For all cPanel systems we recommend the following config:
In WHM -> Home -> Service Configuration -> Exim Configuration Manager
Optional Config
cPanel includes its own anti spam features for outbound. We recommend setting:
And limiting emails per hour in WHM -> tweak settings.
Having these settings will prevent easily detectable spam from leaving your systems and help reduce the amount of emails sent.
Option 1: Manual editing through Web Host Manager
In Web Host Manager go to Home »Service Configuration »Exim Configuration Manager
Click Advanced Editor
Find Section: AUTH and add
mailbaby_login: driver = plaintext public_name = LOGIN client_send = : $YOURUSERNAME : $YOURPASSWORD
Find Section: POSTMAILCOUNT
remoteserver_route: driver = manualroute transport = mailbaby_smtp domains = !+local_domains ignore_target_hosts = 127.0.0.0/8 route_list = * relay.mailbaby.net::25 randomize byname host_find_failed = defer no_more
Find Section: TRANSPORTSTART IMPORTANT: ensure X-AuthUser is kept. Failure to do so will result in stricter email filtering
mailbaby_smtp: driver = smtp hosts_require_auth = * tls_tempfail_tryclear = true headers_add = X-AuthUser: ${if match {$authenticated_id}{.*@.*} {$authenticated_id} {${if match {$authenticated_id}{.+} {[email protected]$primary_hostname}{$authenticated_id}}}} dkim_domain = $sender_address_domain dkim_selector = default dkim_canon = relaxed dkim_private_key = "/var/cpanel/domain_keys/private/${dkim_domain}"
Optional Find Section: RETRYSTART
* data_4xx F,4h,1m * rcpt_4xx F,4h,1m * timeout F,4h,1m * refused F,1h,5m * lost_connection F,1h,1m * * F,6h,5m
Find Section: RETRYBLOCK
+secondarymx * F,4h,5m; G,16h,1h,1.5; F,4d,8h * * F,2h,15m; G,16h,1h,1.5; F,4d,8h * auth_failed
Edit /etc/exim.conf.local – if it exists already you will want to merge the config
%RETRYBLOCK% +secondarymx * F,4h,5m; G,16h,1h,1.5; F,4d,8h * * F,2h,15m; G,16h,1h,1.5; F,4d,8h * auth_failed @[email protected] mailbaby_login: driver = plaintext public_name = LOGIN client_send = : $YOURUSERNAME : $YOURPASSWORD @[email protected] @[email protected] chunking_advertise_hosts = "" local_from_check = true # mailbaby max size limit is 100MB while the cpanel default may be less#message_size_limit = 100M ignore_bounce_errors_after = 1h timeout_frozen_after = 12h @[email protected] @[email protected] @[email protected] @[email protected] @[email protected] remoteserver_route: driver = manualroute transport = mailbaby_smtp domains = !+local_domains #uncomment to exclude specific emails or domains #senders = : [email protected] : !*@domain1.com ignore_target_hosts = 127.0.0.0/8 route_list = * relay.mailbaby.net::25 randomize byname host_find_failed = defer no_more @[email protected] @[email protected] @[email protected] @[email protected] @[email protected] @[email protected] @[email protected] @[email protected] @[email protected] @[email protected] * data_4xx F,4h,1m * rcpt_4xx F,4h,1m * timeout F,4h,1m * refused F,1h,5m * lost_connection F,1h,1m * * F,6h,5m @[email protected] @[email protected] @[email protected] @[email protected] @[email protected] @[email protected] @[email protected] mailbaby_smtp: driver = smtp hosts_require_auth = * tls_tempfail_tryclear = true headers_add = X-AuthUser: ${if match {$authenticated_id}{.*@.*} {$authenticated_id} {${if match {$authenticated_id}{.+} {[email protected]$primary_hostname}{$authenticated_id}}}} dkim_domain = $sender_address_domain dkim_selector = default dkim_canon = relaxed dkim_private_key = "/var/cpanel/domain_keys/private/${dkim_domain}"
When done run
/scripts/buildeximconf
Most advanced config occurs in POSTMAILCOUNT. Important – use postmailcount in order to be able to limit emails per hour with in cpanel.
Add to remoteserver route a senders section like
senders = : [email protected] : !*@domain2.com
* is a wild card match so *@domain1.com covers [email protected] and [email protected] covers just that sender. Note the ! needed.
remoteserver_route: driver = manualroute transport = mailbaby_smtp domains = !+local_domains # add senders exclude senders = : [email protected] : !*@domain1.com ignore_target_hosts = 127.0.0.0/8 route_list = * relay.mailbaby.net::25 randomize byname host_find_failed = defer no_more
To do this edit the domains line. Remove the +local_domains which indicates mailbaby is excluded for all local domains. Instead change to
domains = domain1.com : domain2.com : !*
This would force email to the destination domain1.com and domain2.com through MailBaby excluding the others
remoteserver_route: driver = manualroute transport = mailbaby_smtp domains = domain1.com : domain2.com : !* ignore_target_hosts = 127.0.0.0/8 route_list = * relay.mailbaby.net::25 randomize byname host_find_failed = defer no_more
For this add a senders line and instead of ! to negate, remove that to only match the specific domains. * is a wildcard
senders = *@domain1.com : [email protected]
remoteserver_route: driver = manualroute transport = mailbaby_smtp domains = !+local_domains # add senders to include excluding all others senders = *@domain1.com : [email protected] ignore_target_hosts = 127.0.0.0/8 route_list = * relay.mailbaby.net::25 randomize byname host_find_failed = defer no_more
Your email address will not be published. Required fields are marked *
Save my name, email, and website in this browser for the next time I comment.