Setting server IP as sender IP for EXIM

[Sakamoto Ryōma]

Is it possible to set the sender IP to the same as the server IP?

I mean the sender IP as my local computer's / phone's IP provided by the ISP.

This is possible if I use webmail. But is there a setting for this for all emails sent from the SMTP server?

Why? The ISP gives dynamic IPs and sometimes those IPs are blacklisted on email blacklist providers. I know this may risk all accounts on the server, but I would give a dedicated IP for a client who sends a high number of emails in that case. I can also reduce the daily sending limit to prevent clients from sending batch emails by default.

Attachment: A thread on Apple's support pages where clients are complaining about emails for the same issue.

 

[Richard G]

This is possible if I use webmail. But is there a setting for this for all emails sent from the SMTP server?

That is already the case by default. All clients using authenticated smtp via your server will have the server IP as sender IP and their ISP ip as originating ip.
This makes it no problem with the spamlists for dynamic ip addresses as the server's IP is used as sender IP by default. So you don't need to worry about that.

The issue you are talking about can only be caused if a Directadmin is used from a home location, so where the server IP also will be an IP provided by a home ISP and not a static IP from a datacenter.

In your case, you have a static IP from the datacenter which the Exim mailserver is using. So the ip's your clients are using are totally not important.

As for the attachment, you probably attached the wrong attachment, because this one is showing spam send to you, and nothing about clients with email complaints.

 

[Sakamoto Ryōma]

Attached is the emailable website's delivery report. The email is put in the spam folder because the sender IP, (not MTA IP), is on the blacklist.

The server IP is not on the blacklist, and all DKIM, DMARC, and SPF settings are correctly done.

I figured out this problem after using this email deliverability report.

The IP on the attachment is not the server IP, it is the user's IP given by ISP and it caused the email to be put in spam because the IP was blacklisted.

The email address in the attachment is given by the emailable website to test if the email is in spam or inbox.

 

[Sakamoto Ryōma]

Mail goes into spam on AOL too for the same reason.

 

[Richard G]

I don't know what is going on, but those screenshots don't tell me much.
Go to https://www.mail-tester.com and follow the procedure and see what score you get, should at least be 9/10 but normally 10/10.

 

[Sakamoto Ryōma]

The default settings pass the mail tester's test.
But you can not tell your clients that it's not your problem if they say their emails are going to the spam folder of major email providers, AOL, Gmail, Microsoft, Yandex, iCloud etc.
So I'm using different domains which are getting 10/10 from the mail tester but still, some emails go to spam. The only thing I see is that, if the IP address given by the ISP is on the blacklist, those providers put your email to the spam folder although the mail server is not on the blacklist. I can not tell them to change their politics, so I thought if I could send all emails as if they are sent like webmail which uses only the server IP, not the client's computer IP, then it would be more spam-proof.
So I'm asking if is there any setting on DirectAdmin for this or in Exim manual configuration.

 

[Sakamoto Ryōma]

Moreover, I also read if the MTA has a high reputation in terms of email sending, even if the sender's IP is blacklisted, the email most likely not goes to spam. Maybe our hostname is new and does not have much reputation, so the blacklisted client IP is causing emails to go to the spam folder.

 

[Richard G]

But you can not tell your clients that it's not your problem if they say their emails are going to the spam folder of major email providers, AOL, Gmail, Microsoft, Yandex, iCloud etc.

No I wrote it wrong, I should have said it's not the cause of your problem.

This is your problem:

but still, some emails go to spam. The only thing I see is that, if the IP address given by the ISP is on the blacklist,

It's some, not all. So to me this looks like a user problem, not a server problem. Their IPS ip's are used which is normally never the case.
I'm have a feeling they are using the smtp server of there home provider instead of authenticated smtp from your server, that could cause this issue.

Let them send you a screenshot of their outgoig mail settings in their e-mail client and doublecheck that.

So I'm asking if is there any setting on DirectAdmin for this or in Exim manual configuration.

If I'm not mistaken there is a way to hide source ip's, but I don't know how.

 

[Sakamoto Ryōma]

If I'm not mistaken there is a way to hide source ip's, but I don't know how.

I found the solution on Stackoverflow, here is the link: https://serverfault.com/questions/1035035/remove-ip-and-username-from-exim-mail-headers

I will test more in-depth this week whether this will solve all spam issues with major free email providers' spam filters or not.

I'm have a feeling they are using the smtp server of there home provider instead of authenticated smtp from your server, that could cause this issue.

I think this is also the right catch. What should I suggest to clients as they may have too many different mail apps on different Operating Systems?

 

[Richard G]

I found the solution on Stackoverflow,

I've already found that one but didn't mention it. As you can read a bit lower, that is for Debian/Ubuntu only.
For others it is: headers_remove = received and that code I already had in a thread of my own, but as far as I understood it, this will remove the server's ip address. So I doubt if it will remove the user address too.

Be aware that if no sending server ip is present, you are more likely to get into spamboxes. So it's indeed a good idea to do some decent testing on this.

What should I suggest to clients as they may have too many different mail apps on different Operating Systems?

If this is correct, you shouldn't need to adjust your mailserver with customisations. In that case just advise your clients to use the correct smtp server. By default this is mail.domain.com where domain.com is there domain name on your server.

It totally doesn't matter which mail app, client or which Operating System they are using as this is not depending on the client side but on the server side (so how the domain's mail system is configured on the server).
So they can use that setting everywhere. Nowadays by default Directadmin also put's smtp in DNS by default, so if their app would not accept a mail.domain.com setting they can also use smtp.domain.com for their outgoing mail setting.
This way your server is always used, independent from app, OS or their location.

 

[Sakamoto Ryōma]

Hello again,

I find the solution to this problem.

Hiding the headers may not be a good behaviour in the eyes of spam detection mechanisms.

So what we will do it, just remove the Received from headers and add our own headers.

headers_remove = Received
headers_add = "Received: from [1.1.1.1] (helo=[192.168.1.1]) by $primary_hostname with esmtpsa"

Where 1.1.1.1 is another clean IP I ordered from the data centre and assigned to my DirectAdmin server. 192.168.1.1 is just a random local IP address, the rest is similar to what Directadmin exim conf sets while sending email. I used local IP as the default text was including it.

I'm not an expert in spam mail rules, but if you prefer you may set it to like this too:

headers_add = "Received: from [1.1.1.1] by $primary_hostname (Exim $version_number)"

Or you may remove the Exim version

headers_add = "Received: from [1.1.1.1] by $primary_hostname"

Those lines need to be added to /etc/exim.conf after those lines:

#COMMENT#61:
remote_smtp:
driver = smtp

Please note that this will be replaced with a default configuration when you update the Exim server.

 

[Sakamoto Ryōma]

I thought giving the same local IP all the time may hang in the spam filter, so giving a random local IP can be better. So, instead of

headers_add = "Received: from [1.1.1.1] (helo=[192.168.1.1]) by $primary_hostname with esmtpsa"

You may use ${randint:<n>} for random number for the last field

headers_add = "Received: from [1.1.1.1] (helo=[192.168.1.${randint:10000}]) by $primary_hostname with esmtpsa"