The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

SMTP Mail forwarding instead of MX?

Discussion in 'E-mail Discussions' started by beddo, Jul 19, 2007.

  1. beddo

    beddo Well-Known Member

    Joined:
    Jan 19, 2007
    Messages:
    157
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    England
    cPanel Access Level:
    DataCenter Provider
    Hi folks,
    I'm asking about something which Cpanel doesn't do by default (that I can see) but would be a very good feature as far as I am concerned.

    For mail hosting at the moment, Cpanel provides two options:

    1) Accept the mail on the server and hold for POP/IMAP collection
    2) Set the MX record to point somewhere else.

    I used to work for an ISP who provided a different form of mail hosting. This option means that mail comes into the server. An attempt is then made to forward the message on to the destination IP address, if this fails it is held for retry. In the case of the provider I worked for, retries would ocurr at fixed intervals or when the customer issued a finger request from the destination IP address.

    This has the advantage of putting the messages through spam and antivirus filtering, and also that messages aren't rejected if the customer's ADSL goes down.

    So is this option available in CPanel? If not has anyone developed a solution to set this up?
     
  2. VISL

    VISL Member

    Joined:
    Jul 14, 2007
    Messages:
    12
    Likes Received:
    0
    Trophy Points:
    1
    This is something I am looking to do but haven't a clue how to do it :(
     
  3. mtindor

    mtindor Well-Known Member

    Joined:
    Sep 14, 2004
    Messages:
    1,279
    Likes Received:
    36
    Trophy Points:
    48
    Location:
    inside a catfish
    cPanel Access Level:
    Root Administrator
    Some would call that "ETRN" - especially old Sendmail folks. It's nice in theory, but unless your spam filtering MX knows the actual email accounts that exist on the destination server, it has to accept ALL mail for that domain (legitimate, nonlegitimate, specifically addressed and nonexistent alike). As soon as somebody sends a gazillion messages to every guessible name @domain, the server suddenly dies because of the extreme load - again because it has to accept mail for ALL email addresses (existent or not) and then try to forward them.

    Your scenario would mean:
    I could send 20,000 messages to a combination of email addresses @domain.com (none of which exist) - the server would have to accept them all, spam-process all of them, then try to forward them to the recipient mail server. If the recipient mail server is down, your mail spool gets HUGE and your machine dies (if it hasn't already died from the spam processing). If your server then sends the mail to the recipient server and only 1 out of the 20,000 email addresses is a valid email address, the recipient mail server rejects the messages, forcing your system to generate bounce messages back to the 19,999 senders (most likely forged).

    So you have HUGE spam processing load, HUGE amounts of spam to nonexistent email addresses which have to get processed, HUGE numbers of bounces, blacklisted MX, etc., etc.

    ETRN was smart 15 years ago - but times have changed. The only way you shoudl attempt to have a 'backup' MX is if the backup MX truly knows of the existence of ALL email accounts on the recipient server so that it can properly reject incoming email send to nonexistent_addresses@recipient_domain.com.

    Mike
     
  4. beddo

    beddo Well-Known Member

    Joined:
    Jan 19, 2007
    Messages:
    157
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    England
    cPanel Access Level:
    DataCenter Provider
    That's the beast, I'd forgotten everything about what it was called except the name of the server it used to run on. To be honest, the majority of domains on our server don't receive a silly enough amount of traffic to cause problems. Infact the ones that are currently in need of this service except all mail to a catchall to be collected via an exchange pop3 collector or equivalent so they would be subject to exactly the same issues.

    Its worth bearing in mind for heavy traffic domains but it would still be an extremely useful tool so I'll look into it if I actually get a few spare minutes sometime soon!
     
  5. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
  6. SageBrian

    SageBrian Well-Known Member

    Joined:
    Jun 1, 2002
    Messages:
    415
    Likes Received:
    2
    Trophy Points:
    18
    Location:
    NY/CT (US)
    cPanel Access Level:
    Root Administrator
    ANY domain can get hit with a wave of spam. It doesn't matter if they usually get only 2 emails a day. Spammers don't care.
    They simply go through a list of domain names, and send a dictionary attack sending emails to every name that has ever existed since dinosaurs were around.

    If you haven't been hit by one yet, you are either lucky, or you have settings to prevent a dictionary attack.

    As for catch-all mailboxes, there's enough written about how bad they are.
    For those accounts that need to use their exchange server, but want the benefit of the spam filtering, I have them use the POP3 retrieval, but then I also have them setup up forwards for each mailbox they have in exchange. This allows my server to reject any misaddressed emails.
     
  7. mtindor

    mtindor Well-Known Member

    Joined:
    Sep 14, 2004
    Messages:
    1,279
    Likes Received:
    36
    Trophy Points:
    48
    Location:
    inside a catfish
    cPanel Access Level:
    Root Administrator
    Just so you know - When we have a customer who absolutely needs to use us as the primary MX but they are using a local mail server on their LAN, if they want to have a catchall alias we forbid it.

    Instead, we tell them - set up one POP3 account, and then set up a forwarder for each valid email account you want to receive email for and forward it to the POP3 account. This way our servers still only have to accept mail for valid addresses.

    Of course, we also notify them that if they add or remove email addresses on their Exchange server (or whatever mail server they are using on their LAN), then they need to also add or remove the corresponding email address on our server.

    Mike
     
  8. mtindor

    mtindor Well-Known Member

    Joined:
    Sep 14, 2004
    Messages:
    1,279
    Likes Received:
    36
    Trophy Points:
    48
    Location:
    inside a catfish
    cPanel Access Level:
    Root Administrator
    Exactly... I posted my last response before I read yours, so I ended up repeating what you said... This definitely works well enough, if one must do it at all.

    Mike
     
  9. SageBrian

    SageBrian Well-Known Member

    Joined:
    Jun 1, 2002
    Messages:
    415
    Likes Received:
    2
    Trophy Points:
    18
    Location:
    NY/CT (US)
    cPanel Access Level:
    Root Administrator
    Yes. But you wrote it so much betterer.
     
Loading...

Share This Page