Sending emails from diffrent sources over different ips

[Hawky]

Hi,

I'm using CPanel 11.34.1 with nearly 100 customers which are using Webspace and Email.

I've the following situation, some of the customers have vulnerable content management systems
installed on their webspace. So far, this isn't a problem. But if some badguys attack such webpages
and uploading some mailingscripts. No they call the scripts and sending spam mails, these mails are
processed through the same IP as the Mails the customers send over threi emailaccounts.

The problem is, if the badmails are detected as spam, the serner ip of the server is blacklistet and
all email traffic is affected by the blacklisting.

So now my reflection is to send the mails from the webpages/scripts to one ip and the mail traffic from
the mailaccounts through another ip. I think this should be possible?

Do you have any ideas how to split this, maybe through a special exim transport route? Is there something built-in in cpanel and I didn't find it ?

thank you!

Bye

 

[cPanelMichael]

Hello

I recommend upgrading cPanel to version 11.38 because it includes several new features and resolutions to past issues. Documentation for cPanel version 11.34 on sending email from specific IP addresses through Exim is available at:

cPanel 11.34 - Exim - Domains and IPs

Thank you.

 

[Hawky]

Hello,

thanks for your answer, but thats not the hint I expected, I think there is a bit misunderstanding. Yes, I know our version should be upgraded to a newer one, but such an upgrade is also connected with a risk. But this is another topic .

The link you tell me, doesn't work, but I think its the entry in your knowledgebase about mailips and maildomains. I use this
feature on one of our system and it works great, but it wouldn't solve my actual problem.

I'm looking for a possibility to separate the mailtraffic within an account, for example:

Our customer "Company A" use the email-accounts included in the package for their business mails. On the other hand they are sending mails through their webpage. Both mails going through one ip (for example 1.1.1.1). We have dozens of these kind of
customers, and everyone sending through 1.1.1.1. Sure we can separate all accounts with dedicated IPs, but thats not the way, I think.

Now one of the customers get hacked and Spammails are sending through their webpage an now the IP 1.1.1.1 is listed on some Blacklists. Now the complete emailtraffic is affected. So I'm looking for a possibility/feature to say "Mails which are coming from the cms/php-scripts .. are sent through IP 2.2.2.2" and all the mails which are generated by real mailaccounts going through 1.1.1.1.

If this would be possible, only the mails from the webpages are affected by listings.

The Cpanel feature to divide the email/IP by domain within the mailip/maildomain files shouldn't solve the problem, also I didn't see such a feature in version 11.38, but it may be that I have overlooked it.

Thanks!

 

[cPanelMichael]

I believe it will work as you intend it to if you configure Exim to send email from the account's dedicated IP address. However, you must configure the mailer to use SMTP and authenticate with SMTP AUTH, and make sure that the application is using the 5th argument to the PHP mail() function to send the '-f' switch to sendmail so that it sets the correct "Return-Path".

Note that cPanel version 11.34 is nearing it's end of life:

cPanel 11.34 - EOL

Thank you.