible as it will block a lot of attacks / compromise attempts.
I hope these much steps will be a good start for you to incorporate other member or friends to your server.
