Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Exchange using Smarthost email marked as spam

Discussion in 'E-mail Discussion' started by Hmmcrunchy, May 9, 2018.

  1. Hmmcrunchy

    Hmmcrunchy Registered

    Joined:
    May 9, 2018
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Norwich
    cPanel Access Level:
    Root Administrator
    Hi There

    We are having some issues with proofpoint spam, they are saying our setup isn't correct -

    SETUP

    - we have an on premises exchange server
    - we have an email mailbox host who
    scans it etc
    and collects email in a mailbox
    - popgrabber software gets the email from the mailbox at mailbox host and puts it into the exchange server for users
    - exchange sends through a smart host send connector
    - we can't send through mailbox host as smart host uses one email user (smartconnector@domainx.com) to authenticate so emails come out for jen@domainx.com as "smartconnector@domainx.com on behalf of jen@domainx.com"
    - Due to this we setup a vps running cpanel as a relay
    - we create in WHM a new account domainx.com and put in an email address smartconnector@domainx.com
    - then we use the IP of the vps as the smart host and the email as authentication

    PROBLEMS

    - 1) we can send using "basic authentication" through one domain domainY.com fine, but when we use basic authentications on domainX.com it doesn't work and we have to specify a trusted IP for the client and use "none".

    both domains have accounts on cpanel and email setup the same, would different versions of exchange do this or do we have to change something our end to enable this on both

    - 2) we can send to anyone fine apart from proofpoint clients - we have been in touch and they say

    is this due to the mail coming in to the mailbox host and going out from the VPS? we have spf records in our domains for the VPS IP and hostname

    thanks in advance for any help
     
  2. cPanelLauren

    cPanelLauren Forums Analyst
    Staff Member

    Joined:
    Nov 14, 2017
    Messages:
    1,855
    Likes Received:
    135
    Trophy Points:
    118
    Location:
    Houston
    cPanel Access Level:
    DataCenter Provider
    Hi @Hmmcrunchy


    It looks like their complaint is the rDNS record:

    - Do domainx and domainy both have the same IP address? If so do you have rDNS set up on this? You can check this by running something like:

    Code:
    host <IPAddressHere>
    Where IPAddressHere is the IP of the domain/s
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. Hmmcrunchy

    Hmmcrunchy Registered

    Joined:
    May 9, 2018
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Norwich
    cPanel Access Level:
    Root Administrator
    HI Lauren

    sorry for the delay - crazy week

    we resolved the proofpoint issue, they were just blocking us then had to admit they had no evidence to do so, so let us through kindly (after 3 weeks)


    re the authentication both domains come into same shared host ( different package in the shared mailbox host so could be different IPs) , then they both send out through the relay server

    domains are from different on premises exchange servers so different originating IPs but going through same server.

    I take it this setup isn't too bad with the trusted IPs

    ideally though (please correct me if im wrong) ive always wanted to have authentication on the outgoing server, to stop rogue machines or clients on the network sending unauthorised spam without the login details, but since we control these networks is that not as much of a problem ?
     
  4. cPanelLauren

    cPanelLauren Forums Analyst
    Staff Member

    Joined:
    Nov 14, 2017
    Messages:
    1,855
    Likes Received:
    135
    Trophy Points:
    118
    Location:
    Houston
    cPanel Access Level:
    DataCenter Provider
    Hi @Hmmcrunchy

    Can you provide a specific example of what you mean? By default cPanel requires authentication for SMTP.


    Thanks!
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. Hmmcrunchy

    Hmmcrunchy Registered

    Joined:
    May 9, 2018
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Norwich
    cPanel Access Level:
    Root Administrator
    Hi Lauren

    sure thing,

    so we bring email down to our shared mailbox host who do all the spam and scanning then grab the emails from it and push them into our exchange server

    since the exchange send connector sends from one address (eg send@domain.com), we cant send everyones mail through the shared mailbox host or we get "on behalf of" on them all as dave would come out as "send@ on behalf of dave" - part of the policy on the shared mailbox host

    so we have set up the relay server to send out.

    ive setup the account on cpanel domain.com
    then add in send@domain.com email address with password to the account

    then I set the send connector ( or my own software) to try to send through that email account and it fails, the only way ive found to allow it is to in the exim manager use "Bypass all SMTP sender verification checks (White List)" and add to the "Trusted SMTP IP addresses" to white list our IP to let the mail through ( assuming this then doesn't authenticate as any password will then work )
     
  6. cPanelLauren

    cPanelLauren Forums Analyst
    Staff Member

    Joined:
    Nov 14, 2017
    Messages:
    1,855
    Likes Received:
    135
    Trophy Points:
    118
    Location:
    Houston
    cPanel Access Level:
    DataCenter Provider
    @Hmmcrunchy

    Neither of those settings should allow for unauthenticated mail to be sent though. Could you open a ticket using the link in my signature so that we can take a closer look? Once it's opened please update this thread with the ticket ID.

    Thanks!
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  7. Hmmcrunchy

    Hmmcrunchy Registered

    Joined:
    May 9, 2018
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Norwich
    cPanel Access Level:
    Root Administrator
    Thanks Lauren

    Will do
     
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice