Find the desired product help

Configure Exim / cPanel to use a Smarthost


Routing all mails to a smarthost :


Go to the "Exim Configuration Editor" in WHM. Choose "Advanced Editor". Add in the routers section (after begin routers, and after the democheck: router block):

 
smarthost_dkim:
  driver = manualroute
  domains = !+local_domains
  require_files = "+/var/cpanel/domain_keys/private/${sender_address_domain}"
  transport = remote_smtp_smart_dkim
  route_list = $domain mxpool1.spamgateway.comodo.com::587 (for EU based CSEG server) 
or

$domain mxpool1.us. spamgateway.comodo.com::587 (for US based CSEG server)smarthost_regular: driver = manualroute domains = !+local_domains transport = remote_smtp_smart_regular route_list = $domain mxpool1.spamgateway.comodo.com::587(for EU based CSEG server)
or
$domain mxpool1.us. spamgateway.comodo.com::587(for US based CSEG server)


Then add in the transports section (after begin transports):

remote_smtp_smart_dkim:
  driver = smtp
  hosts_require_tls = *
  interface = ${if exists {/etc/mailips}{${lookup{$sender_address_domain} 
lsearch*{/etc/mailips}{$value}{}}}{}}
 helo_data = ${if exists {/etc/mailhelo}{${lookup{$sender_address_domain}
lsearch*{/etc/mailhelo}{$value}{$primary_hostname}}}{$primary_hostname}} dkim_domain = $sender_address_domain dkim_selector = default dkim_private_key = "/var/cpanel/domain_keys/private/${dkim_domain}" dkim_canon = relaxed remote_smtp_smart_regular: driver = smtp hosts_require_tls = * interface = ${if exists {/etc/mailips}{${lookup{$sender_address_domain}
lsearch*{/etc/mailips}{$value}{}}}{}} helo_data = ${if exists {/etc/mailhelo}{${lookup{$sender_address_domain}
lsearch*{/etc/mailhelo}{$value}{$primary_hostname}}}{$primary_hostname}}


Save the configuration. All the outgoing mail will be relayed trough the filter server and accept original and DKIM signed emails.


Routing all mails to a smarthost with SMTP Authentication:

  • Go to the "Exim Configuration Editor" in WHM
  • Choose "Advanced Editor". do not include "begin authenticators"
  • Otherwise, simply append our 4 lines and leave out our "begin authenticators"


  begin authenticators

  spamgateway_login:
  driver = plaintext
  public_name = LOGIN
  client_send = : username@example.com : yourUserPassword


Add a Router in the Router Configuration Box.


  send_via_spamgateway:
  driver = manualroute
  domains = ! +local_domains
  transport = spamgateway_smtp
  route_list = "* mxpool1.spamgateway.comodo.com::587 byname" (for EU based CSEG server)
or
  "* mxpool1.us.spamgateway.comodo.com::587 byname" (for US based server) host_find_failed = defer no_more


Add a Transport to the Transport Configuration Box.

 

(for EU based DAS server)
 spamgateway_smtp:
  driver = smtp
  hosts = mxpool1.spamgateway.comodo.com  hosts_require_auth = mxpool1.spamgateway.comodo.com
  hosts_require_tls = mxpool1.spamgateway.comodo.com

(for US based server)
spamgateway_smtp:
driver = smtp
hosts = mxpool1.us.spamgateway.comodo.com
hosts_require_auth = mxpool1.us.spamgateway.comodo.com
hosts_require_tls = mxpool1.us.spamgateway.comodo.com


Restart Exim.


Extra: Routing all mails for a specific domain to a smarthost with individual outgoing accounts:


To be able to set custom settings/limits for outgoing users, use the information above (Routing with SMTP Authentication) with a small change. Use this:

client_send = :  ${extract{user}{${lookup{$sender_address_domain}lsearch{/etc/exim_spamgateway}}}}  : 
                 ${extract{pass}{${lookup{$sender_address_domain}lsearch{/etc/exim_spamgateway}}}}


instead of the client_send in the previous example.


To create a file called /etc/exim_spamgateway with the following structure, use this :


domain1.com:    user=user@domain1.com     pass=abc
domain2.com:    user=user@domain2.com     pass=xyz


Extra: Limiting Outgoing for certain domains


This option can be combined with the individual accounts configuration to restrict outgoing only to specific domains. You can add the following entry (underneath domains) in the router :


senders = ^.*@domain1.com : ^.*@domain2.com