Question:
How can I configure exim to use a dedicated mail server for sending emails from multiple shared hosting servers? I have cloudlinux and cPanel/whm installed on each of them, and I use cPanel webmail for email communication. I am looking for some easy-to-follow guides or tutorials on how to set up exim in this way, as I find the official documentation too complex. Also, is this the best solution for sending 400000+ emails per month, or are there any alternatives that I should consider? Note: I manage all DNS records from the WHM server.
Answer:
How to set up exim to use a dedicated mail server for sending emails from multiple shared hosting servers
Exim is a popular mail transfer agent (MTA) that can send and receive emails using the SMTP protocol. It is often installed and configured by default on servers that use cloudlinux and cPanel/whm, which are common platforms for web hosting. However, if you have multiple shared hosting servers, you may want to use a dedicated mail server for sending emails, instead of relying on the local exim instances on each server. This can have several benefits, such as:
- Improving the deliverability and reputation of your emails, as they will come from a single IP address and domain name, rather than from multiple sources that may vary in quality and reliability.
- Reducing the load and resource consumption on your shared hosting servers, as they will not have to handle the email sending process, which can be intensive and complex.
- Simplifying the management and maintenance of your email system, as you will only have to configure and update one exim instance, rather than multiple ones.
- A dedicated mail server that runs exim and has a valid hostname, IP address, and SSL certificate. For example, we will use `mail.example.com` as the hostname, `203.0.113.1` as the IP address, and `/etc/exim/exim.crt` and `/etc/exim/exim.key` as the SSL certificate files. You can use any domain name and IP address that you own and control, as long as they are properly registered and configured in the DNS records. You can also use any SSL certificate provider that you trust, such as Let’s Encrypt, or generate your own self-signed certificate.
- Multiple shared hosting servers that run cloudlinux and cPanel/whm, and have exim installed and configured by default. For example, we will use `server1.example.com`, `server2.example.com`, and `server3.example.com` as the hostnames of the shared hosting servers. You can use any number of shared hosting servers that you have access to, as long as they are connected to the internet and can communicate with the dedicated mail server.
- Access to the root account or a sudo user on the dedicated mail server and the shared hosting servers, as well as the WHM interface on the shared hosting servers. You will need to perform some commands and configurations on the terminal and the web browser, so make sure you have the necessary permissions and credentials.
In this article, we will show you how to set up exim to use a dedicated mail server for sending emails from multiple shared hosting servers. We will assume that you have the following:
The first step is to configure the dedicated mail server to accept and relay emails from the shared hosting servers. To do this, you will need to edit the exim configuration file, which is usually located at `/etc/exim/exim.conf`. You can use any text editor that you prefer, such as nano, vim, or emacs. Before making any changes, it is recommended to make a backup copy of the original file, in case something goes wrong. You can do this by running the following command:
“`bash
sudo cp /etc/exim/exim.conf /etc/exim/exim.conf.bak
“`
Then, open the exim configuration file with your editor of choice, and look for the following sections:
primary_hostname
This is the hostname of the dedicated mail server, which will be used as the sender address and the HELO/EHLO identifier for outgoing emails. You should set this to the same value as the hostname of the dedicated mail server, which in our example is `mail.example.com`. You can do this by adding or modifying the following line:
“`conf
primary_hostname = mail.example.com
“`
tls_advertise_hosts
This is the list of hosts that are allowed to use TLS encryption when communicating with the dedicated mail server. You should add the hostnames or IP addresses of the shared hosting servers to this list, separated by colons. You can also use wildcards or CIDR notation to specify a range of hosts. For example, in our case, we can use the following line:
“`conf
tls_advertise_hosts = server1.example.com:server2.example.com:server3.example.com
“`
tls_certificate
This is the path to the SSL certificate file that will be used for TLS encryption.
