SOLVED How to prevent all cPanel PHP mail() to be sent from server hostname?

[postcd]

Hello,

i read several topics on how to do that, but found no answer to do it for all current and future accounts.

My issue is that my server provider is denying e-mails sent from my cpanel server. THey are routing all e-mail via some antispam system. When i send mail from example contact form hosted on the server, the exim(?) system says:

2018-03-18 16:08:16 H=mx6-out12.antispamcloud.com [95.211.2.203]:42338 X=TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256 CV=no F=<> rejected RCPT : You do not have sufficient privileges to send mail to this address. Please authenticate and try again.
2018-03-18 16:08:22 H=out2-2.antispamcloud.com [185.201.17.2]:45678 X=TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256 CV=no F=<> rejected RCPT : You do not have sufficient privileges to send mail to this address. Please authenticate and try again.

Mail appears like accepted/sent by exim, but apparently my server provider antispam system block it.

My server provider told me:

"The emails are not being delivered due to sender address verification checks of "[email protected]" failing. Please try sending the outbound messages using an actual email account that belongs to the domain doing the sending. The email address used for the sending must be valid."

I am already including my server provider mail filtering domain in all cpanel SPF:

"v=spf1 include:spf.srvsecure.com +a +mx +ip4:MyServIPHere ~all"

How i can modify all cpanel accounts and make automatically all new cpanels to send mail properly, not via hostname so mail filtering system of my server provider do not complain?

Thank you in advance for the feedback.

I am using PHP 5.x, SuPHP, Exim, latest WHM & cPanel, root privileges

 

[rpvw]

If the problem you are experiencing originates from PHP contact forms hosted on your server, you have a couple of options.

By far the best is to use a script that employs authenticated SMTP to send the mail via PHP. This will automatically use the authenticated email account as the envelope from and should pass all spam tests for sender address.

The second method is to employ the fifth parameter in the PHP mail() function and set the -f [email protected] flag. You should be able to hard code that into the php file that contains the mail() routine.

Both the above examples require modifications at the users hosting files. There is no satisfactory way of implementing this with cPanel on a server wide basis as far as I know but you may want to try the EXPERIMENTAL: Rewrite From: header to match actual sender or the Set SMTP Sender: headers in the Exim Configuration Manager, although I have not seen anyone raving over them so far, nor am I at all sure they will solve your problem.

 

[postcd]

try the EXPERIMENTAL: Rewrite From: header to match actual sender or the Set SMTP Sender: headers in the Exim Configuration Manager

Thank you for your comment! (though it not solved the issue )
"EXPERIMENTAL: Rewrite From: header to match actual sender" , description: "If you choose the "remote" option, only messages that are being sent to remote destinations will be affected."
(in Basic Configuration of the Exim Configuration Manager)

i already have this set to "remote", so it appears to me like it is already enabled. I tried to enable it for "all". but still after exim restart, mail is not authorized as per error log lines mentioned.

Set SMTP Sender: headers - i already have this set to "on"

I do not know what to do, i can not ask all existing and then newly registered users to adjust their scripts.. Also it is not easy for me to migrate to different server provider, current provider told me they can not disable filtering on my IP.

 

[rpvw]

Migrating to another server provider is unlikely to solve the fundamental problem of the php mail() shortfalls. Your problems are not unique to you, they are industry wide.

Your users are the ones that should be responsible for sorting out their own software they deployed on your server. Although it is popular for users to blame the web hosting provider, or the reseller, or the data centre, or anyone else other than themselves, the fact is that whoever chose and deployed and maintains the PHP software that they use on their websites is responsible for configuring it in a way that will work.

i can not ask all existing and then newly registered users to adjust their scripts.

I actually think you can......

I always reach out to my customers and offer commercial support if they need it. After all, this is not actually a server problem. The whole issue would go away if PHP removed un-authenticated mail() functions from their code, and forced everyone to use authenticated SMTP to send their PHP mail.

 

[postcd]

Thank you rpvw, i found i can not even send e-mail from my gmail to [email protected], that e-mail result in same error like when i send e-mail from server ([email protected]) to the outside internet ("You do not have sufficient privileges to send mail to this address. Please authenticate and try again."). The email filtering provider told me it can be cause of whole issue that the mentioned e-mail address does not accept e-mail.

Please can i anyhow make it accept the e-mail from the outside internet please? myserver.hostname.here already has a MX record (i added it today):
$ dig +short mx myserver.hostname.here

0 myserver.hostname.here

$ host myserver.hostname.here.

myserver.hostname.here has address MyCpanelServerIP
myserver.hostname.here mail is handled by 0 myserver.hostname.here.

 

[rpvw]

In the Exim Configuration Manager > ACL Options; Check that you have not enabled:

Reject remote mail sent to the server's hostname
Reject mail at SMTP time if the recipient is an address of the primary hostname of this server. No remote mail should normally be received for the primary hostname, and this has recently become a common spam target.

 

[postcd]

rpvw i think You have just solved this whole issue. E-mails started going in and out. Apparently e-mail filtering provider required that sender must be able to receive e-mail.
Thank you very much for the answers. Hopefully it will help also other people in future who get same error. Thank you for help

---
BTW: to temporarily work around issue where php mail() can not send out of the server, one can set his/her scripts to use PHP SMTP or send to locally hosted domain name, that way external mail filter will not be used.

 

[cPanelMichael]

Hello,

I've marked this thread as solved.

Thank you.

 

[slim]

the Exim Configuration Manager > ACL Options; Check that you have not enabled:

Thanks- This helps