The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Defining custom routers/transports no longer work in cPanel 11

Discussion in 'E-mail Discussions' started by BOates, Feb 3, 2008.

  1. BOates

    BOates Active Member
    PartnerNOC

    Joined:
    May 28, 2005
    Messages:
    36
    Likes Received:
    6
    Trophy Points:
    8
    Location:
    Michigan
    cPanel Access Level:
    Root Administrator
    Greetings all,

    This problem has existed for quite some time and I've been wracking my brain trying to figure this out. I've found numerous posts and threads on this topic from pre-cPanel 11. In fact, that's how I originally discovered how to accomplish what I had wanted and it did indeed work for some time. However, with the release of cPanel 11 some months back the functionality broke and I've never been able to get it to work again. This is despite the functionality being found in Exim's official documentation.

    What's the ultimate goal? I desire to configure exim in such a state that I am able to define a dedicated IP address as associated with a given domain name. Whenever that domain name goes to send out email, it will originate from that dedicated IP. In effect permitting a domain to be the sole sender from a given IP in a shared environment. The benefit is obviously reducing the chance of being blacklisted by other users on a shared box situation.

    There's one catch to this - it must be cPanel sanctioned. In otherwords, I cannot accept a solution that involves manually modifying exim.conf in such a fashion that results in /scripts/eximup reverting out the changes. If it cannot be accomplished through WHM's Advanced Exim Configuration Editor - it is not useful to me.

    Again, this *was* able to be accomplished in cPanel 10 - but no longer in cPanel 11.

    What's the precise problem?

    I'll describe how I previously went about this. I went into the advanced editor and placed this within the top-most box.

    Code:
    primary_hostname = theshared.serverhostname.com
    smtp_active_hostname = ${lookup{$interface_address}lsearch{/etc/ip_hostnames}{$value}{$primary_hostname}}
    smtp_banner = "${smtp_active_hostname} ESMTP Exim ${version_number}  \#${compile_number} ${tod_full} \n   We do not authorize the use of this system to transport unsolicited, \n   and/or bulk e-mail."
    This sets it up so that when a remote server connects to my server it appropriately obtains the domain associated with the IP and formulates a valid SMTP Banner reply accordingly. *This part works flawlessly*

    Next, a custom router must be added so that we can ultimately define the "interface" used. This is needed because you cannot modify the main router in a cPanel sanctioned fashion. In the top-most box under "ROUTERS CONFIGURATION" this was added:

    Code:
    mylookuphost:
      driver = dnslookup
      condition = "${perl{checkspam}}"
      domains = ! +local_domains
    #ignore verisign to prevent waste of bandwidth
      ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8 : 64.94.110.0/24
      headers_add = "${perl{mailtrapheaders}}"
      transport = my_remote_smtp
    
    myliteral:
      driver = ipliteral
      condition = "${perl{checkspam}}"
      domains = ! +local_domains
      headers_add = "${perl{mailtrapheaders}}"
      transport = my_remote_smtp
    This places these two routers above the default 'lookuphost' and 'literal' routers. Per the note there and per exim.org, top-most routers should take priority. Since these routers are carbon copies of the defaults aside from a custom 'transport' line, I see no reason why they should not work.

    I then go to the top-most box under "TRANSPORTS CONFIGURATION" and place this inside:

    Code:
    my_remote_smtp:
      driver = smtp
      interface = ${lookup{$sender_address_domain}lsearch{/etc/domain_ips}{$value}{$interface_address}} 
      helo_data = ${lookup{$interface_address}lsearch{/etc/ip_hostnames}{$value}{$smtp_active_hostname}}
    This sets the interface based on the sender's domain and you're done at this point. Again, this exact configuration worked great in cPanel 10

    With cPanel 11, it seems all custom routers are flat out ignored. Checking /var/log/exim_mainlog shows that *only* lookuphost and literal routers are being called. Never mylookuphost or myliteral. For the sake of pure testing (obviously this is not cPanel sanctioned) I flat out removed the lookuphost and literal routers to attempt to 'force' Exim to read my custom ones. What resulted was Exim continuing to ignore/bypass them completes and deliver to the 'fail_remote_domains' router which basically broke all mail.

