WHM/cPanel/Exim Mail Server // Relaying email for specific domain(s) or email address to SMTP Smart Host or remote SMTP server

As with most of my posts, scroll to the Solution section if you are only here for a quick fix.  BUT be sure to check out the Examples at the end of the post!  

WARNING:  You will bypass my attempts at humour to make this read interesting if you skip!

I recently came up against a scenario whereby a client who uses a WHM/cPanel server as a dedicated mail server.  Fine.  Easy Peasy, no issues there.

These guys wanted to relay their mail through an online service for reporting and reputation reasons.  Fine, again, simple.

Naive little me thought "Simple, all I gotta do is log into WHM and tell Exim where to push the mail in their sweet little web interface".  Turned out to be not so straight forward.

The Scenario (long-story-short)

  • Client uses WHM/cPanel system as dedicated mail server (Exim)
  • Wanted to send email for specific domain to specific IP address
  • Wanted to relay all other outbound mail via 3rd party relay service (SendGrid)

The Road to Success

Anyway, I did what all great techies do.  I grabbed myself a coffee, pulled up my big boy pants, Googled until my fingers bled and used the famous trial and error approach until something worked!

Solution

Pre-Requisites

  • Access to WHM/cPanel of mail server in question
  • Access to relay service credentials
    • Ensure all domains relaying through the relay service are configured

Configuration

  • Log into server's WHM interface
  • Browse to Home > Server Configuration > Exim Configuration Manager
  • Select the Advanced Editor tab
  • Scroll to each of the following text fields and paste the data
Section: AUTH
sendgrid_login:
  driver = plaintext
  public_name = LOGIN
  client_send = : [Relay service username] : [Relay service password]

Section: PREROUTERS
reports_to_app:
  transport = reports_smtp
  driver = manualroute
  domains = [Enter domain to be sent to specific IP here]
  route_data = [Enter IP address server you want to redirect the mail to]
send_via_sendgrid:
  driver = manualroute
  domains = ! +local_domains
  transport = sendgrid_smtp
  route_list = "* [relay service name and port] byname"
  host_find_failed = defer
  no_more

Section: TRANSPORTSTART
sendgrid_smtp:
  driver = smtp
  hosts = smtp.sendgrid.net
  hosts_require_auth = smtp.sendgrid.net
  hosts_require_tls = smtp.sendgrid.net
reports_smtp:
  driver = smtp
  hosts = [Enter IP address server you want to redirect the mail to]

  • Scroll to the bottom of the page
  • Click Save
  • Config will be saved and Exim service will be restarted
  • All mail (apart from the domain(s) specified) will be relayed via smart host

Example 1 - All mail to SendGrid


This example outlines the config you will need to push ALL mail to the 3rd party relay service. In this example I am using SendGrid.

NOTE: If sending via SendGrid be sure to use "apikey" as your username in the Auth section!


Section: AUTH
sendgrid_login:
  driver = plaintext
  public_name = LOGIN
  client_send = : apikey : [SendGrid API password]

 Section: PREROUTERS
send_via_sendgrid:
  driver = manualroute
  domains = ! +local_domains
  transport = sendgrid_smtp
  route_list = "* smtp.sendgrid.net::587 byname"
  host_find_failed = defer
  no_more

 Section: TRANSPORTSTART
sendgrid_smtp:
  driver = smtp
  hosts = smtp.sendgrid.net
  hosts_require_auth = smtp.sendgrid.net
  hosts_require_tls = smtp.sendgrid.net

Example 2 - All mail from specific sender address to SendGrid

This example outlines the config you will need to push all mail from a specific email address to the 3rd party relay service. In this example I am using SendGrid.

I am employing this method for customers on a shared hosting platforms that want to achieve a better reputation for outbound emails from their sites.  Messy, but it works!

 To create rules for additional email addresses simply duplicate the "email1" syntax within PREROUTERS and TRANSPORTSTART sections and increment by one.

NOTE: The syntax is identical to Example apart from the addition of the "senders" entry within the PREROUTERS section!


Section: AUTH
sendgrid_login:
  driver = plaintext
  public_name = LOGIN
  client_send = : apikey : [SendGrid API password]

 Section: PREROUTERS
email1_via_sendgrid:
  driver = manualroute
  domains = ! +local_domains
  senders = [enter email address which will be using Smart Host service]
  transport = email1_sendgrid_smtp
  route_list = "* smtp.sendgrid.net::587 byname"
  host_find_failed = defer
  no_more

 Section: TRANSPORTSTART
email1_sendgrid_smtp:
  driver = smtp
  hosts = smtp.sendgrid.net
  hosts_require_auth = smtp.sendgrid.net
  hosts_require_tls = smtp.sendgrid.net

Example 3 - domain1.com to IP and all other mail to SendGrid

In this example the configuration will send emails for:
  • domain1.com to 123.123.123.123
  • All other mail will be send to SendGrid.
NOTE:  If sending via SendGrid be sure to use "apikey" as your username in the Auth section!  Also ensure your "transport" section within PREROUTERS matches the entry in TRANSPORTSTART.

