Forward certain domain emails to Smart Host

Provim

Member
Aug 18, 2009
12
0
51
I have a Email filter I set up on a separate server. I want to use it for smart hosting as well. I know what to do on the Smart Host end to configure it. I don't however know what to do on my Cpanel server. I want to be able to forward certain domain's email to the smart host. Not all mail. This way If a client want the service I can turn it on for them. I'm sure it's a exim config that needs to be done. I'm just not sure exactly where or how to right this exception.

Thanks
 

cPanelDon

cPanel Quality Assurance Analyst
Staff member
Nov 5, 2008
2,544
13
268
Houston, Texas, U.S.A.
cPanel Access Level
DataCenter Provider
Configuring Exim to use a Smart Host

For verbose details about configuring and debugging Exim, including an example of how to configure Exim to use a Smart Host, I recommend the training slides PDF labeled "Configuring and Debugging Exim" from Stephen Bee's presentation at the 2009 cPanel Conference; this presentation is available for download within the Training Resources area of our documentation as seen below:
cPanel/WHM Training Resources
Training Slides from the 2009 cPanel Conference
Configuring and Debugging Exim by Stephen Bee
 

Provim

Member
Aug 18, 2009
12
0
51
still can't get it

I follewed the Exim debug link from about and added the smarthost to the routers in the exim.conf. When I send mail out from that domain it does not route through the smarthost server. It just sends it our as normal. However, when I email to this address it won't deliver. It takes that mail and routes it to the smarthost, which is also the inbound spam filter for this domain. so the email just bounces back and forth between the 2 servers before it is delivered back to me as undeliverable mail.

Anyone?
 

Provim

Member
Aug 18, 2009
12
0
51
I'm back to trying to get this to work. Does anyone know how to do this?

I'm trying to have outgoing mail be routed through a smarthost. The emails are sent normally w/o going through the smart host. But If I send an email to that address it then routes it to the smart host and then the message just starts looping.

Here is my exim.conf

Router:

smarthost:
driver = manualroute
transport = remote_smtp_smart
route_data = ${lookup{$domain}lsearch{/etc/smartdomains}}

Transport:

remote_smtp_smart:
driver = smtp
port = 25
hosts = ${lookup{$domain}lsearch{/etc/smartdomains}}
 

mopar93

Registered
Jan 3, 2011
4
0
51
The fix for using a remote host to route all outgoing email may be posted somewhere else on this forum, but I didn't find the correct solution if it is here. I was searching for a method for doing this right from the WHM panel and discovered that this feature is not available. This particular message thread is looking for a solution, so since I've found the solution on my own, I'll post it here so that others can get this working too.

The fix is very simple. It can't be done from the WHM panel, at least not as of Version 11.28, but you can do it manually with a text editor and very little editing.

Log into your server through SSH to a command shell as the root user. Using the text editor "pico", we'll edit the exim config file. Issue the following command:

pico /etc/exim.conf

This loads exim.conf into the editor.

Scroll down until you find the "lookuphost" router. This will be a series of lines that look like the following:

lookuphost:
driver = dnslookup
domains = ! +local_domains
#ignore verisign to prevent waste of bandwidth
ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8 : 64.94.110.0/24
headers_add = "${perl{mailtrapheaders}}"
transport = remote_smtp

Change the "driver = dnslookup" line to the following:

driver = manualroute

Then below the last line that says "transport = remote_smtp", add the following lines:

route_list = * xx.xx.xx.xx
host_find_failed = defer
no_more

The "xx.xx.xx.xx" should be replaced with the IP address of the remote email server. Use the actual IP address rather than the domain name so that exim doesn't have to repeatedly look up the IP address on every outgoing email. Make sure there is a space between the asterisk and the IP address. The asterisk indicates that ALL outgoing mail will go to the remote email server.

The "host_find_failed = defer" line will tell exim to hold the mail in its mail queue if the remote host is down for any reason. It will send the mail out once the remote host is available.

Now, press CTRL-x to save the file and exit pico. Your changes will go into effect once you restart exim. You can do that from the WHM panel or from CentOS while you are still in the shell, the following command works:

/etc/init.d/exim restart

Of course, it's beyond the scope of this message, but the remote email server will also have to be configured to relay email from your server.

One thing to remember is if you do an update to exim, your changes will most likely be overwritten and you'll have to manually edit the file again. Maybe this feature can be added to a future WHM release. It would be very easy to implement.

-Maurice
 
Last edited:

shakuntalam2011

Registered
Jan 8, 2011
1
0
51
The fix for using a remote host to route all outgoing email may be posted somewhere else on this forum, but I didn't find the correct solution if it is here. I was searching for a method for doing this right from the WHM panel and discovered that this feature is not available. This particular message thread is looking for a solution, so since I've found the solution on my own, I'll post it here so that others can get this working too.

The fix is very simple. It can't be done from the WHM panel, at least not as of Version 11.28, but you can do it manually with a text editor and very little editing.

Log into your server through SSH to a command shell as the root user. Using the text editor "pico", we'll edit the exim config file. Issue the following command:

pico /etc/exim.conf

This loads exim.conf into the editor.

