SMTP server name

RTKS

Verified User
Joined
Nov 25, 2003
Messages
48
I have setup a couple of different accounts in my DA panels, I'll use abc and xyz for the two different domains.

abc.com is the primary domain associated with DA. xyz.com is a reseller account that will do hosting for a different business I have.

The problem is that when someone on xyz.com sends an e-mail, it still goes through hostname.abc.com. If you look at the extended headers of the message when you receive it, you will see recevied from hostname.abc.com.

What I would like is for the reseller and any users under it to have e-mail shown as coming from hostname.xyz.com.

Is this doable?

Oh, for the record, I have the server IP by itself, then I have two IPs for abc.com including ns1/2, and then two for xyz.com including ns1/2. Ideally I'd like never to see the hostname, so mail would just come from abc.com and one of its ips, or xyz.com and one of its ips.

My thought behind setting it up this way is that if no public service is pointing to my main server ip, there will be less temptation to attempt hacking that ip. I'll be putting rules in place so that ssh will only be accepted through the main server ip for example.
 
RTKS said:
I have setup a couple of different accounts in my DA panels, I'll use abc and xyz for the two different domains.

abc.com is the primary domain associated with DA. xyz.com is a reseller account that will do hosting for a different business I have.

The problem is that when someone on xyz.com sends an e-mail, it still goes through hostname.abc.com. If you look at the extended headers of the message when you receive it, you will see recevied from hostname.abc.com.

What I would like is for the reseller and any users under it to have e-mail shown as coming from hostname.xyz.com.

A reseller is NOT a domain account, you need to setup xzy as a domain in the resellers account for it to work. As default there are no domains setup when a reseller is created, if my memory serves me correct.

Chris
 
RTKS said:
My thought behind setting it up this way is that if no public service is pointing to my main server ip, there will be less temptation to attempt hacking that ip. I'll be putting rules in place so that ssh will only be accepted through the main server ip for example.

No matter what IP you host your sites on, they are just as vulnerable as each other, whether your sites are on a seperate IP to your master server IP or not. I suggest if you are worried about security, you follow the security measures listed in the DA server checklist (link in my sig)as a minimum. Ensure you have either KISS or APF firewall, both have basic DoS Protection and will help as a start :)

Also, based on the subject of this thread you can use 'localhost' as your SMTP server (if it is for a script / site), if you want it for use in outlook or other external mail client use mail.domain.com :)

Chris
 
Wow, what a quick reply!

I do have non-virtual name servers setup for xyz.com. What else would I need to set/where is it?

Thanks
 
RTKS said:
I do have non-virtual name servers setup for xyz.com. What else would I need to set/where is it?

If you have external DNS servers, you will need to add all of the DNS entries at your DNS server, there is a guide on these forums somewhere with setting up external DNS servers im sure :D

Chris
 
Last edited:
The DNS servers are part of the resller account...ns1 uses the first IP assigned to the domain, NS2, the second.
 
Some more info...I do have both of the IPS for xyz assigned to it in the IP control panel. I've checked DNS and it all looks proper.

I guess the question is, how can I give a domain it's own SMTP server. It looks as though DA uses the default for the box.
 
if you mean something like:

main server ip - 111.111.111.111

you can have
ns1 - 111.111.111.111
ns2 - 222.222.222.222

without any problems.

Chris
 
main server ip is 111.111.111.111

abc uses 111.111.111.112/3 (ns1 and 2, website on 112)

xyz uses 111.111.111.114/5 (ns1 and 2, website on 114)

It appears as if all mail is forced through 111.111.111.111

What I'd like is for mail for xyz and any domains under it to go through 111.111.111.114, mail for abc and any domains under it to go through 111.111.111.112.

This way no one in the outside world even needs to know 111.111.111.111 exists or is related to the others.
 
ensure your MX records are setup to the IP the website is on.

Chris
 
I did check the DNS...and there are MX records in the proper spots...but there is no way to tell what IP they point to.
 
I guess I'll have to wait on that because my registrar hasn't registered my DNS servers yet and the server is using an upstreme DNS for it's resolution.

I can tell you the mail. records are pointing to the IPs I want within the DA panel.
 
Re: Re: SMTP server name

ProWebUK said:
No matter what IP you host your sites on, they are just as vulnerable as each other, whether your sites are on a seperate IP to your master server IP or not.

I'd say that if you have a site which is very likely to be attacked, then put it on its own IP. You can the really scrutinise the logs for that IP, you will find you can setup firewall rules for that IP, and if you end up getting dossed, it will be a lot easier to stop the attacked affecting the others sites performance.
If its not too much trouble to put it on its own IP, do it.
 
Yes, security is one reason I'm doing this, but another is privacy.

If I create a reseller, I would expect the mail to come from the reseller IP. So instead of looking at the extended headers and seeing the connection coming from mailserver.mainaccount.com, I want it to come from mailserver.reselleraccount.com.

I noticed no response from DA directly...is this something I should open up a ticket for?

FWIW, I have checked the DNS and mail.abc.com points correctly, and mail.xyz points correctly. The problem seems to lie with how mail is actually sent from the server itself. Perhaps it is impossible for sendmail to determine which ip/hostname to use when sending?
 
One other thing which its probably not down to but worth checking is the reverse dns of the ips.
 
Re: Re: Re: SMTP server name

JoeInShed said:
if you end up getting dossed, it will be a lot easier to stop the attacked affecting the others sites performance.
If its not too much trouble to put it on its own IP, do it.

Getting DoS'ed will cause problems througout your server no matter what IP address the site is on. They will affect the performance of your server as a whole, not just 1 site, not just apache.

As i mentioned though, get a firewall such as APF or KISS which both have simpe DoS protection or at least get similar protection in IPTables.

The best advice to keep your server as safe as possible from attacks would be to keep software up-to-date and take security precautions that are available to you.

"'Make no mistake, the odds are not in your favor--you have
to patch every hole, but an attacker need find only one.'" - rxfn
 
RTKS said:
main server ip is 111.111.111.111

abc uses 111.111.111.112/3 (ns1 and 2, website on 112)

xyz uses 111.111.111.114/5 (ns1 and 2, website on 114)

It appears as if all mail is forced through 111.111.111.111

Just reading through this whole thread and realised something simple was missing.

are ABC and XYZ IP based sites? if not, make the following as IP based sites

abc - 111.111.111.112

xyz - 111.111.111.114

And as Joe mentioned you will need PTR records on all IP addresses being used for mail.

Chris
 
Re: Re: Re: Re: SMTP server name

ProWebUK said:
Getting DoS'ed will cause problems througout your server no matter what IP address the site is on. They will affect the performance of your server as a whole, not just 1 site, not just apache.

As i mentioned though, get a firewall such as APF or KISS which both have simpe DoS protection or at least get similar protection in IPTables.

The best advice to keep your server as safe as possible from attacks would be to keep software up-to-date and take security precautions that are available to you.

"'Make no mistake, the odds are not in your favor--you have
to patch every hole, but an attacker need find only one.'" - rxfn

If some people dont like a site you host, and they ddos the site, and the site is on its own IP, then you just go to your upstream and get the ip blocked before it even enters the network. sure the site is down, but the rest of the sites on the server will be fine.
 
The sites are not IP based...they are shared. I do have the possibility to make them IP based if that is needed, but I was hoping to use my couple "free" addresses for a couple larger sites.

To do the PTR records, just enter them in the DNS panel?

Just to be clear though, it seems that any website sending e-mail goes through that one server IP address, it doesn't seem to even TRY sending out of the others. Is that perhaps because the others are shared?
 
Back
Top