Section: AUTH
sendgrid_login:
  driver = plaintext
  public_name = LOGIN
  client_send = : apikey : [Relay service password]
Section: PREROUTERS
domain1_to_ip:
  transport = domain1_smtp
  driver = manualroute
  domains = domain1.com
  route_data = 123.123.123.123
send_via_sendgrid:
  driver = manualroute
  domains = ! +local_domains
  transport = sendgrid_smtp
  route_list = "* smtp.sendgrid.net::587 byname"
  host_find_failed = defer
  no_more
Section: TRANSPORTSTART
sendgrid_smtp:
  driver = smtp
  hosts = smtp.sendgrid.net
  hosts_require_auth = smtp.sendgrid.net
  hosts_require_tls = smtp.sendgrid.net
domain1_smtp:
  driver = smtp
  hosts = 123.123.123.123

Example 4 - domain1.com to IP and all other mail to SendGrid

In this example the configuration will send emails for:
  • domain1.com to 123.123.123.123 
  • domain2.com to 456.456.456.456
  • All other mail will be send to SendGrid
NOTE:  If sending via SendGrid be sure to use "apikey" as your username in the Auth section!  Also ensure your "transport" section within PREROUTERS matches the entry in TRANSPORTSTART (Underlined in below example).

Section: AUTH
sendgrid_login:
  driver = plaintext
  public_name = LOGIN
  client_send = : apikey : [Relay service password]
 Section: PREROUTERS
domain1_to_ip:
  transport = domain1_smtp
  driver = manualroute
  domains = domain1.com
  route_data = 123.123.123.123
domain2_to_ip:
  transport = domain2_smtp
  driver = manualroute
  domains = domain2.com
  route_data = 456.456.456.456
send_via_sendgrid:
  driver = manualroute
  domains = ! +local_domains
  transport = sendgrid_smtp
  route_list = "* smtp.sendgrid.net::587 byname"
  host_find_failed = defer
  no_more

 Section: TRANSPORTSTART
sendgrid_smtp:
  driver = smtp
  hosts = smtp.sendgrid.net
  hosts_require_auth = smtp.sendgrid.net
  hosts_require_tls = smtp.sendgrid.net
domain1_smtp:
  driver = smtp
  hosts = 123.123.123.123
domain2_smtp:
  driver = smtp
  hosts = 456.456.456.456

Additonal Information

After sending all mail to remote relay service we noticed that emails to a specific sub-domain of the clients were not reaching their destination.  These emails were getting deferred which subsequently stopped ALL mail from being sent successfully until the exim queue was flushed.

 Running the exim -qf command was our immediate workaround, but this is why we eventually configured Exim to send this specific sub-domain email to a specified IP address.

 This is something which will more than likely only be relevant to our system due to the clients original configuration but I will not the error messages here as it may help someone!

Exim Error:  defer (2): No such file or directory

Our mail server was getting "confused" as it was attempting to deliver mail for reports.domain1.com locally, due to the main server hosting domain1.com.

We configured the mail server as per Example 2 above and this resolved our issues.

Comments

  1. Nicole12 February 2021 at 07:47

    http://offshorededi.com offers high quality DMCA Ignored Hosting. We make offshore hosting simple for you to use with reliable servers and one-click installers.

    ReplyDelete

Post a Comment

Popular posts from this blog

Add Multiple Alias Email Addresses to Exchange Online/Office 365 Mailbox

I will keep the BS short for this one BUT there are a few points to mention.  Please read as it will save you time in the long run! When running through this process you MUST specify ALL email addresses that are to be associated with the mailbox you are updating It will overwrite anything that currently exists within the Email Addresses section When specifying the email addresses be sure to pay attention to SMTP and smtp Being an absolute 1337 n00b myself, I originally ran through the process to add additional email aliases to the mailbox.  Unbeknownst to me at the time, running through this process completely overwrites what is associated with the mailbox.  So, my advice?  Create the entire Set-Mailbox  string for all email addresses before starting the process. Anyway, onto the process! If you want to add multiple alias email addresses to an Exchange Online/Office 365 account run through the following: Open Powershell Type the following comman...
Read more

Re-instating "Send As" privilege Windows 2003 Server // GOOD ForEnterprise

You may recall that I had a wonderful time troubleshooting issues with the GOOD for Enterprise service, whereby user's GOOD profiles were falling into a paused state as the service was unable to successfully send emails from the user's Android & iOS apps. GOOD For Enterprise have now outlined a permanent fix for this issue. Using the following fix will re-instate the Send As permissions for the required user accounts that the GOOD app uses to remotely send emails from their handheld apps, therefore eliminating the need to go through the workaround which I had outlined in my previous post . The Permanent Fix In order to achieve a permanent fix for this issue we need to re-instate the Send As ability that the required user accounts had before a certain Windows update removed this right, this is done using the DSACLS utility. The syntax for the correct command is as follows: dsacls "cn=adminsdholder,cn=system,dc=domainname,dc=com" /G "\GoodAdmin:CA;S...
Read more