Configure Smarthost at WHM Server

[muneeb852]

Hi everyone,
I signed up at AWS and created an instance at LightSail. Successfully installed WHM/cPanel and transferred some accounts via Transfer Tool provided at WHM.
Everything was working great and then I tried to send an email. To my surprise i found out that AWS blocks port 25 and I had to write them application for it's opening.
They rejected it and told me to use AWS SES (Simple Email Service). I tried AWS SES and when I wanted to switch to production. They also denied my request.
So, Now i can't use AWS port or SES.

I did some research and found out that there are many smart Hosts available. I wanted to use sendGrid by Twilio.
After signup at sendgrid and verification of email. I added a domain at sendgrid and added SPF, DKIM to that domain.
Then i configured Exim Configuration.


Now, I am able to send emails via sendgrid smarthost for that domain but I can't send emails for other cPanel accounts or any other domains.


What i want is to be able to send emails for all accounts/domains. and whenever any new customer account is created he should also be able to send emails. is there any way to automate this process ?




Above is the email i get when i try to send from some other domain. If i send from domain that was authenticated at sendgrid everything works well.

How do i configure my WHM in such a way that every account and every domain can send email via sendgrid without manually authenticating every domain at my WHM.

 

[ankeshanand]

You could go to WHM > Service Configuration > Service Manager and enable " Exim On Another Port ". In that way, You can change your Mail Port and use SMTP Servers as expected.

 

[muneeb852]

You could go to WHM > Service Configuration > Service Manager and enable " Exim On Another Port ". In that way, You can change your Mail Port and use SMTP Servers as expected.

This way Exim will listen on another port for incoming emails which is not the problem, all incoming emails are okay and works fine. Problem arise when Exim try to send email via port 25 which is blocked by AWS.
Please correct me if I am wrong.

 

[ankeshanand]

This way Exim will listen on another port for incoming emails which is not the problem, all incoming emails are okay and works fine. Problem arise when Exim try to send email via port 25 which is blocked by AWS.
Please correct me if I am wrong.

Exim Mail Server is the outbound SMTP Server which uses Port 25, 587 and 465 to send Mails, Not receive Them! Alternatively, if you still wish to prefer an external mail server, You can setup Smarthost in EXIM.

 

[muneeb852]

Exim Mail Server is the outbound SMTP Server which uses Port 25, 587 and 465 to send Mails, Not receive Them! Alternatively, if you still wish to prefer an external mail server, You can setup Smarthost in EXIM.

Thank you for explaining that to me.

Despite the fact cPanel offers the option to change the port Exim listens on, you cannot use alternate ports for sending mail. Other remote servers are not configured in a way to accept mail on non-standard ports. This is why port 25 is required to be functional for mail to work correctly.

This above quote is mentioned at cPanel Support Article
This clearly means that I should not change the port from default. The best way to go is to configure smartHosts. I also did that but the issue is that all smarthosts wants to authenticate domain first. It works well with domain that I configure but if new account is created or some other accounts that have other domains will not be able to use smartHost. to be able to use it for them i have to manually authenticate all the domains and then it would work. now, this manual process is not ideal in production environments. Thus, I am stuck.

 

[ankeshanand]

Thank you for explaining that to me.




This above quote is mentioned at cPanel Support Article
This clearly means that I should not change the port from default. The best way to go is to configure smartHosts. I also did that but the issue is that all smarthosts wants to authenticate domain first. It works well with domain that I configure but if new account is created or some other accounts that have other domains will not be able to use smartHost. to be able to use it for them i have to manually authenticate all the domains and then it would work. now, this manual process is not ideal in production environments. Thus, I am stuck.

There is only one workaround on Port 25 Block by AWS and thats smarthosts. You can check this Blog or Support Article for more info. If you are stuck, Its better to move away from AWS and Use Other Cloud Providers

 

[muneeb852]

I got my hands on this Article which shows us how to create our own smartHost from cPanel/WHM server.
Main idea here is that we need to create one more WHM server outside AWS, something like Linode or DigitalOcean where they allow port 25 if you request them.

For the sake of explanation. I will call the server with blocked port 25 server1 and the server which has open port 25 by some other provider server2
Once we have server2 ready we will configure our server1 to forward all our emails to server2.

Server 1 Configuration
WHM »Service Configuration »Exim Configuration Manager »Basic Editor
Smarthost support - * server2_IP::587

Server 2 Configuration
WHM »Service Configuration »Exim Configuration Manager »Basic Editor
Trusted SMTP IP addresses - server1_IP
Backup MX hosts - server1_IP

This configuration will send all emails from server1 to server2.
Server2 will accept and forward them to recipients.

The MX records should point to the Mailserver's IP, while SPF records should include the Mailserver's IP.

The above quote is also written at the article. I am confused about MX records, Why should it point to Mailserver's IP (server2).
MX records tells which server will receive the mail. Since I just have problem with sending emails not receiving, Should I leave MX records the way they are normally ?
because I want my server1 to receive emails but only send them via server2

 

[ankeshanand]

You should configure MX records with Server 2 only. Because, In visible cP options, there are only 4 options available and 2 of them are Local Mail Exchanger and Remote Mail Exchanger. If Remote Mail Exchanger is applied, Everything regarding Mails should be on the other server.

And Actually, I suggest you to move away from AWS because using 2 server Licenses would cost you a lot. Try providers like OVHcloud or Interserver which already give open ports and You do not have to purchase the license 2 times.

 

[cPRex]

Thanks @ankeshanand !