    Regardless what I name my routers/transports and that that precede all other routers in exim.conf -- they are ignored. It seems like cPanel 11's adoption of Exim has some sort of hardcoded reference to these routers and the "order matters, A remote address is passed to each in turn until it is accepted." behavior described by Exim docs no longer holds true.

    To clarify; I realize I can get this working with manually modifying the routers as opposed to creating custom ones. However, this will get reverted out with cPanel/Exim updates and is thus not viable. This was functional pre-cPanel 11. Something seems to have changed.

    Hopefully someone can shed some light on this and has been experiencing the same frustrations?
     
  2. BOates

    BOates Active Member
    PartnerNOC

    Joined:
    May 28, 2005
    Messages:
    36
    Likes Received:
    6
    Trophy Points:
    8
    Location:
    Michigan
    cPanel Access Level:
    Root Administrator
    Just to keep anyone updated who was watching this thread or searches and comes upon it later. I had lodged a support ticket with cPanel regarding this and the ultimate response is as follows:

    --------------

    One item of note would be that Solution #1 wouldn't work. As Chirpy has posted to numerous threads about custom exim mods, exim/cpanel update will strip immutable flags and revert the file regardless. Solution #2 and/or #3 are the only viable ones until this level of customization is supported by cPanel.

    On that note, I have (as advised by cPanel support) created a bug report for this to request this behavior. Anyone perusing this ticket that desires to see the same functionality that I am shooting for, please drop by this bug:

    http://bugzilla.cpanel.net/show_bug.cgi?id=6333

    and give it a vote.
     
  3. cPanelKenneth

    cPanelKenneth cPanel Development
    Staff Member

    Joined:
    Apr 7, 2006
    Messages:
    4,461
    Likes Received:
    22
    Trophy Points:
    38
    cPanel Access Level:
    Root Administrator
    In your setup, is /etc/domain_ips in a similar format as /etc/domainips ?
     
  4. BOates

    BOates Active Member
    PartnerNOC

    Joined:
    May 28, 2005
    Messages:
    36
    Likes Received:
    6
    Trophy Points:
    8
    Location:
    Michigan
    cPanel Access Level:
    Root Administrator
    The configuration I've posted above is very slightly modified from what was posted by nisse in this thread:

    http://forums.cpanel.net/showpost.php?p=304719&postcount=23

    From that post:
    However because of the router/transport problem it never actually calls the custom router/transport and never gets to the point where it has to deal with this. So any potential problems with /etc/domain_ips or /etc/ip_hostnames wouldn't crop up yet. Although the smtp banner *does* get called correctly from /etc/ip_hostnames since that line doesn't deal with routers/transports.
     
  5. cPanelKenneth

    cPanelKenneth cPanel Development
    Staff Member

    Joined:
    Apr 7, 2006
    Messages:
    4,461
    Likes Received:
    22
    Trophy Points:
    38
    cPanel Access Level:
    Root Administrator
    Thank you for the added detail.
     
  6. sawbuck

    sawbuck Well-Known Member

    Joined:
    Jan 18, 2004
    Messages:
    1,367
    Likes Received:
    5
    Trophy Points:
    38
    cPanel Access Level:
    Root Administrator
    Thanks BOates for pursuing this.

    Have been looking/hoping for this functionality in cPanel for some time and settled on the option posted in another forum to manually edit exim.conf. Gets to be a hassle keeping track of the Exim updates.
     
  7. cPanelKenneth

    cPanelKenneth cPanel Development
    Staff Member

    Joined:
    Apr 7, 2006
    Messages:
    4,461
    Likes Received:
    22
    Trophy Points:
    38
    cPanel Access Level:
    Root Administrator
    Remove

    Code:
    condition = "${perl{checkspam}}"
    
    from your routers and it should work.
     
