New IP for sending emails from a specific domain

molero.renan · January 5, 2025, 8:01pm

Hello, good afternoon!

I’d like to clarify a question. Currently, I have a client who uses Microsoft emails. However, due to high costs, they decided to migrate the emails to my management. Since it’s a large volume of emails, I’d like to configure the sending process through a different IP that I plan to add.

My question is: how can I do this without changing the primary IP of the domain? Is there a way to configure the DNS to specify that emails should be sent from a particular IP?

I know this might seem like a basic question, but I’m genuinely unsure about this.

I appreciate everyone’s attention and help in advance!

sahsanu · January 5, 2025, 10:15pm

Hiu @molero.renan

But are you planning to host also the web domain or only the mail domain?

I’ve never used this because I’ve only 1 ip on my servers so don’t trust me, just test it

Hestia uses the same IP assigned to the web domain to send mails for that domain. To do that, Hestia adds the outgoing ip to this file:

/etc/exim4/domains/DOMAIN/ip

That is a symlink to:

/home/USER/conf/mail/DOMAIN/ip

But, as far as I know, you can add the new ip address to Hestia as a non shared ip and assign it to the new user which will hold the mail domain and then Exim4 will use that ip as outgoing ip for that domain.

No, you configure the DNS to add the MX record, which specifies where other mail servers should send emails for your domain. However, you cannot define the outgoing IP address to be used by your mail server through DNS."

molero.renan · January 6, 2025, 3:07am

I currently host this client’s website, but now they want to transfer their email services to me.

Since it’s a public institution, changing the primary IP of the domain is quite complicated, especially considering the bureaucratic processes involved with the Brazilian government. Currently, the primary domain is configured with a shared IP because it wasn’t being used for sending emails before.

Now that they want to migrate their emails (with around 800 accounts), the best solution I’ve found is to allocate a dedicated IP exclusively for sending emails from this domain. The challenge is to avoid having to change the domain’s primary IP.

So, my question is: would it be possible to configure email sending for this specific domain to use the new IP without modifying the primary IP?

Thank you in advance for your help!

sahsanu · January 6, 2025, 9:28am

Yes, as I mentioned, Hestia configures Exim4 to use this /home/USER/conf/mail/DOMAIN/ip to determine the outgoing IP for a domain. Since Hestia automatically updates this file based on the web domain’s IP, any manual changes you make to the file will be overwritten whenever the mail domain is rebuilt.

You could try making the file immutable using chattr +i /home/USER/conf/mail/DOMAIN/ip, but this would cause rebuilds of the mail domain to fail, making it an invalid solution. Without modifying Hestia’s code, a better approach would be to create a new outgoing ip file, such as mainip, and configure Exim to prioritize it. If the mainip file exists, Exim will use it instead of the ip file for the outgoing IP configuration.

To implement this, modify the Exim configuration file /etc/exim4/exim4.conf.template as follows:

Replace this line:

OUTGOING_IP = /etc/exim4/domains/${lookup{$sender_address_domain}dsearch{/etc/exim4/domains}}/ip

With this:

OUTGOING_IP = /etc/exim4/domains/${lookup{$sender_address_domain}dsearch{/etc/exim4/domains}}/${if exists{/etc/exim4/domains/${lookup{$sender_address_domain}dsearch{/etc/exim4/domains}}/mainip}{mainip}{ip}}

Then restart Exim with the following command:

systemctl restart exim4

With this setup, you can create a file /home/USER/conf/mail/DOMAIN/mainip containing the desired IP for the domain. Exim will use this file for the outgoing IP. This approach ensures that you don’t need to modify the primary IP for the web domain, and it avoids issues during mail domain rebuilds.

Note: the mainip file must have the right owner/group/perms.

Example using ip 203.0.113.1

echo '203.0.113.1' > /home/USER/conf/mail/DOMAIN/mainip
chown Debian-exim:mail /home/USER/conf/mail/DOMAIN/mainip
chmod 660 /home/USER/conf/mail/DOMAIN/mainip

Maybe there is a more elegant solution but this should work.

Disclaimer: You should run tests before implementing this solution in production

molero.renan · January 6, 2025, 2:19pm

Thank you so much! Your idea worked perfectly; I tested it here, and everything ran smoothly. However, I’ve decided to change the main IP anyway. This is because I’ve been strictly following Hestia’s guidelines (haha), and I’d prefer not to deviate from the standards to avoid having to deal with specific exceptions for certain clients later on.

So, I’ll let the client know that if they have a high volume of emails, we’ll need to set up a dedicated IP for them and adjust the main IP accordingly. This way, I can keep everything organized and consistent for future situations.

Once again, thank you for your help!

system · February 5, 2025, 2:20pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.