Trying to setup a new IP to send mails from an EC2 instance

Operating System & Version
CentOS 7.9
cPanel & WHM Version
96.0.8

innovaciones

Registered
Mar 25, 2008
4
0
51
Hello, so here is some background, I setup a new AWS EC2 instance with WHM, got 2 new IPs from AWS and linked to my instance, setup custom DNS (ns1.myserver.com, ns2.myserver.com), DKIM, SPF, DMARC and all that stuff, even fill the AWS form to setup PTR with my custom hostname and the server main IP, and lift the email restriction from my new instance, everything works great except one little detail, the new IP was already blacklisted on some "obscure" spam list (it is not on mxtoolbox or multirbl.valli.org and my IP is clean on both) and sadly this list is affecting some important mails to be rejected from my server.

Yes I already filled the form to unlist my server IP but not luck, not even a confirmation mail, I filled the form like 4 times and still not a single answer from this company list, the list name is Proofpoint and here is the unlist form: Home | Proofpoint Dynamic Reputation - IP Lookup

So after some days and still being blocked and not a single answer from them I'm considering getting new IPs for the server but I really really don't want to deal with all that work and possible problems, so I'm here asking for your help, what would be the best way to change the mail IP without needing to update the main server IP, DNS, PTR and all the things that already have my current IP?

BTW my secondary IP is blocked too, so my plan was getting new IPs from AWS until I get one that is not blocked in this list.

I did some research and found out about this: How to Configure the Exim Outgoing IP Address | cPanel & WHM Documentation but what about PTR? do I need to fill the AWS form again with the new IP?

Bottom line what is the best way to add a new IP and using it for sending mails without affecting my current setup?

I would really appreciate any light for this, thank you!!
 
Last edited by a moderator:

cPRex

Jurassic Moderator
Staff member
Oct 19, 2014
6,923
912
313
cPanel Access Level
Root Administrator
Hey there! In general, I like to keep the PTR pointed to the server's hostname, as that will still show up in the mail headers. The only time you need to create additional PTR records is if you also start adjusting the /etc/mailhelo file to change the helo banner.

There's some good discussion on this in the following thread you may want to check out: Correct rDNS / HELO when using /etc/mailhelo and /etc/mailips ?
 

innovaciones

Registered
Mar 25, 2008
4
0
51
Hey there! In general, I like to keep the PTR pointed to the server's hostname, as that will still show up in the mail headers. The only time you need to create additional PTR records is if you also start adjusting the /etc/mailhelo file to change the helo banner.

There's some good discussion on this in the following thread you may want to check out: Correct rDNS / HELO when using /etc/mailhelo and /etc/mailips ?
Thank you for your reply, ok so because I already have a valid PTR with my current IP I don't need to do anything else except changing the Exim Outgoing IP Address? and I guess include the new IP on the SPF?

When I sent email from the new IP how the PTR validation would work? the recipient server will check just the hostname from the headers and not the sender IP?
 

cPRex

Jurassic Moderator
Staff member
Oct 19, 2014
6,923
912
313
cPanel Access Level
Root Administrator
That all sounds correct to me :D

The worst-case scenario is that you try it, run into issues, and then need to set up an additional PTR record. You can't really "break" anything. I'd leave the PTR as is for now, add the second IP to the SPF, and see if that has any delivery issues to a place like Gmail.
 

innovaciones

Registered
Mar 25, 2008
4
0
51
I plan doing this on this weekend on non-business hours incase anything breaks and also use the new IP for a secondary domain for testing (/etc/mailips "secondarydomain.com: 192.168.0.2"), but I'm really confused in this PTR thing lol, sorry for this question but what is the difference between asking AWS to setup a custom PTR instead using the option "add a PTR record" using cPanel DNS Zone Manager?

I found this notice from this documentation How to Configure Reverse DNS for BIND in WHM | cPanel & WHM Documentation

If you are updating PTR records for mail purposes, it is only necessary to update the records for IP addresses that your sites use to send mail.
So I guess I would need a new PTR for the new IP too? can I ask AWS to have 2 different IPs using the same hostname for PTR?
 

Attachments

innovaciones

Registered
Mar 25, 2008
4
0
51
Thank you for all your help!! I really appreciate it, I'm gonna try to setup everything this weekend wish me luck, thanks!