Force the correct MX record for remote delivery?

FM Kappungal

Member
Feb 24, 2019
19
3
3
Saudi Arabia
cPanel Access Level
Root Administrator
A user sends an email to example.com . The mail bounces back with "550 #5.1.0 Address rejected"
When I did a DNS lookup for the MX records of example.com, I got:
example.com MX preference = 20, mail exchanger = smtp3.example.com
example.com MX preference = 10, mail exchanger = smtp2.example.com
example.com MX preference = 10, mail exchanger = smtp1.example.com
example.com MX preference = 40, mail exchanger = smtp4.example.com
example.com MX preference = 30, mail exchanger = relay.example.net

Now the server that is rejecting with 550 5.1.0 is the last one in the list, relay.example.net.

After lots of testing and checking from other mail servers, I realise that mailserver is faulty, it rejects all connections.

But, the other MX records are fine.

Is there any way to ensure that when a user sends an email to the domain example.com, my server will not contact the faulty MX server, but instead only contact one of the four working servers?

Thanks
 
Last edited by a moderator:

cPanelMichael

Technical Support Community Manager
Staff member
Apr 11, 2011
47,911
2,234
363
cPanel Access Level
DataCenter Provider
Twitter
Hello @FM Kappungal,

If you don't have control over the DNS for "example.com", then the best approach to this type of problem is to contact the email administrator for the remote domain and report the issue.

Thank you.
 

FM Kappungal

Member
Feb 24, 2019
19
3
3
Saudi Arabia
cPanel Access Level
Root Administrator
Hi @cPanelMichael

Thank you.

I did send an email to the webadmin for that domain to rectify the faulty MX, but didn't get any response. That's why I'm looking for any workarounds to prevent my client's emails to that domain from bouncing.

If I manually create a DNS zone for that domain and enter only the 4 working MX records, will that help? I would assume that cpanel first queries the local DNS before venturing outside right?

The risk in that case would be that in case the original domain owners change their MX records or IP's , I wouldn't know.

But is my thinking correct?

Is there any other way of stopping cpanel from picking the faulty MX? Like some "do-not-send-to" blacklist?

Any help is appreciated.

Thanks
 

cPanelMichael

Technical Support Community Manager
Staff member
Apr 11, 2011
47,911
2,234
363
cPanel Access Level
DataCenter Provider
Twitter
Hello @FM Kappungal,

I don't have a specific example to provide, but you should be able to use the Exim manualroute feature for the purpose you are seeking:

20. The manualroute router

The manualroute router is so-called because it provides a way of manually routing an address according to its domain. It is mainly used when you want to route addresses to remote hosts according to your own rules, bypassing the normal DNS routing that looks up MX records.
Let me know if this helps.

Thank you.
 

cPanelMichael

Technical Support Community Manager
Staff member
Apr 11, 2011
47,911
2,234
363
cPanel Access Level
DataCenter Provider
Twitter
What about your comments on my idea of creating a DNS zone for that domain on WHM with the preferred MX records?
Hello @FM Kappungal,

I don't believe that method will work because Exim will still check externally to see where the DNS for the domain is hosted. That said, let us know the outcome if you decide to test out that method.

Thank you.
 

FM Kappungal

Member
Feb 24, 2019
19
3
3
Saudi Arabia
cPanel Access Level
Root Administrator
Hi Michael,

Yes, you're right. It didn't work. Exim would still randomly end up targeting the faulty MX record of the lot.

But thanks to your suggestion of manualroute, I was able to fix the problem. I added the following lines:

example.com:
driver = manualroute
domains = example.com
transport = remote_smtp
route_list = example.com smtp1.example.com:smtp2.example.com:smtp3.example.com randomize​

I was tempted to try dkim_remote_smtp as the transport, but then decided to keep it simple. Thanks again Michael.

However, out of academic interest, my questions that still remain:
1. Is there any similar Exim commands that will avoid a particular target host all together?
2. How can I modify the above lines to incorporate dkim for those sending domains that have dkim enabled?
3. Is there any method by which I can be alerted when the original nameserver for example.com ever changes their MX records? Because now that I have effectively hard-coded the MX records permanently for example.com, there is always a risk in case they ever make changes.

Looking forward to your wise suggestions again.

Thanks

FMK
 

cPanelMichael

Technical Support Community Manager
Staff member
Apr 11, 2011
47,911
2,234
363
cPanel Access Level
DataCenter Provider
Twitter
Hello @FM Kappungal,

I'm glad to see the manualroute suggestion helped.

1. Is there any similar Exim commands that will avoid a particular target host all together?
While you could likely explore additional methods of altering the DNS lookups from your system, using the Exim manualroute router seems like the best approach for this task.

2. How can I modify the above lines to incorporate dkim for those sending domains that have dkim enabled?
You could temporarily try using "transport = dkim_remote_smtp" to see if this achieves the result you're looking for. Let me know if you encounter any issues with this method.

3. Is there any method by which I can be alerted when the original nameserver for example.com ever changes their MX records? Because now that I have effectively hard-coded the MX records permanently for example.com, there is always a risk in case they ever make changes.
I see multiple results when searching for "monitor dns changes" on Google. One of those monitoring tools should offer the functionality you are looking for.

Thank you.