Just wanna share 1 more workaround which can be used for multiple domains, and will allow to use different SMTP by domain (MailJet, MailGun, SendPulse, SendGrid etc.).
Create file /etc/exim4/exim_smarthosts (root:root, 644), with next content:
exim_smarthosts
# "domain" - domain name used in index of the line
# "user" - user (or ID) used in smarthost's SMTP
# "pass" - password (or API secret, or API key, etc.) used for the SMTP user in smarthost
# "smtp" - SMTP server address of smarthost
# "port" - port used in Smarthost (586,25 or another)
# sending by MailJet
# $domain: domain=$domain user=$MAILJET_smtp_user pass=$MAILJET_api_password smtp=in-v3.mailjet.com port=587
domain1.com: domain=domain1.com user=xxxxxx pass=xxxxxx smtp=in-v3.mailjet.com port=2525
# sending by MailGun
# $domain: domain=$domain user=postmaster@$domain pass=$MailGun_default_password smtp=smtp.eu.mailgun.org port=587
domain1.com: domain=domain1.com [email protected] pass=xxxxxx smtp=smtp.eu.mailgun.org port=587
domain2.com: domain=domain2.com [email protected] pass=xxxxxx smtp=smtp.eu.mailgun.org port=587
# sending by SendPulse
# $domain: domain=$domain user=$SENDPULSE_smtp_user pass=$SENDPULSE_api_password smtp=smtp-pulse.com port=587
# sending by SendGrid
# $domain: domain=$domain user=$SENDGRID_smtp_user pass=$SENDGRID_api_password smtp=smtp.sendgrid.net port=587
Restart Exim: sudo service exim4 restart
Good to know:
domains must be verified on SMTP relay account
domains not existing in /etc/exim4/exim_smarthosts will use local SMTP
in case there are 2 configs for 1 domain in /etc/exim4/exim_smarthosts only upper will be used: In example above emails from domain1.com will be sent by MailJet, and domain2.com by MailGun
Hello falzo.
Thanks for the information, it was very helpfull when setting up my AWS server.
Im reaching to you, to ask you about the configuration for SMTP relay for Forwarding emails.
Internal Forwarding works, but when trying to Forward to an external email (gmail) I have the 550 error (because AWS blocks SMTP) my guess is that Hestia is trying to Forward with regular SMTP and not with the relay (I have my domains validated by SES and working for sending)
Do you have any ideas of the configuration I need to set in order to send Forward emails using SES?
Thanks for taking the time of reading this, please be free to reply any thoughts you have on the subject.
I’d assume that SES picks up the original senders domain and obviously does not relay that, because that is not validated (and nothing you can actually do)
to be honest I never really looked into that so far as it did not concern my use cases. there is something like Sender Rewriting Scheme - Wikipedia - maybe that helps, but I haven’t done this yet in exim.
another option probably would be to check if you can exclude forwards from using SES and have exim send those directly…
Hey falzo. We recently started using Mailjet to relay our emails from Hestia server. Our droplet’s IP address was blacklisted and all our emails were going to spam. The current configuration from pluto makes Mailjet work.
However, we have the same forwarding problem as @koodemx.
I had to change router configuration for alias to make forward mails use the relay. As @lebeef suggested:
redirect_router = send_via_mailjet
As you said, the original sender address pops up on Mailjet, waiting for confirming the mail address.
I did not take a look at any specific solutions but if I use the server’s SMTP, the forwarded mail will go to spam. If I relay it to Mailjet, it won’t accept it.
yeah forwarded mail are a big problem nowadays anyway. the ‘why?’ is answered quickly - a very high percentage of the forwarded mail will be just spam. and while people might think ‘I don’t care because gmail as final destination has a good spamfilter and will take care’ they simply oversee that they become part of the problem. in the eyes of the final receiving provider yourserver/ip is going to be the origin of exact that spam mail and with that your IPs reputation will die and sonn end up on a blacklist.
worst case you combine forwarding with a catch-all because of FOMO. heaven for spammers and you’ll bear the costs.
so, best way is to try and avoid forwarding at all costs.for regular big services you could setup pop-collection instead - which will also have the mails filtered again spam but never influence your IPs reputation.
I understand that this sometimes not feasible or at least hard to explain to clients - still the best option to go with.
the second option would be to split between SES and regular sending just for forwarded mail, but that probably won’t get you far as the problem stays the same and the relation between good and bad mails send from your host probably even gets worse.
last option would be getting into SRS, sender rerwriting scheme as written above. with that for all forwarded mails the header gets rewritten so that the mailfrom domain then is yours and can be validated with SES or mailjet and the likes so the mail can pass there.
however chances here are as well, that some of them bounce because spam will still be spam. those bounces might hurt your reputation within the relay services you use, so you need to heavily monitor that because you might run into trouble there… kind of knockon effect.
Hello @arinc9.
Mailjet forwarding won’t work because Exim is trying to forward the email keeping the FROM header (the FROM email is not going to be part of your valid sender addresses (ie: gmail)).
I encountered this problem when changing the router for aliases and forwarders on Exim.
Since then Ive been looking for a solution, and I am stuck on trying to rewrite the FROM Header address before sending the email.
I found an experimental SRS support for Exim here (Sender Rewriting Scheme (SRS) Experimental) but you need to install an extra library.
Also I found the Exim documentation for Address rewriting but Im confused and I dont have experience on setting the rules on the config files (My best guess is that you need to set a wildcard to ALL FROM Addresses and rewrite them to you new verified email address) but I dont really know how to do this. @falzo Thank you so much for taking the time to reply, I understand your concern about the SPAM, but in my case, I only want the forwarded email to reach my Gsuite email account for internal use, I dont worry about spam since my Hestia emails accounts are not public.
Please be free to reply any thoughts you have on the subject.
as said above, if it’s just a single or few accounts simply have your mail address(es) be regular accounts in hestia with no forwarding and use the option to collect the mails from gsuite itself via pop3 directly (and eventually delete them afterwards). that’s what I do and recommend to my clients and saw the least problems with…
I haven’t looked into SRS yet, but it’s on my todo as well…
I eventually backed down on the idea of using relay services for forwarded mails.
I wouldn’t want forwarded mails to consume the daily email quota from Mailjet which is 200.
Also as @falzo said, forwarded spam mails will get us in trouble with the relay service.
I set up that we forward mail using the Hestia server’s SMTP instead of relaying it to Mailjet.
It will go to spam on the recipient but it will reach the other side, at the very least.
Current configuration from @pluto works this way, so it’s pretty much ready to go.
to add to that: your recipients probably are aware of these forwarded mails coming in, so they should simply check their spam folder regularly and more importantly always mark non-spam mails as such. ideally on the webmail thing or native app - whatever they are using. maybe even add the contacts to their trusted contact list etc. in the long run this might help with the reputation.
.