Scroll down until you find the "lookuphost" router. This will be a series of lines that look like the following:

lookuphost:
driver = dnslookup
domains = ! +local_domains
#ignore verisign to prevent waste of bandwidth
ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8 : 64.94.110.0/24
headers_add = "${perl{mailtrapheaders}}"
transport = remote_smtp

Change the "driver = dnslookup" line to the following:

driver = manualroute

Then below the last line that says "transport = remote_smtp", add the following lines:

route_list = * xx.xx.xx.xx
host_find_failed = defer
no_more

The "xx.xx.xx.xx" should be replaced with the IP address of the remote email server. Use the actual IP address rather than the domain name so that exim doesn't have to repeatedly look up the IP address on every outgoing email. Make sure there is a space between the asterisk and the IP address. The asterisk indicates that ALL outgoing mail will go to the remote email server.

The "host_find_failed = defer" line will tell exim to hold the mail in its mail queue if the remote host is down for any reason. It will send the mail out once the remote host is available.

Now, press CTRL-x to save the file and exit pico. Your changes will go into effect once you restart exim. You can do that from the WHM panel or from CentOS while you are still in the shell, the following command works:

/etc/init.d/exim restart

Of course, it's beyond the scope of this message, but the remote email server will also have to be configured to relay email from your server.

One thing to remember is if you do an update to exim, your changes will most likely be overwritten and you'll have to manually edit the file again. Maybe this feature can be added to a future WHM release. It would be very easy to implement.

-Maurice

Thanks, for the information.


Shakuntalam2011
 

cybermonk

Member
Jan 25, 2011
20
0
51
This is something I do regularly. Quite a few of my accounts have their own internal MTA and rather than fetchmail the mail in I have their CPanel account forward all their email to it directly. I wanted to post this however as I accidentally discovered another way of doing this without editing the exim conf.
This situation was a (newbie) mistake and totally my bag and should have lost some of the users emails but didn't and here is why.

I normally have at least two domains setup for an account. A public image domain (email www etc) and a worker domain (behind the scenes FQDN's). I was migrating a user over from a fetchmail setup to a smarthost setup and added an entry in /etc/smarthosts for their worker domain. I then placed a domain forward on their public domain to forward to their worker domain. BUT. I hadn't waited for the DNS to fully propagate. The public account was on a reseller account so I couldn't configure a smarthost setup for it.

Tracing an email for the public domain responded with a forward to the worker domain (as I expected), but without an mx record target. The reseller boxes dns cache hadn't got the new mx record for the worker domain yet.

To my surprise emails were not being lost in the ether. All emails were coming in just as I'd intended in the first place. The Cpanel account was accepting them and forwarding them directly to the users internal MTA. Without going to the dedicated Cpanel box that had the smarthost setup.

After looking into this a bit more I have discovered that when you put a domain forward on, exim will forward email for that domain to the next lowest MX on the target domain. But if an mx record for that target domain doesn't exist it will forward the email to the IP that the target domain resolves to.

E.g.
Normal (what I was aiming for)

Reseller --> dedicated --> office
public.com --> mx0 worker.com --> mta.int.worker.com

What happened

rseller --> office
public.com --> worker.com --> mta.int.worker.com

now the only reason this worked was because the worker domain didn't resolve (yet) to have an mx record and the IP that worker.com resolved to was the same external IP of the target smarthost mta.int.worker.com.

Now here is the thing! Using this I have successfully shared load for the user across two cpanel accounts.

public.com mx 10 cpanel1.net (reseller box)
public.com mx 10 cpanel2.net (dedicated box)

both cpanel1 and cpanel2 have domain forwards set for public.com to worker.net
worker.net has no mx records and resolves to the target smarthost IP.

So it appears that if you have a spare (secondary) domain available for a user then you can have all emails come to the cpanel account and setup a smarthost for final delivery without having to have ssh access to the box. It can all be done within WHM (and/or CPanel for that matter).

Here is the sucker punch though. Can any cpanel/exim guru out there confirm for me if this is a bug or an undocumented feature.

Can this method be relied upon to continue to function like this, beyond updates ??
 
Last edited:

cybermonk

Member
Jan 25, 2011
20
0
51
Sorry for double posting but I just realised this behaviour is actually exim complying with the RFC's. Unless
mx_domains (in the dnslookup router) lists the target domain then the A record is tried if an MX entry doesn't exist. So it appears by default (to comply) this method is relatively robust.

