Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

exim mailhelo/mailips domain settings

Discussion in 'E-mail Discussion' started by Draca, Oct 15, 2018.

  1. Draca

    Draca Registered

    Joined:
    Dec 21, 2006
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    151
    Location:
    Stockholm, Sweden
    Hello everyone, i think this is my first post here.

    so i have been for months now trying to trouble shoot email issues.. now first, email does work. however it frequently happens that mails send from domains on my server to gmail and hotmail frequently disappears into gmail/hotmail spambox.

    so i was checking around and i had several issues.
    1. my server would not connect with TLS.. FIXED
    2. i was missing DMARC for all my domains. (this i didn't know was needed) FIXED
    3. smtp reverse dns mismatch.. fixed?
    4. smtp valid hostname.. fixed?
    5. smtp banner check.. fixed?

    so mxtoolbox is reporting everything is ok now, but i still get reverse dns translating to the PTR record of the hostname, not the domain name.

    (i'm not using the actual domain names because it's the internet after all :))

    my server has 3 ips (plus 2 for dns). the PTR records are
    x.x.x.210 one shared under server.example.com
    then x.x.x.213 dedicated shared.example.com (pun intended with the shared being dedicated)
    then x.x.x.214 dedicated secundus.example.com

    on x.x.x.210, server.example.com i have several domains listed, one is lets say smurf.com when i send emails from this one i have to connect to server.example.com for outgoing mail and the reverse dns resolves to server.example.com.
    everything i send is therefor branded server.example.com instead of mail.smurf.com which would make more sense.

    and if i send the mail from the the dedicated ip address on shared.example.com with only one domain, lets call it example.net, i still connect the imap and smtp to server.example.com. and when i send the email the source of the email reads server.example.com but the reverse lookup for example.net is shared.example.com.

    menaing if i send mail donald@example.net to someusr@gmail.com (get it? scrooge has gmail because it's free) it's going to show up as coming from server.example.com instead of mail.example.net
    it would make more sense if the source of the mail comes from mail.example.net

    this is getting to be long, but anyway, as i figured it has something to do with exim configuration for mailhelo, mailips and mail_reverse_dns to do and certain exim configuration.
    i have followed a billion guides on how to set this correctly but i still just can't figure it out.
    i get the idea that if the sending domain isn't showing and instead a different hostname is showing it will affect if the email ends up in the spambox or not.

    so having followed these billion guides, i still cannot grasp how to configure these damn files correctly. i feel really stupid.

    basically, i want the following.
    i want all the domains on the shared ip to send from their own domain names.
    I want the domain on the dedicated ip to send form the own domain name.
    i want reverse dns translation to be the domain name (is this important? is it enough with it being the hostname?
    i want the email client to connect to mail.domain.tld, not to server.example.com for both outgoing and incoming. incoming seems to work and i see a cname for mail in the dns for example.net so connecting to mail.example.net works but sending email has to be server.example.com.
    can i just make a cname for mail.example.net to server.example.com and it works?
    will this display outgoing domain correctly?

    how do i need to configure the mailips and mailhelo?
    right now the only thing i have in mail_reverse_dns
    is the 3 ips of and three hostnames mentioned in the beginning
    x.x.x.210 server.example.com
    x.x.x.213 shared.example.com
    x.x.x.214 secundus.example.com

    i have also edited some exim settings (like smpt_banner etc) according to the best guide i found for this.

    i feel like i'm going crazy. most mails are going through, but this can't be the 100% correct settings for the server?? can anyone help?
     
    #1 Draca, Oct 15, 2018
    Last edited by a moderator: Oct 15, 2018
  2. cPanelLauren

    cPanelLauren Forums Analyst II Staff Member

    Joined:
    Nov 14, 2017
    Messages:
    6,248
    Likes Received:
    478
    Trophy Points:
    233
    Location:
    Houston
    cPanel Access Level:
    DataCenter Provider
    @Draca

    Glad you joined us and posted here! For the three items here:

    Code:
    3. smtp reverse dns mismatch.. fixed?
    4. smtp valid hostname.. fixed?
    5. smtp banner check.. fixed?
    If you're using MxToolBox to check there's a known false positive when you have the following enabled in WHM>>Service Configuration>>Exim Configuration Manager ->
    Introduce a delay into the SMTP transaction for unknown hosts and messages detected as spam.

    I usually recommend that while testing you disable this then enable it once more after you're done.

    So here's what I usually recommend.

    - If all 3 of your IP addresses are added to the same box every single one of them should have rDNS pointing to the hostname of the server. It doesn't matter if they're dedicated IP's or not
    - I don't usually touch /etc/mailhelo as it's not necessary because most of the spam filters are expecting to see rdns point back to the hostname of the server, not the domain.
    -Set "send mail from Accounts Ip address" if you want to send from the dedicated IP address.
    - the last thing is to ensure that DKIM and SPF are set up, DMARC is not mandatory in most instances but definitely useful.

    I hope that helps.

    Thanks!
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. Draca

    Draca Registered

    Joined:
    Dec 21, 2006
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    151
    Location:
    Stockholm, Sweden
    this is really helpful

    yes exactly, mxtoolbox is nagging about smtp delay and the "recommendation" is to turn it off, but if i understand what you're saying correctly is that in by doing so, if gmail "thinks" my outgoing email is a spam, my server will realize it and delay sending and hence the receiving server will realize "whoops it's not a spam" if the function is enabled, but not if the function is turned off. and that's because spam servers would never do this?.

    yes all ips are on the same physical server, however the PTR's require to be of different name for each IP.

    dkim, spf and dmarc are all set up properly, i heard something about gmail thinking highly of dmarc.

    so regardless if i have "send mail from accounts ip address" on or not should i have the reverse dns pointing to only the server hostname (same ip), for all domains regardless of which IP they are actually on?
    I was thinking that might cause some issues since the server would be reporting different PTR's for different IP's but it kinda makes sense when you say it the way you do.

    also i'm guessing the easiest way to point everything to server.domain.com in the mail_reverse_dns file is just
    Code:
     *: server.domain.com 
    ?

    i'll check it out.

    thanks!
     
  4. cPanelLauren

    cPanelLauren Forums Analyst II Staff Member

    Joined:
    Nov 14, 2017
    Messages:
    6,248
    Likes Received:
    478
    Trophy Points:
    233
    Location:
    Houston
    cPanel Access Level:
    DataCenter Provider
    Hi @Draca

    Have you been setting up PTR records with your provider? This would be the best course of action.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. Draca

    Draca Registered

    Joined:
    Dec 21, 2006
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    151
    Location:
    Stockholm, Sweden
    the ips all have proper PTR records on the server.
    the main domain name (which has the ptr for server.domain.com) also has A Name records for the PTRs. (do the A name records also need to be in the other domains dns settings?)
     
  6. cPanelLauren

    cPanelLauren Forums Analyst II Staff Member

    Joined:
    Nov 14, 2017
    Messages:
    6,248
    Likes Received:
    478
    Trophy Points:
    233
    Location:
    Houston
    cPanel Access Level:
    DataCenter Provider
    Hi @Draca


    The A records do not need to be in the other domains DNS settings, no. You should be good to go if all PTR's and A records resolve.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice