Changing Exim SMTP IP Address

[madcow774]

I know I can change the IP address that exim uses to send mail by changing the following in my exim.conf

remote_smtp:
driver = smtp

to:

remote_smtp:
driver = smtp
interface = 123.123.123.123

But the problem is that the change gets overwritten with cpanel updates. So I had been using the following solution, which worked perfect until I upgraded to cpanel 11
http://forums.cpanel.net/showpost.php?p=181360&postcount=15

Why does the above solution no longer work? Is there another way to change the outbound IP for exim from within the configuration editor in WHM so it does not get overwritten?

 

[TheStarKillers]

Anyone have a solution?

 

[TheStarKillers]

So is this impossible now?

 

[norelidd]

don't change it in exim.conf directly, but change it int he advanced exim editor in the first box available

 

[TheStarKillers]

That is how it was done previously (except the first box part), but that no longer works.

 

[madaboutlinux]

Here's the iptable rule if other solution won't help you :-
iptables -t nat -A postrouting -o eth0 -p tcp -j SNAT --dport 25 --to-source xx.xx.xx.xx

where,
xx is the new ip on your server from where you will route your emails from.

Then execute :-
service iptables save
service iptables restart

Also you can check whether the rule is added properly or not by :-
iptables -t nat -n -L

 

[hostmedic]

awesome Shekhar

Shekhar -

I think this is the preferred method...

If for any reason someone makes some changes to the exim config - they install Chirpy's mail scanner - or ASSP - or who knows what -

they may not realize what the other settings were for - may forget another tech put them into place etc.



Good Stuff (and hey I learned something today )

 

[TheStarKillers]

When I try to run the iptables command, it returns:

iptables: No chain/target/match by that name

 

[madaboutlinux]

You seems to be on a VPS server where iptable modules isn't installed for your server. Contact your hosting provider and ask them to install it for you. Its just an entry in the conf file of your VPS.

If its a dedicated server, then ask someone to look into it. If I am not mistaken you need to recompile kernel with the missing iptable modules.

 

[TheStarKillers]

It is a dedicated.

If its a dedicated server, then ask someone to look into it. If I am not mistaken you need to recompile kernel with the missing iptable modules.

The kernel is compiled the way cPanel compiles it, though I think I am one version behind - I'll do a reboot tonight and see if the new version has it. If that doesn't do it, I'll recompile the kernel myself and include all the iptables modules.

 

[hostmedic]

cPanel does not recompile your kernel

I don't believe I am off my rocker here -

cPanel does not recompile your kernel.

I would suggest peeking here for a how-to

http://www.eth0.us/taxonomy/term/12

 

[hostmedic]

how to install iptables

In most Linux installs iptables has become a standard option, especially Red Hat. There is a very good chance that iptables is already installed on your machine.
Check by:

1. Opening a terminal window (making sure to be logged in as root).

2. Typing: # iptables

3. If iptables is installed, you should get the following message:

iptables v1.2.8: no command specified
Try 'iptables -h' or 'iptables --help' for more information
4. If this message does not appear, then follow the directions in this link to install iptables.


http://www.cae.wisc.edu/site/public/?title=iptables-installing

 

[TheStarKillers]

I don't believe I am off my rocker here -

cPanel does not recompile your kernel.

Well some software does, perhaps yum. One thing is for certain, something that is installed on the box and comes with fairly default software does compile the kernel.

I would suggest peeking here for a how-to

http://www.eth0.us/taxonomy/term/12

No need for a how-to, I am aware of how to compile a kernel.

iptables is installed, I am running CentOS (and kernel will be 2.6.9-55.0.2.EL after the reboot tonight), but according to Shekhar it is missing one of the modules.

 

[hostmedic]

yes

yum can download a new kernel for you - personally I do not just allow anything to just randomly update my kernels - but I have a few things compiled directly into the kernel for iptables and such so they cannot be undone

My suggestion would be to double check the iptables install -
I am not sure if your missing iptables - and doubt its just a module of iptables

what happens when you type: iptables -V


Also - iptables is here: http://www.netfilter.org/projects/iptablesl if that helps



With a little bit of diligence I am sure we can help you along

 

[TheStarKillers]

I read on these forums some time ago that it is better to let yum upgrade your kernel to the correct version than upgrade the kernel each time yourself, I am not sure if that still holds true.

I do have iptables installed, APF is just a front-end and it runs fine. The version command returns: iptables v1.2.11. If this reboot tonight doesn't fix the problem, I will recompile the kernel myself and include all iptables modules.

 

[hostmedic]

not suggested

Personally I do not suggest allowing YUM to upgrade ...

While Yum is normally good - it is also the most open kernel ...

It has to be open to allow for most all server configurations.

If you know how to do the kernel yourself - I really suggest that you do this...

Personally we do a ton of different things @ the kernel level which help protect the servers

to each their own I guess - personally I would not tell others I only use the default kernel.

If your stuck tomorrow let us know we can try to help you

 

[TheStarKillers]

Didn't have the time to update on the new kernel yesterday. Basically the yum compiled kernel (newest version for my server according to yum) did not help.

I was going to recompile the kernel myself but decided to ask a few questions first. Basically, a new version of whatever the latest kernel is according to kernel.org is released very often... that would be a ton of reboots, so what is usually done?

 

[TheStarKillers]

Anyone? The current question stands as follows: to those that upgrade their kernel manually, how often do you do so (and to which versions/based on what)?

 

[TheStarKillers]

Alright, I finally got that rule to work but APF is erasing it. I did iptables save and restart, it is still there but when I restart APF the rule is gone.

Edit: Nevermind, added to postroute APF rules.