  8. BOates

    BOates Active Member
    PartnerNOC

    Joined:
    May 28, 2005
    Messages:
    36
    Likes Received:
    6
    Trophy Points:
    8
    Location:
    Michigan
    cPanel Access Level:
    Root Administrator
    Oh wow! You're right. It does work then. The only problem is the checkspam() function is beneficial. Without it a lot of features like preventing 'nobody' from sending email, the X per hour mail limit, etc. are bypassed.

    Nonetheless, that's a substantial start. I'll see what I can find. Very odd.
     
  9. BOates

    BOates Active Member
    PartnerNOC

    Joined:
    May 28, 2005
    Messages:
    36
    Likes Received:
    6
    Trophy Points:
    8
    Location:
    Michigan
    cPanel Access Level:
    Root Administrator
    Haha. Oh wow. I figured it out. I can't believe the solution has been staring at me in the face forever. Thank you for nudging me in the right direct, cpanelkenneth.

    The root of the confusion is that on the Advanced Config page much of the uneditable content is flat out wrong and way out of date. When myself and the other folks working on this were copying what was listed on the edit page as the default routers, we were copying OLD routers that no longer applied and would guarantee failure. This is why the perception was there that they were being ignored.

    When you look at the true exim.conf you see they've substantially changed how the routers process. It's no longer a simple lookuphost and literal router with a checkspam and other conditions. Those 'conditions' are now separate routers. These are the default routers now:

    Code:
    checkspam2:
        domains = ! +local_domains
        condition = "${perl{checkspam2}}"
        driver = redirect
        ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8 : 64.94.110.0/24
        allow_fail
        data = "${perl{checkspam2_results}}"
    
    trackbandwidth:
        domains = ! +local_domains
        condition = "${perl{trackbandwidth}}"
        driver = redirect
        ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8 : 64.94.110.0/24
        allow_fail
        verify = false
        data = "${perl{trackbandwidth_results}}"
    
    dk_lookuphost:
        driver = dnslookup
        domains = ! +local_domains
        #ignore verisign to prevent waste of bandwidth
        ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8 : 64.94.110.0/24
        require_files = "+/var/cpanel/domain_keys/private/${sender_address_domain}"
        headers_add = "${perl{mailtrapheaders}}"
        transport = dk_remote_smtp
    
    lookuphost:
        driver = dnslookup
        domains = ! +local_domains
        #ignore verisign to prevent waste of bandwidth
        ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8 : 64.94.110.0/24
        headers_add = "${perl{mailtrapheaders}}"
        transport = remote_smtp
    
    literal:
        driver = ipliteral
        domains = ! +local_domains
        headers_add = "${perl{mailtrapheaders}}"
        ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8 : 64.94.110.0/24
        transport = remote_smtp
    in that order. This is in contrast to the prior TWO old routers that I and others had been using (and that are still displayed on the advanced config page)

    Code:
    lookuphost:
      driver = dnslookup
      condition = "${perl{checkspam}}"
      domains = ! +local_domains
    #ignore verisign to prevent waste of bandwidth
      ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8 : 64.94.110.0/24
      headers_add = "${perl{mailtrapheaders}}"
      transport = remote_smtp
    
    literal:
      driver = ipliteral
      condition = "${perl{checkspam}}"
      domains = ! +local_domains
      headers_add = "${perl{mailtrapheaders}}"
      transport = remote_smtp
    See what I mean? Anyway, the same can be seen with the transports. The new ones:

    Code:
    remote_smtp:
      driver = smtp
    
    dk_remote_smtp:
      driver = smtp
      dk_private_key = "/var/cpanel/domain_keys/private/${dk_domain}"
      dk_canon = nofws
      dk_selector = default
    The old one:

    Code:
    remote_smtp:
      driver = smtp
    With this in hand, I formulated my custom routers based on the new 5 routers and the new 2 transports. The end result is this modification.