You should set this to the same value as the SSL certificate file that you have on the dedicated mail server, which in our example is `/etc/exim/exim.crt`. You can do this by adding or modifying the following line:
“`conf
tls_certificate = /etc/exim/exim.crt
“`
tls_privatekey
This is the path to the SSL private key file that will be used for TLS encryption. You should set this to the same value as the SSL private key file that you have on the dedicated mail server, which in our example is `/etc/exim/exim.key`. You can do this by adding or modifying the following line:
“`conf
tls_privatekey = /etc/exim/exim.key
“`
relay_from_hosts
This is the list of hosts that are allowed to relay emails through the dedicated mail server, without authentication. You should add the hostnames or IP addresses of the shared hosting servers to this list, separated by colons. You can also use wildcards or CIDR notation to specify a range of hosts. For example, in our case, we can use the following line:
“`conf
relay_from_hosts = server1.example.com:server2.example.com:server3.example.com
“`
host_lookup
This is the list of hosts that are subject to DNS lookups by the dedicated mail server. You should add the hostnames or IP addresses of the shared hosting servers to this list, separated by colons. You can also use wildcards or CIDR notation to specify a range of hosts. For example, in our case, we can use the following line:
“`conf
host_lookup = server1.example.com:server2.example.com:server3.example.com
“`
routers
This is the section that defines how the dedicated mail server routes the incoming emails to the appropriate destinations. You should add a new router at the beginning of this section, that will relay the emails from the shared hosting servers to the external recipients. You can do this by adding the following lines:
“`conf
shared_hosting_relay:
driver = manualroute domains = ! +local_domains transport = remote_smtp route_list = * mail.example.com no_more “`
This router will match any email that is not destined for a local domain (defined by the `local_domains` macro), and will send it to the dedicated mail server itself (`mail.example.com`) using the `remote_smtp` transport. The `no_more` option will prevent any further routers from being applied.
transports
This is the section that defines how the dedicated mail server delivers the outgoing emails to the remote hosts. You should modify the existing `remote_smtp` transport, which is used by the `shared_hosting_relay` router, to enable TLS encryption and set the sender address. You can do this by adding or modifying the following lines:
“`conf
remote_smtp:
driver = smtp hosts_require_tls = * tls_sni = $sender_address_domain helo_data = mail.example.com return_path = [email protected] “`
This transport will use the SMTP driver to deliver the emails, and will require TLS encryption for all hosts (`hosts_require_tls = *`). It will also use the sender address domain as the TLS SNI (`tls_sni = $sender_address_domain`), and the dedicated mail server hostname as the HELO/EHLO identifier (`helo_data = mail.example.com`). Finally, it will set the return path to a generic email address (`return_path = [email protected]`), which will be used for bounce messages and error reports.
Step 2: Configure the shared hosting servers
The second step is to configure the shared hosting servers to use the dedicated mail server as the SMTP relay for sending emails. To do this, you will need to edit the exim configuration file on each shared hosting server, which is usually located at `/etc/exim/exim.conf`. You can use any text editor that you prefer, such as nano, vim, or emacs. Before making any changes, it is recommended to make a backup copy of the original file, in case something goes wrong. You can do this by running the following command:
“`bash
sudo cp /etc/exim/exim.conf /etc/exim/exim.conf.bak
“`
Then, open the exim configuration file with your editor of choice, and look for the following sections:
primary_hostname
This is the hostname of the shared hosting server, which will be used as the sender address and the HELO/EHLO identifier for outgoing emails. You should set this to the same value as the hostname of the shared hosting server, which in our example is `server1.example.com`, `server2.example.com`, or `server3.example.com`. You can do this by adding or modifying the following line:
“`conf
primary_hostname = server1.example.com
“`
tls_advertise_hosts
This is the list of hosts that are allowed to use TLS encryption when communicating with the shared hosting server. You should add the hostname or IP address of the dedicated mail server to this list. For example, in our case, we can use the following line:
“`conf
tls_advertise_hosts = mail.example.com
“`
tls_certificate
This
is the path to the SSL certificate file that will be used for TLS encryption.
Leave a Reply