The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Send email from the accounts IP

Discussion in 'E-mail Discussions' started by JIKOmetrix, Jun 16, 2008.

  1. JIKOmetrix

    JIKOmetrix Well-Known Member

    Joined:
    Apr 3, 2007
    Messages:
    56
    Likes Received:
    0
    Trophy Points:
    6
    Hi,

    The 11.23 cpanel is supposed to be able to send email from the account IP instead of the host's IP. Can this be set on per account basis? Many of the users on my server still share the main IP of the server. While others have opted for dedicated IP addresses. I have proper rDNS for account with dedicated IP addressed however the accounts with shared IP addresses do not have proper rDNS.

    Can sending email from the account IP address be set on an account basis?

    Maybe add to a wish list somewhere?

    Thanks,
    Mike
     
  2. tribal

    tribal Member

    Joined:
    Sep 11, 2006
    Messages:
    22
    Likes Received:
    0
    Trophy Points:
    1
    Also

    Is there going to be an issue:

    When you enable this feature, you are told to ensure that the reverse DNS is correctly set as per /etc/mail_reverse_dns

    Which has entrie such as:

    203.23.23.23: mydomain.com

    When previously the reverse has read

    23 14400 IN PTR www.mydomain.com.

    This exists to allow the correct operation of a web SSL certificate.

    Obviously I cannot change the reverse of the SSL cert will produce an error.
    How will this effect mail transport.

    Kevin
     
  3. Serra

    Serra Well-Known Member

    Joined:
    Oct 27, 2005
    Messages:
    213
    Likes Received:
    4
    Trophy Points:
    18
    Location:
    Florida
    SSLs have nothing to do with transports, so that doesn't matter. However, my system properly identifies all of my domains and the /etc/mail_reverse_dns matches the SSL name.
     
  4. Serra

    Serra Well-Known Member

    Joined:
    Oct 27, 2005
    Messages:
    213
    Likes Received:
    4
    Trophy Points:
    18
    Location:
    Florida

    The rDNS for your shared accounts should be the server name, not their address. That is normal and works fine.
     
  5. tribal

    tribal Member

    Joined:
    Sep 11, 2006
    Messages:
    22
    Likes Received:
    0
    Trophy Points:
    1
    Serra,

    I can only assume that you have all your SSL web certificates in the form

    mydomain.tld rather than www.mydomain.tld

    For the correct operation of a web certificate registered as www.mydomain.tld the reverse must match.

    WHM is telling me I must set the reverse as mydomain.tld rather than www.mydomain.tld.

    Thus the question is what effects will this have on mail transport if I do not do as WHM suggest and change the reverse as it advises.

    Kevin
     
  6. JIKOmetrix

    JIKOmetrix Well-Known Member

    Joined:
    Apr 3, 2007
    Messages:
    56
    Likes Received:
    0
    Trophy Points:
    6
    Ah ha!, I was under the impression that it went something like for NOT having this set:

    email is queued, host connects to receiving server, Identifies itself as the host, receiving server reverse lookup host and confirm the rDNS of IP being sent from matches the host identity.

    Now with Send from Account IP ON:

    host identifies itself as the sending domain, receiving server reverse lookup domain to confirm the rDNS of IP being sent from matches the host identity.

    I thought that was why it was important to have proper rDNS so forward and reverse DNS point to each other.

    I may not have the proper flow here. I'm going to test this on a beta server I have.

    Mike
     
  7. Serra

    Serra Well-Known Member

    Joined:
    Oct 27, 2005
    Messages:
    213
    Likes Received:
    4
    Trophy Points:
    18
    Location:
    Florida
    On the shared IP, the RDNS is the server. The mail server looks at the RDNS to see if the sender is authorized to send on that IP by looking up the DNS record of the domain, which points to the IP, which has the RDNS.

    Send an email to gmail and look at the header.

    It is ok if the RDNS doesn't match the domain name. It just has to point to the IP.

    (Otherwise, you'd need a dedicated IP for every domain.)
     
  8. JIKOmetrix

    JIKOmetrix Well-Known Member

    Joined:
    Apr 3, 2007
    Messages:
    56
    Likes Received:
    0
    Trophy Points:
    6
    Hi,

    I see. Thanks for the follow up.

    Mike
     
  9. cPDan

    cPDan cPanel Staff
    Staff Member

    Joined:
    Mar 9, 2004
    Messages:
    711
    Likes Received:
    4
    Trophy Points:
    18

    The first is not a DNS entry but an data mapping for internal use. The latter is a DNS entry that should be in the reverse DNS entry's zone file
     
  10. JIKOmetrix

    JIKOmetrix Well-Known Member

    Joined:
    Apr 3, 2007
    Messages:
    56
    Likes Received:
    0
    Trophy Points:
    6
    Hi,

    I have enabled the send from account IP in Exim config on my shared server and all seems to be working well. cPanel made the mapping entries for those accounts that do not use the shared IP and have dedicated IP's.

    So far so good.

    Mike
     
  11. tribal

    tribal Member

    Joined:
    Sep 11, 2006
    Messages:
    22
    Likes Received:
    0
    Trophy Points:
    1
    Dan,

    Firstly, You are correct the first is not a DNS entry. But secondly the second is an example of a reverse DNS entry that WHM is advising me should not be in the zone file. WHM is saying I need to ensure the entry has no www which breaks the entire system that WHM has set up for hosting SSL websites.

    I will annotate the previous post

    you are told to ensure that the reverse DNS is correctly set as per /etc/mail_reverse_dns

    Which has entries such as:

    203.23.23.23: mydomain.com

    Yes the above is not a DNS entry, WHM is instructing us to ensure it matches the reverse DNS entries

    When previously the reverse has read

    23 14400 IN PTR www.mydomain.com.

    The above is a DNS entry, and it is set such that SSL works on the web.

    If I do what WHM instructs, that is ENSURE then the SSL cert will not work

    The question is do I have to ensure this or not. Have a think, about where bounced mail will go, that's what I am wondering.

    Cheers

    Kevin
     
  12. cPDan

    cPDan cPanel Staff
    Staff Member

    Joined:
    Mar 9, 2004
    Messages:
    711
    Likes Received:
    4
    Trophy Points:
    18
    Could you be more specific where its saying this?

    Just for clarification, you're point is that if the FQDN that the IP points to does not match the FQDN of the cert, you'll get a "do you accept this cert" prompt from the browser?
     
  13. tribal

    tribal Member

    Joined:
    Sep 11, 2006
    Messages:
    22
    Likes Received:
    0
    Trophy Points:
    1
    Dan, right next to the checkbox to turn this feature on.

    ** Send outgoing mail from accounts ip address instead of the main ip address. [Warning: If you turn this setting on you should make sure your reverse dns entries match the ones in /etc/mail_reverse_dns] [?]

    My bad, it's 'make sure' not 'ensure'

    Yes, for now that's the first point - if I follow the instruction then a cert warning will occur.


    Kevin
     
  14. tribal

    tribal Member

    Joined:
    Sep 11, 2006
    Messages:
    22
    Likes Received:
    0
    Trophy Points:
    1
  15. cPDan

    cPDan cPanel Staff
    Staff Member

    Joined:
    Mar 9, 2004
    Messages:
    711
    Likes Received:
    4
    Trophy Points:
    18
    thanks for the specifics, from what I read it sounded like the zone editor or something was throwing a warning about the entry having no preceeding 'www.'
     
Loading...

Share This Page