    Top Most Box
    (make sure to change your.main.hostname.here to your server's hostname)
    Code:
    primary_hostname = your.main.hostname.here
    smtp_active_hostname = ${lookup{$interface_address}lsearch{/etc/ip_hostnames}{$value}{$primary_hostname}}
    smtp_banner = "${smtp_active_hostname} ESMTP Exim ${version_number}  \#${compile_number} ${tod_full} \n   We do not authorize the use of this system to transport unsolicited, \n   and/or bulk e-mail."
    First Box Under "ROUTERS CONFIGURATION"
    Code:
    mycheckspam2:
        domains = ! +local_domains
        condition = "${perl{checkspam2}}"
        driver = redirect
        ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8 : 64.94.110.0/24
        allow_fail
        data = "${perl{checkspam2_results}}"
    
    mytrackbandwidth:
        domains = ! +local_domains
        condition = "${perl{trackbandwidth}}"
        driver = redirect
        ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8 : 64.94.110.0/24
        allow_fail
        verify = false
        data = "${perl{trackbandwidth_results}}"
    
    mydk_lookuphost:
        driver = dnslookup
        domains = ! +local_domains
        #ignore verisign to prevent waste of bandwidth
        ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8 : 64.94.110.0/24
        require_files = "+/var/cpanel/domain_keys/private/${sender_address_domain}"
        headers_add = "${perl{mailtrapheaders}}"
        transport = my_dk_remote_smtp
    
    mylookuphost:
        driver = dnslookup
        domains = ! +local_domains
        #ignore verisign to prevent waste of bandwidth
        ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8 : 64.94.110.0/24
        headers_add = "${perl{mailtrapheaders}}"
        transport = my_remote_smtp
    
    
    myliteral:
        driver = ipliteral
        domains = ! +local_domains
        headers_add = "${perl{mailtrapheaders}}"
        ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8 : 64.94.110.0/24
        transport = my_remote_smtp
    First Box Under "TRANSPORTS CONFIGURATION"
    Code:
    my_dk_remote_smtp:
      driver = smtp
      interface = ${lookup{$sender_address_domain}lsearch{/etc/domain_ips}{$value}{$interface_address}} 
      helo_data = ${lookup{$interface_address}lsearch{/etc/ip_hostnames}{$value}{$smtp_active_hostname}}
      dk_private_key = "/var/cpanel/domain_keys/private/${dk_domain}"
      dk_canon = nofws
      dk_selector = default
    
    my_remote_smtp:
      driver = smtp
      interface = ${lookup{$sender_address_domain}lsearch{/etc/domain_ips}{$value}{$interface_address}} 
      helo_data = ${lookup{$interface_address}lsearch{/etc/ip_hostnames}{$value}{$smtp_active_hostname}}
    Boom baby. Save that and you're good as gold. Remember, as above the format for the two /etc files you must use are:

    /etc/ip_hostnames
    Code:
    111.111.111.111 some.hostname.here
    222.222.222.222 another.hostname.here
    /etc/domain_ips
    Code:
    clientdomain.com 111.111.111.111
    anotherdomain.com 222.222.222.222
    A side note - make sure RDNS is setup appropriately to reflect what you have in /etc/ip_hostnames

    With that -- this works *great*. Confirmed as fully functional and cPanel friendly such that it'll stick through cPanel/Exim updates.
     
    #9 BOates, Feb 4, 2008
    Last edited: Feb 4, 2008
  10. cPanelKenneth

    cPanelKenneth cPanel Development
    Staff Member

    Joined:
    Apr 7, 2006
    Messages:
    4,461
    Likes Received:
    22
    Trophy Points:
    38
    cPanel Access Level:
    Root Administrator
    What you are seeing is documented in Bugzilla 5927 (http://bugzilla.cpanel.net/show_bug.cgi?id=5927). I'll go ahead and merge your report with that one.
     
