The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

How to script /etc/mailhelo to always match reverse DNS

Discussion in 'Workarounds and Optimization' started by cPPhilS, Dec 19, 2014.

  1. cPPhilS

    cPPhilS Member
    Staff Member

    Joined:
    Dec 12, 2012
    Messages:
    7
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Sometimes when using the option "Send mail from account's dedicated IP address" option in WHM "Home »Service Configuration »Exim Configuration Manager" ( http://documentation.cpanel.net/display/ALD/Exim+Configuration+Manager ), the HELO used for sending mail may not match what the IP resolves to with reverse DNS. This can be the case with shared reseller IPs, or dedicated accounts with addon domains and can cause problems and administrative headaches like getting blacklisted in an anti-spam RBL ( DNSBL - Wikipedia, the free encyclopedia ).

    One option is to manually manage /etc/mailhelo and /etc/mailips, as documented at http://documentation.cpanel.net/display/CKB/How+to+Change+the+Sending+IP+for+Outbound+Email+in+Exim . Using that method, you can be very precise about exactly which IP addresses are used for sending email from which domains and what those IP addresses should use for HELO. However, this method requires a lot of administrative overhead, as all of these settings must be manually configured and updated.

    For some administrators, it would be easiest to have /etc/mailhelo automatically managed, but to ensure that the HELO used will always match what is in the PTR record for the IP address. Fortunately, when "Send mail from account's dedicated IP address" is used so is /etc/mailhelo - only it is written automatically. This is file is updated any time userdomains data changes on the server (add a domain, new account, etc) with the /scripts/updateuserdomains script.

    I have written a postupdateuserdomains hook script ( http://documentation.cpanel.net/display/SDK/Script+Hooks ) that rewrites the automatically generated /etc/mailhelo with actual rDNS resolutions for the dedicated IPs.

    Put these contents into /scripts/postupdateuserdomains :
    Code:
    #!/bin/bash
    # by Phil Stark
    #
    # Purpose: Write mailhelo based on actual rDNS lookups from the IPs being used (ideal for /scripts/postupdateuserdomains )
     
    # Clear out the rdns file we make (this file prevents us from having to look up the same IP twice in a single run)
    echo > /etc/rdns
     
    # While loop processes each domain from /etc/mailhelo
    while read DOMAIN
    do
        # Skip ahead if a blank line is read in
        if [ "$DOMAIN" == "" ]
        then
            continue
        fi
     
        # Determine the IP of the domain, based on what is in /etc/mailips
        IP=$(grep "^$DOMAIN" /etc/mailips | awk '{print $2}')
         
        # default to the mainip if nothing is found
        if [ "$IP" == "" ]
        then
            IP="$(cat /var/cpanel/mainip)"
        fi
     
        # If we already looked up this IP, use the value stored in /etc/rdns
        if [ $(grep -c $IP /etc/rdns) -gt 0 ]
        then
            RDNS="$(grep $IP /etc/rdns | awk '{print $2}')"
     
        # If we haven't looked it up, look it up, use it, store it.
        else
            RDNS=$(host $IP | awk '{print $5}' | head -1 | sed "s/\.$//")
     
            # If we don't find anything, default to using the hostname
            if [ "$RDNS" == "3(NXDOMAIN)" ] || [ "$RDNS" == "" ]
            then
                RDNS="$(hostname)"
            fi
     
            # Store our findings in /etc/rdns for future lookup
            echo "$IP: $RDNS" >> /etc/rdns
        fi
     
        # Stash our output in a variable to dump back into /etc/mailhelo later
        OUTPUT+="$DOMAIN: $RDNS\n"
     
    # End of while loop, command substitution used to feed it.
    done < <(awk -F":" '{print $1}'  /etc/mailhelo)
     
    # Write the new /etc/mailhelo
    echo -e "$OUTPUT" > /etc/mailhelo
    
    Be sure it has the executable bit set:

    Code:
    chmod +x /scripts/postupdateuserdomains
    
    That's it.

    If you'd like to see this kind of functionality as a feature in the cPanel/WHM product, please add your votes and comments here:
    An option to use actual reverse DNS resolution as HELO for outbound email. | cPanel Feature Requests

    Also, please be aware that this script is not an official or supported workaround. cPanel will not provide support or troubleshooting for this script outside of this forum thread.
     
  2. sawbuck

    sawbuck Well-Known Member

    Joined:
    Jan 18, 2004
    Messages:
    1,367
    Likes Received:
    5
    Trophy Points:
    38
    cPanel Access Level:
    Root Administrator
    Nice. Thank you Phil.

    Have voted, hopefully others will also.
     
  3. freedomizer

    freedomizer Member

    Joined:
    Nov 24, 2012
    Messages:
    12
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    the script throws errors when using parked domains
    parked domains show up as subdomains in /etc/mailhelo
    so the grep around line 21 needs "-m 1" to limit to the first result:

    Code:
    #added -m 1, max count 1, aliases show up as subdomains in /etc/mailhelo and grep will return several results causing garbled data:
        IP=$(grep -m 1 "^$DOMAIN" /etc/mailips | awk '{print $2}')
    this cleaned up some garbled results in /etc/rdns and /etc/mailhelo

    I also corrected on line 12:
    Code:
    # Skip ahead if a line in /etc/mailips is blank
      if [ "$DOMAIN" == "" ] || [ "$DOMAIN" == "no" ]
      then
      continue
      fi
    
    for some reason /etc/mailhelo contains lines with "no" (probably garbled data) this filters it out
     
    #3 freedomizer, Dec 2, 2015
    Last edited: Dec 2, 2015
Loading...

Share This Page