Allowing a kind of smarthosting without ssh access if you have a spare domain is neat.
Anyway. Hope this helps somebody.
 

cPanelTristan

Quality Assurance Analyst
Staff member
Oct 2, 2010
7,607
43
348
somewhere over the rainbow
cPanel Access Level
Root Administrator
Correct, exim will use the A record for the domain if an MX record doesn't exist. This is the default behavior that you can test by simply removing the MX record for any domain. At that point, exim simply uses the A record IP for that domain for routing the mail for the domain.
 

cybermonk

Member
Jan 25, 2011
20
0
51
Thanks Tristan. It's probably not something that many would do but for those with just a reseller account or users who do not have ssh access, this will allow them to handle forwarding to a smarthost. registering a spare domain is considerably cheaper than upping to a VPS or dedicated. Also anyone not liking the idea of messing with advanced exim conf can :-
Register a new domain.."something.com"
Give it one single record ... something.com->A->1.2.3.4 ....where 1.2.3.4 is the smart host you want your emails to end up at.
Add a domain forward for the original main domain to the new domain.
Manually change the mail function of the original to be a BACKUP-MX

And wait for the emails to arrive at 1.2.3.4
:)
 

RyanB

Registered
Jun 2, 2011
1
0
51
I have a similar problem, however I need my server only to forward mail for some of the domains hosted on the Server and that those being forwarded go to different servers.
E.g. [email protected] will be local, however [email protected] would have to be sent to server.test.com and I would also need [email protected] to go to a different server server.demo.com.
Does anyone have a solution for this problem. The above solution is for one smart host however I need mine to be domain specific.
 

cPanelTristan

Quality Assurance Analyst
Staff member
Oct 2, 2010
7,607
43
348
somewhere over the rainbow
cPanel Access Level
Root Administrator
You could do the following. First, you would need to create a file /etc/staticroutes and then input the domains with the IPs they would be routing to off the server:

Code:
domain.com1: IP#1
domain.com2: IP#2
Replace the domain name and the IP with the correct domain name and IP for each one.

Alternatively, you could put into that file:

Code:
domain.com1: mail.location1.com (the MX record pointing to the off site server)
domain.com2: mail.location2.com (the MX record pointing to the off site server)
Again, replace the domain name and the mail server's name with the correct domain name and mail server name for each one.

Next, you would need to go to WHM > Exim Configuration Editor > Advanced Editor and locate the routers area there, then put this into that routers box:

Code:
static_route:
   driver = manualroute
   transport = remote_smtp
   route_data = ${lookup{$domain}lsearch{/etc/staticroutes}}
Thanks.
 

sneader

Well-Known Member
Aug 21, 2003
1,195
68
178
La Crosse, WI
cPanel Access Level
Root Administrator
Thank you for this information!

roadrunner.com, in their infinite wisdom, is blocking mail coming from just one of our servers. All of our other servers are fine, and this particular server is not on any other RBL, we've not received any spam complaints to our abuse or postmaster address -- this is coming out of nowhere.

I would like to route any mail destined for roadrunner.com to one of our other servers.

I followed these directions, and it worked GREAT. Just in case anyone needs to do this for a domain that you do not even host, it does work. This will be a handy trick to use in the future!

- Scott
 
Last edited:

sneader

Well-Known Member
Aug 21, 2003
1,195
68
178
La Crosse, WI
cPanel Access Level
Root Administrator
One snag with this setup. rr.com uses (for some reason) subdomains. i.e. [email protected], [email protected], [email protected], etc., etc., etc.

I have had to add every single one of these to /etc/staticroutes, because they are not handled properly by just putting in "rr.com".

I tried using a wildcard like:

*.rr.com: 1.2.3.4

But this isn't catching all their subdomains. I tried searching for solutions, looking at Exim docs, but no luck so far.

- Scott
 

cPanelTristan

Quality Assurance Analyst
Staff member
Oct 2, 2010
7,607
43
348
somewhere over the rainbow
cPanel Access Level
Root Administrator
Hello Scott,

Exim has a great mailing list if you are unable to find a solution otherwise. If you post on their mailing list, they will most times provide a response (usually multiple responses from people well versed in exim). I suggest going to exim.org and joining the list, then posting anything you cannot find there. I send people there all the time when I do not know how to handle their request.

If you do end up posting there, it would be appreciated if you get a good response to post the link here for the solution for future reference, though.

Thanks!
 

sneader

Well-Known Member
Aug 21, 2003
1,195
68
178
La Crosse, WI
cPanel Access Level
Root Administrator
Thanks, Tristan. I did as you suggested, and someone did reply with a solution. In the router config, I just needed to change lsearch to partial-lsearch, like this:

Code:
static_route:
   driver = manualroute
   transport = remote_smtp
   route_data = ${lookup{$domain}partial-lsearch{/etc/staticroutes}}
With this in my /etc/staticroutes:

Code:
cfl.rr.com:  1.2.3.4
tx.rr.com:  2.3.4.5
wi.rr.com:  3.4.5.6
*.rr.com:  4.5.6.7
It works as expected. I'm told that order does not matter, but it seems to make more sense to keep the list alphabetical, and to put the wildcard match at the end.

This will be a great solution to have in our bag of tricks! Thanks for your assistance.

- Scott
 

cPanelTristan

Quality Assurance Analyst
Staff member
Oct 2, 2010
7,607
43
348
somewhere over the rainbow
cPanel Access Level
Root Administrator
Thanks for sharing the information, Scott. Great to hear that they did respond quickly with what was needed. I didn't personally know about partial searches of this nature for exim lists, so that's great to know.