  11. sawbuck

    sawbuck Well-Known Member

    Joined:
    Jan 18, 2004
    Messages:
    1,367
    Likes Received:
    5
    Trophy Points:
    38
    cPanel Access Level:
    Root Administrator
    Nice work. Thanks BOates. :D
     
  12. dianaward

    dianaward Well-Known Member

    Joined:
    Dec 9, 2002
    Messages:
    99
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    USA
    cPanel Access Level:
    Root Administrator
    Twitter:
    Help Please

    I realize that this thread is a little old, but I am desperately trying to fix this issue myself. Can someone elaborate a tiny bit more for less experienced people as to how to implement this. I assume that in the router code the IPs in the ignore target hosts should be the IPs on the user's server. The answer may seem obvious to you who understand mail servers, but might be confusing for others. And, does anything need to be changed before doing this on a cpanel server running WHM 11.15.0 cPanel 11.18.3-R21703 CENTOS Enterprise 4.6 i686 on standard - WHM X v3.1.0 ?
     
  13. xoviboy

    xoviboy Member

    Joined:
    Jul 28, 2006
    Messages:
    13
    Likes Received:
    0
    Trophy Points:
    1
    Hi,

    I'm also having a problem with this implementation:
    I get in exim_mainlog, the following error:
    2008-04-04 10:28:27 1JhgLU-0006Ws-TC == **********@gmail.com R=mylookuphost T=my_remote_smtp defer (22): Invalid argument

    The only modification I've made to your example is replacing $interface_address (obsolete) with $received_ip_address

    Any ideea ?
     
  14. seodevhead

    seodevhead Registered

    Joined:
    Feb 22, 2008
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    1
    I would like to hear more on people's success or failures with the above modifications to allow mail to be sent from the dedicated IP's. I am very interested in using this modification, but my sys admin is reluctant. I'd love to hear anyone's story on their implementation of this. Thank you!
     
  15. xoviboy

    xoviboy Member

    Joined:
    Jul 28, 2006
    Messages:
    13
    Likes Received:
    0
    Trophy Points:
    1
    The solution is ok for me, but my only problem is with Webmail. If I send an email from Squirrel or Horde, I get the error:
    2008-04-04 10:28:27 1JhgLU-0006Ws-TC == **********@gmail.com R=mylookuphost T=my_remote_smtp defer (22): Invalid argument

    I know that error 22 is an OS error, but I don't know from where is comming.
     
  16. bin_asc

    bin_asc Well-Known Member

    Joined:
    Jul 18, 2005
    Messages:
    280
    Likes Received:
    0
    Trophy Points:
    16
    After googling, I found that adding :

    Code:
    received_header_text = Received: \
      ${if def:sender_rcvhost {from $sender_rcvhost\n\t}\
      {${if def:sender_ident \
      {from ${quote_local_part:$sender_ident} }}\
      ${if def:sender_helo_name {(helo=$sender_helo_name)\n\t}}}}\
      by $smtp_active_hostname \
      ${if def:received_protocol {with $received_protocol}} \
      ${if def:tls_cipher {($tls_cipher)\n\t}}\
      (Exim $version_number)\n\t\
      ${if def:sender_address \
      {(envelope-from <$sender_address>)\n\t}}\
      id $message_exim_id\
      ${if def:received_for {\n\tfor $received_for}}
    after "smtp_banner" is needed.
    Basically, that will check if the ips exist, else it will fall back to the default one.
     
  17. bin_asc

    bin_asc Well-Known Member

    Joined:
    Jul 18, 2005
    Messages:
    280
    Likes Received:
    0
    Trophy Points:
    16
    I just can`t get this working.
    It takes the ip in the header, but it adds this in the received header ( took it off in gmail ):

    Code:
    Received: from myserverhostname (actualhostname [actualhostnameip])
            by mx.google.com with ESMTP id tralala;
            Tue, 08 Apr 2008 13:27:43 -0700 (PDT)
    As you can see the myserverhostname and actualhostname are there side by side, and I only want the actualhostname left.

    Any ideas ?
     
    #17 bin_asc, Apr 8, 2008
    Last edited: Apr 8, 2008
  18. bin_asc

    bin_asc Well-Known Member

    Joined:
    Jul 18, 2005
    Messages:
    280
    Likes Received:
    0
    Trophy Points:
    16
    *bumping bumping*
     
Loading...

Share This Page