PHP sending IP

wattie

wattie

Verified User
Joined
May 31, 2008
Messages
1,206
Location
Bulgaria
Hello,

I have few IPs on the server. One user is set on dedicated IP address. When he send mail normally, exim sends from his dedicated IP. When he send from the website (using php mail()) it sends from the main server IP.

I am using spamblocker 4.5.3. The interface in it is as default:

Code: 
  interface = <; ${if exists{/etc/virtual/domainips}{${lookup{$sender_address_do
main}lsearch*{/etc/virtual/domainips}}}}

also default. My /etc/virtual/domainips has the domain and the IP set correctly.

When sending normally using e-mail, there is "X-Authenticated-Id: <e-mail address>" and exim is taking the domain from it ($sender_address_domain). When sending from PHP it is just the username: "X-Authenticated-Id: <username>" and there is no domain. Therefore exim falls back to the default IP.

How can I make the user to send from his dedicated IP with php?
 
Last edited:
In exim.conf right after the line:
Code: 
untrusted_set_sender = *

I add this new line:
Code: 
no_local_from_check

Then I get this error in mail queue:
Code: 
Error with queue dump: 2017-02-22 17:46:51 Exim configuration error in line 92 of /etc/exim.conf: "local_from_check" option set for the second time

I am using the newest exim.conf version. So it seems the guide at https://help.directadmin.com/item.php?id=257 is not working and should be updated.
 
Probably, yes, the guide is no more actual for 4.x exim.conf, as the config file has:

Code: 
untrusted_set_sender = *
[FONT=&quot]
[/FONT]
I have a server with suPHP and exim.conf 4.x and the issue exists there. I don't have right now a server with multiple IPs without suPHP. Anyway if the user wattie uses suPHP then the link has a solution for this.
 
With the "untrusted_set_sender = *" php mail still send from username, only difference is that it is customer own domain after @

Do you know if it is possible in newest exim.conf (I am using mod_ruid2) to make it so that the user is able to set the sender as they desire, so that it does not have to bee [email protected] as sender?
 
I've just sent an email with suPHP (mod_php should allow the same, shouldn't it?):

Code: 
To: zeiter@*******.***
Subject: PHP Mail Test script
X-PHP-Originating-Script: 507:mail.php
From:[email protected]
Message-Id: <[email protected]>
Date: Thu, 23 Feb 2017 00:42:38 +0700
X-Authenticated-Id: userbob

So it's possible, if you mean this... of course headers show real email in Return-path and in envelope-from.
 
Thanks. But yes, I was talking about changing Return-path and envelope-from. I don't think it is possible.
 
My problem is with the "X-Authenticated-Id: userbob" (from your example). It does not have the domain so exim is sending from the default server IP.

P.S. I already have local_from_check = false
 
X-type headers should NOT effect anything... why do you think it's the root cause of the issue? Is it your supposition or you have proves that makes you to think so?

Anyway try and update exim.conf:
Code: 
remote_smtp:  driver = smtp
[B]#  headers_add = "${if def:authenticated_id{X-Authenticated-Id: ${authenticated_id}}}"[/B]
  interface = <; ${if exists{/etc/virtual/domainips}{${lookup{$sender_address_domain}lsearch*{/etc/virtual/domainips}}}}
  helo_data = ${if exists{/etc/virtual/helo_data}{${lookup{$sending_ip_address}iplsearch{/etc/virtual/helo_data}{$value}{$primary_hostname}}}{$primary_hostname}}
.include_if_exists /etc/exim.dkim.conf

p.s. In my tests the header X-Authenticated-Id does not effect the sending IP.
 
Let me chime in a bit...
Currently, when an email is sent through php mail() $sender_address_domain is empty or contains user@server-host which prevents the interface script to adequately identify which domain the mail is coming from. Most likely it is empty as otherwise the $authenticated_id variable would contain the whole user@server-host, but it only contains user.

So the question is: How to rewrite the interface line so if $sender_address_domain is empty, it searches for $authenticated_id in the same or in another file to get the correct IP.

untrusted_set_sender = * is not a very good solution as it will give spammers/hackers some more access if/when an user account gets compromised
 
Hehe, ok you got me - it's just a logical reasoning, not a proof:

1. Without the /etc/virtual/domainips in which there is a list with domain:ip, everybody is sending from the default IP

2. When the file is there, the user is sending (not with php) with "X-Authenticated-Id: [email protected]" and (not necessarily related directly to that) obviously exim is lookin in the file, fetching the correct IP and sending from it

3. When PHP sends, it uses "X-Authenticated-Id: user" (without domain) and it uses the default IP - assuming that exim did not get the domain correctly.

So on your question - yeah, I am assuming and I am not sure. That was the only thing that was too different in the headers when I compared two different headers - that's why I wrote it as a POSSIBLE reason for the issue.



Anyway, back to the main question, I actually care to find out how to make PHP to send from different IP for specific user.
 
Seems like my previous post is missing...
Anyways....
Although this seems like a way to solve it.. it's a per user and user editable/viewable solution which fixes the sending user|at|domain to a particular one.

Is it possible to rewrite the interface script in exim.conf so it checks the user against /etc/virtual/domainips or another similar file?
For example:
if $sender_address_domain is empty, search for $authenticated_id (which is == user when using php mail()) in /etc/virtual/userips
 
Thanks zEitEr - the suPHP argument makes sense. I thought it could be more flexible than cgi as there is a mod_suphp module in apache... but it is probably not.
 
You must log in or register to reply here.
Back
Top