Best steps to change the main IP address of server?

Metro2

Well-Known Member
May 24, 2006
574
94
178
USA
cPanel Access Level
Root Administrator
I'm hoping that someone can provide a best method for changing the main shared IP (which is also the Exim mail server IP) of one of my servers.

The data center I purchased the server from inherited to me a dirty IP mixed into a /24 net of abusers and spammers, so my customers are getting blocked despite the fact that my IP is squeaky clean.

I've already gone through every unblocking / delisting procedure imaginable (including asking the data center noc to do something about it) but after 3 months of fighting this issue I can see clearly they aren't going to clean up the garbage users from the network.

SO...

Can anyone tell me the best method to assign a new IP as the server's main IP / main shared IP, and if possible without any downtime for my users?

Fingers crossed... and thank you!
 

Metro2

Well-Known Member
May 24, 2006
574
94
178
USA
cPanel Access Level
Root Administrator
Welp.. scratch that I guess...

I was just informed by the data center that the IP is associated with the hardware and it would require them to move my hard drives to a new chassis etc... resulting in, to quote them, up to 24 hours of down time. :(
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,884
2,254
463
  • Like
Reactions: Metro2

360webfirm

Well-Known Member
Oct 5, 2016
96
10
58
Ottawa
cPanel Access Level
Root Administrator
Can a new IP address address an issue with the main server IP being in a blacklist? My host is willig to give me a new IP due to being listed in UCEPROTECT level 2 and 3, would I be able to just configure this new IP just for email and keep the server running on the old blacklisted IP?
 

Metro2

Well-Known Member
May 24, 2006
574
94
178
USA
cPanel Access Level
Root Administrator
@360webfirm - while I'm not certain of the answer to your question, I just wanted to mention that I empathize. UCEPROTECT is infamous for blocking huge ranges of IPs, affecting innocent / clean hosts, and they're in the unethical business of "paid removal". I don't host anything that would be considered even remotely bad, I don't have any spammers or marketers, and my servers score 99 - 100 on Senderscore, yet still UCEPROTECT has caused problems for me on several occasions.
 
  • Like
Reactions: ejsolutions

360webfirm

Well-Known Member
Oct 5, 2016
96
10
58
Ottawa
cPanel Access Level
Root Administrator
Yes thats also correct with me, I am super strict with email, most clients use their own email such as gmail or another provider, but with the MX records set at the server level, the IP still shows these emails as being blacklisted. I hardly have anyone using the c panel email besides myself. The IP is not blacklisted itself, but rather the darn network. So frustrating and I ahve never changed the compleet server IP before and frankly I am worried I will get locked out or configure something incorrectly and I dont even know if the snapshots I take at my host would work if I messed up :-p
 
  • Like
Reactions: Metro2

360webfirm

Well-Known Member
Oct 5, 2016
96
10
58
Ottawa
cPanel Access Level
Root Administrator
Sure - that's a common solution for that issue. Details on how to adjust the email sending IP can be found here: https://support.cpanel.net/hc/en-us/articles/360050896653-Changing-the-outgoing-IP-for-email
So changing just the IP for the email would eliminate the balcklist as long as the new IP was not on there already? I would not have to change the server main IP? havign an email down is one thing, but having the complete server down is another. I would just inquire about an additonal IP? Add that to the server and then configure email server?
 

Metro2

Well-Known Member
May 24, 2006
574
94
178
USA
cPanel Access Level
Root Administrator
Actually this brings up another question...

The article @cPRex linked states:

If you change the outgoing IP address to a non-cPanel main IP address, the cPanel user must update that email address’ SPF record. They can configure the SPF record in cPanel’s Email Deliverability interface (cPanel >> Home >> Email >> Email Deliverability).
But I wonder - if I were to change the IP to one that already exists on the server and is already part of the IP Address Pool in WHM but is not in use / does not have an account on it, would I then still need to change each individual SPF record for each cPanel account on the server? And if so, would I need to change them one at a time or is there a tool/script that would allow me to update them all in bulk? (While still leaving the rest of the SPF records the same, such as includes like _spf.google.com for Google Workspace email users that have their site hosted with me).
 

Metro2

Well-Known Member
May 24, 2006
574
94
178
USA
cPanel Access Level
Root Administrator
Understandable. I'm guessing I'd probably have to document the current SPF entries for each account, then after changing the mail IP go into each account's zone file to put things back in place and add the new IP in each SPF. That would be a long tedious project, so fingers crossed that I never end up having to do it.
 

360webfirm

Well-Known Member
Oct 5, 2016
96
10
58
Ottawa
cPanel Access Level
Root Administrator
SPF records could be a concern for sure. I haven't done extensive testing with that on my end, so I'm not 100% certain what the results would be.
Just to clarify on this, if I purchase an add on with my Host and add another IP to the VPS, I will set up the mail server with these instructions https://support.cpanel.net/hc/en-us...21.2057172605.1659707745-681139013.1659707745

Then if this IP is not the MAIN server IP, (the IP which is blacklisted right now) then I will have to configure SPF and so on top of the instructions above?