Email

Relay Different Domains via Multiple SmartHosts in WHM

If you’re running a shared web-hosting server then you may occasionally have the odd request by a user to relay their mail through their chosen relayer (such as MailGun, Sendgrid, Mailjet etc). This guide will assist you in setting up your WHM to relay different domains via Multiple SmartHosts.

cPanels Blog here explains very well what a SmartHost is. We are going to be following the content of this guide somewhat below with a few extra steps to allow us to specify the domains.

Note: This requires root access to WHM to complete.

Setting up Multiple SmartHosts.

We will assume you’ve already added the domain to your chosen SmartHost(s) control panel, verified the domain and received the appropriate SMTP details to start relaying mail.

In WHM -> Exim Configuration Manager

Login to WHM, go to Exim Configuration Manager, select the Advanced Tab and find the AUTH section similar to the image below.

Copy in the contents of the box below.

#Section: AUTH
#Smart Host Sending
sendbysmarthosts:
driver = plaintext
public_name = LOGIN
hide client_send = : ${extract{user}{${lookup{$sender_address_domain}lsearch{/etc/exim_smarthosts}}}}: ${extract{pass}{${lookup{$sender_address_domain}lsearch{/etc/exim_smarthosts}}}}

Next up we want to add the PREROUTERS section. 

#Section: PREROUTERS
#Smart Host Sending
sendbysmarthostsrouter:
driver = manualroute
domains = ! +local_domains
condition =  "${if eq{${lookup{$sender_address_domain}partial-lsearch{/etc/exim_smarthosts}{$value}}}{}{false}{true}}"
ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8
headers_add = "${perl{mailtrapheaders}}"
transport = sendbysmarthoststransport
route_list = * ${extract{smtp}{${lookup{$sender_address_domain}lsearch{/etc/exim_smarthosts}}}}

Next up we want to add the TRANSPORTSTART section. 

#Section: TRANSPORTSTART
#Smart Host Sending
sendbysmarthoststransport:
driver = smtp
port = ${extract{port}{${lookup{$sender_address_domain}lsearch{/etc/exim_smarthosts}}}}
hosts_require_auth = $host_address
hosts_require_tls = $host_address

And that’s it for the WHM side of things so go ahead and save the configuration.

Multiple SmartHosts – File Modifications in SSH / Terminal

We need to edit a few files so go ahead and open up an SSH session or you can use the Terminal inside WHM.

Let’s start by creating a new file in the etc directory called exim_smarhosts, i.e. /etc/exim_smarthosts 

It should be quite clear but the purpose of this file is to specify the domains and their associated SMTP credentials. In the example below I have demonstrated my own domain.  In this file you only need to add the domains that will be relayed via SmartHost, any domains not specified will continue to be sent out normally through your own server.

# sending by Mailgun
domain1.com: domain=domain1.com user=MAILGUN_smtp_user pass=MAILGUN_api_password smtp=smtp.eu.mailgun.org port=587
benyarwood.co.uk: domain=benyarwood.co.uk [email protected] pass=asupersecretpassword smtp=smtp.eu.mailgun.org port=587

# sending by Mailjet
domain3.com: domain=domain3.com user=MAILJET_smtp_user pass=MAILJET_api_password smtp=in-v3.mailjet.com port=587
domain4.com: domain=domain4.com user=MAILJET_smtp_user pass=MAILJET_api_password smtp=in-v3.mailjet.com port=587

# sending by Sendpulse
domain5.com: domain=domain5.com user=SENDPULSE_smtp_user pass=SENDPULSE_api_password smtp=smtp-pulse.com port=587
domain6.com: domain=domain6.com user=SENDPULSE_smtp_user pass=SENDPULSE_api_password smtp=smtp-pulse.com port=587 

Save and exit.

That’s it! We just need to rebuild the exim configuration to perform a quick syntax check and activate the changes.

/scripts/buildeximconf

At this point I’d recommend heading into cPanel -> Webmail for one of the domains and sending a test email to an outside recipient to check delivery works okay. Also check that you can still send mail from accounts that AREN’T being relayed.

Adapted from a cPanel forum post here

For more WHM related guides please see here

Email

AmazonSES SmartHost – Relay specific domains in WHM / Exim.

So, if you’ve found this guide then you probably already know what AmazonSES and SmartHosts are. In this guide I’ll demonstrate how to specifiy certain domains to be relayed through an AmazonSES SmartHost.

cPanels Blog here explains very well what a SmartHost is. We are going to be following the content of this guide somewhat below with a few extra steps to allow us to specify the domains.

Note: This requires root access to WHM to complete.

Configuring the AmazonSES SmartHost in WHM.

We’ll be jumping right into the WHM/Exim Configuration here, this guide assumes you have already set-up your AmazonSES account, verified your domain and added an “identity” for sending test emails to.

Prepare your AmazonSES SMTP Details. You will need:
SMTP Host (server name): Usually ends amazonaws.com
In this example I will be using “email-smtp.eu-west-2.amazonaws.com” however you MUST use the one specified in your account.
SMTP Username and SMTP Password

AmazonSES SmartHost SMTP Info

Classic Console.

In WHM -> Exim Configuration Manager

Login to WHM, go to Exim Configuration Manager, select the Advanced Tab and find the AUTH section similar to the image below.

Copy in the contents of the box below, but change the USERNAME and PASSWORD to your SMTP Username and Password provided in the Amazon SES Management Console.

