Proper way to separate mail ip from everything else

[csharpedges]

I'm trying to use cloudflare and I noticed they say that mail could expose real ip and saw recommendation to separate mail even if just by using different ip.

I have two ips. in ip management the second ip appears as free. but going to that ip resolved to blank page with apache functioning properly. my understanding is that I need to add that ip to directadmin.conf domainips_default_ip and set add_domain_to_domainips = 1 . this will set the outgoing mail server. is that enough for this? and what's the proper way to block accessing anything else on the second ip?
also what about incoming mails? I understand that cloudflare doesn't proxy mail. so would associating mail subdomain and pop to that second ip work? any other tool or setting I should use in directadmin?

thanks for any help.

 

[Zhenyapan]

if you are using cloudflare to prevent ddos, hide real server etc. - there is no sense to keep mail on same server but on different IP.
someone will try to ddos this mail IP and will that website down too and will ddos more. So best idea is to use 2 different VPS, better in different locations/datacentres.
----
if you use cloudflare just as CDN etc.. and website not interesting for hackers - you can create separate account for mail with different IP, or add second additional IP for account (one user account can have few IPs) and configure your MX in the same account with website but on different IP.

 

[Ohm J]

if you out of idea, External Mail Provider is good choice, Like Sendgrid ..etc..