## AmazonSES 
ses_login: 
driver = plaintext 
public_name = LOGIN 
client_send = : USERNAME : PASSWORD
## End AmazonSES
AmazonSES SmartHost Auth Section

Here’s my example in a test environment.

Next up we want to add the ROUTERSTART section. Copy in the below but replace YOUR_SERVER_IP with your actual server IP address.

# Added for Amazon SES
smarthost_dkim:
  driver = manualroute
  domains = !"+local_domains +smart_hosts"
  condition = "${if eq{${lookup{$sender_address_domain}partial-lsearch{/etc/staticroutes}{$value}}}{}{false}{true}}"
  ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8 : YOUR_SERVER_IP
  headers_add = "${perl{mailtrapheaders}}"
  require_files = "+/var/cpanel/domain_keys/private/${sender_address_domain}"
  transport = remote_smtp_smart_dkim
  route_list = !+local_domains "${lookup{$sender_address_domain}partial-lsearch{/etc/staticroutes}}"

smarthost_regular:
  driver = manualroute
  domains = !"+local_domains +smart_hosts"
  condition = "${if eq{${lookup{$sender_address_domain}partial-lsearch{/etc/staticroutes}{$value}}}{}{false}{true}}"
  ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8 : YOUR_SERVER_IP
  headers_add = "${perl{mailtrapheaders}}"
  transport = remote_smtp_smart_regular
  route_list = !+local_domains "${lookup{$sender_address_domain}partial-lsearch{/etc/staticroutes}}"
###

AmazonSES SmartHost ROUTERSTART

Here’s my example in a test environment.

Note: If your server has multiple IP addresses then you want to add each IP address to this line which would then look like this (obviously replacing 1.1.1.1 and 1.1.1.2 here with your public IP addresses)

ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8 : 1.1.1.1 : 1.1.1.2

Next up we have the TRANSPORTSTART Section box to fill with the below, nothing needs changing in the code below so copy it straight in

# Added for Amazon SES
remote_smtp_smart_dkim:
  driver = smtp
  hosts_require_auth = *
  hosts_require_tls = *
  interface = ${if exists {/etc/mailips}{${lookup{$sender_address_domain}lsearch*{/etc/mailips}{$value}{}}}{}}
  helo_data = ${if exists {/etc/mailhelo}{${lookup{$sender_address_domain}lsearch*{/etc/mailhelo}{$value}{$primary_hostname}}}{$primary_hostname}}
  dkim_domain = $sender_address_domain
  dkim_selector = default
  dkim_private_key = "/var/cpanel/domain_keys/private/${dkim_domain}"
  dkim_canon = relaxed

remote_smtp_smart_regular:
  driver = smtp
  hosts_require_tls = *
  hosts_require_auth = *
  interface = ${if exists {/etc/mailips}{${lookup{$sender_address_domain}lsearch*{/etc/mailips}{$value}{}}}{}}
  helo_data = ${if exists {/etc/mailhelo}{${lookup{$sender_address_domain}lsearch*{/etc/mailhelo}{$value}{$primary_hostname}}}{$primary_hostname}}
###

AmazonSES SmartHost TRANSPORTSTART Exim Config

Here’s my example in a test environment.

And that’s it for the WHM side of things so go ahead and save the configuration.

AmazonSES SmartHost File Modifications in SSH / Terminal

We need to edit a few files so go ahead and open up an SSH session or you can use the Terminal inside WHM.

Let’s start with /etc/exim.conf.local

Find the @CONFIG@ line and add the below inside it.

# Added for Amazon SES
hostlist smart_hosts = lsearch;/etc/smarthosts
###

Save and exit.

Here’s my example (note the @AUTH@ part should already be populated with the changes made earlier, we are only added the above hostlist line underneath @CONFIG@)

AmazonSES SmartHost eximconflocal

Next up is the /etc/smarthosts file, this won’t exist already so you need to create the file. This is the file which specifies which domains on your server will be relaying through the AmazonSES SmartHost. Don’t forget that you must create the domain the Amazon SES Management Console and verify the domain using CNAME records first!

Copy the following into the file but replace domain1.com and domain2.com with the actual domains on your server.

Replace Amazon_SES_Server with the SMTP Host shown to you in the Amazon SES Management Console.

# Added for Amazon SES
domain1.com: Amazon_SES_Server
domain2.com: Amazon_SES_Server
###

AmazonSES SmartHost etc-smarthosts

Finally we want to create /etc/staticroutes – this will contain the same contents as your /etc/smarthosts file. The easiest way to do this is just copy the file with:

cp /etc/smarthosts /etc/staticroutes

That’s it! We just need to rebuild the exim configuration to perform a quick syntax check and activate the changes.

/scripts/buildeximconf

To confirm, what we’ve just configured is to have emails sent from the domains specified in /etc/smarthosts and /etc/staticroutes to be relayed through AmazonSES. All other domains not specified will continue to be sent directly from your server.

At this point I’d recommend heading into cPanel -> Webmail for one of the domains and sending a test email to an outside recipient (or the identity you’ve set-up in AmazonSES!) to check delivery works okay.

Additional notes: I have discovered that upon performing these changes when you go back to Exim Configuration Manager you might see the following warning:

AmazonSES SmartHost exim-warning

I set this to contain just “amazonses.com” and the warning disappeared. I then removed it and saved the configuration again and the warning was still gone. *Shrugs*.

Remember to add the following to the SPF record of any domains that will be relaying through the AmazonSES SmartHost.

include:amazonses.com 

For more WHM related guides please see here

Adapted from the guide kindly provided here.