I have setup a couple of different accounts in my DA panels, I'll use abc and xyz for the two different domains.

abc.com is the primary domain associated with DA. xyz.com is a reseller account that will do hosting for a different business I have.

The problem is that when someone on xyz.com sends an e-mail, it still goes through hostname.abc.com. If you look at the extended headers of the message when you receive it, you will see recevied from hostname.abc.com.

What I would like is for the reseller and any users under it to have e-mail shown as coming from hostname.xyz.com.

Is this doable?

Oh, for the record, I have the server IP by itself, then I have two IPs for abc.com including ns1/2, and then two for xyz.com including ns1/2. Ideally I'd like never to see the hostname, so mail would just come from abc.com and one of its ips, or xyz.com and one of its ips.

My thought behind setting it up this way is that if no public service is pointing to my main server ip, there will be less temptation to attempt hacking that ip. I'll be putting rules in place so that ssh will only be accepted through the main server ip for example.

Originally posted by RTKS
I have setup a couple of different accounts in my DA panels, I'll use abc and xyz for the two different domains.

abc.com is the primary domain associated with DA. xyz.com is a reseller account that will do hosting for a different business I have.

The problem is that when someone on xyz.com sends an e-mail, it still goes through hostname.abc.com. If you look at the extended headers of the message when you receive it, you will see recevied from hostname.abc.com.

What I would like is for the reseller and any users under it to have e-mail shown as coming from hostname.xyz.com.

A reseller is NOT a domain account, you need to setup xzy as a domain in the resellers account for it to work. As default there are no domains setup when a reseller is created, if my memory serves me correct.

Chris

Originally posted by RTKS
My thought behind setting it up this way is that if no public service is pointing to my main server ip, there will be less temptation to attempt hacking that ip. I'll be putting rules in place so that ssh will only be accepted through the main server ip for example.

No matter what IP you host your sites on, they are just as vulnerable as each other, whether your sites are on a seperate IP to your master server IP or not. I suggest if you are worried about security, you follow the security measures listed in the DA server checklist (link in my sig)as a minimum. Ensure you have either KISS or APF firewall, both have basic DoS Protection and will help as a start :)

Also, based on the subject of this thread you can use 'localhost' as your SMTP server (if it is for a script / site), if you want it for use in outlook or other external mail client use mail.domain.com :)

Chris

Wow, what a quick reply!

I do have non-virtual name servers setup for xyz.com. What else would I need to set/where is it?

Thanks

Originally posted by RTKS
I do have non-virtual name servers setup for xyz.com. What else would I need to set/where is it?

If you have external DNS servers, you will need to add all of the DNS entries at your DNS server, there is a guide on these forums somewhere with setting up external DNS servers im sure :D

Chris

The DNS servers are part of the resller account...ns1 uses the first IP assigned to the domain, NS2, the second.

Some more info...I do have both of the IPS for xyz assigned to it in the IP control panel. I've checked DNS and it all looks proper.

I guess the question is, how can I give a domain it's own SMTP server. It looks as though DA uses the default for the box.

if you mean something like:

main server ip - 111.111.111.111

you can have
ns1 - 111.111.111.111
ns2 - 222.222.222.222

without any problems.

Chris

main server ip is 111.111.111.111

abc uses 111.111.111.112/3 (ns1 and 2, website on 112)

xyz uses 111.111.111.114/5 (ns1 and 2, website on 114)

It appears as if all mail is forced through 111.111.111.111

What I'd like is for mail for xyz and any domains under it to go through 111.111.111.114, mail for abc and any domains under it to go through 111.111.111.112.

This way no one in the outside world even needs to know 111.111.111.111 exists or is related to the others.

ensure your MX records are setup to the IP the website is on.

Chris

I did check the DNS...and there are MX records in the proper spots...but there is no way to tell what IP they point to.

Ping mail.domain.com to check the IP

Chris

I guess I'll have to wait on that because my registrar hasn't registered my DNS servers yet and the server is using an upstreme DNS for it's resolution.

I can tell you the mail. records are pointing to the IPs I want within the DA panel.

Originally posted by ProWebUK
No matter what IP you host your sites on, they are just as vulnerable as each other, whether your sites are on a seperate IP to your master server IP or not.

I'd say that if you have a site which is very likely to be attacked, then put it on its own IP. You can the really scrutinise the logs for that IP, you will find you can setup firewall rules for that IP, and if you end up getting dossed, it will be a lot easier to stop the attacked affecting the others sites performance.
If its not too much trouble to put it on its own IP, do it.

Yes, security is one reason I'm doing this, but another is privacy.

If I create a reseller, I would expect the mail to come from the reseller IP. So instead of looking at the extended headers and seeing the connection coming from mailserver.mainaccount.com, I want it to come from mailserver.reselleraccount.com.

I noticed no response from DA directly...is this something I should open up a ticket for?

FWIW, I have checked the DNS and mail.abc.com points correctly, and mail.xyz points correctly. The problem seems to lie with how mail is actually sent from the server itself. Perhaps it is impossible for sendmail to determine which ip/hostname to use when sending?

One other thing which its probably not down to but worth checking is the reverse dns of the ips.

Originally posted by JoeInShed
if you end up getting dossed, it will be a lot easier to stop the attacked affecting the others sites performance.
If its not too much trouble to put it on its own IP, do it.

Getting DoS'ed will cause problems througout your server no matter what IP address the site is on. They will affect the performance of your server as a whole, not just 1 site, not just apache.

As i mentioned though, get a firewall such as APF or KISS which both have simpe DoS protection or at least get similar protection in IPTables.

The best advice to keep your server as safe as possible from attacks would be to keep software up-to-date and take security precautions that are available to you.

"'Make no mistake, the odds are not in your favor--you have
to patch every hole, but an attacker need find only one.'" - rxfn

Originally posted by RTKS
main server ip is 111.111.111.111

abc uses 111.111.111.112/3 (ns1 and 2, website on 112)

xyz uses 111.111.111.114/5 (ns1 and 2, website on 114)

It appears as if all mail is forced through 111.111.111.111


Just reading through this whole thread and realised something simple was missing.

are ABC and XYZ IP based sites? if not, make the following as IP based sites

abc - 111.111.111.112

xyz - 111.111.111.114

And as Joe mentioned you will need PTR records on all IP addresses being used for mail.

Chris

Originally posted by ProWebUK
Getting DoS'ed will cause problems througout your server no matter what IP address the site is on. They will affect the performance of your server as a whole, not just 1 site, not just apache.

As i mentioned though, get a firewall such as APF or KISS which both have simpe DoS protection or at least get similar protection in IPTables.

The best advice to keep your server as safe as possible from attacks would be to keep software up-to-date and take security precautions that are available to you.

"'Make no mistake, the odds are not in your favor--you have
to patch every hole, but an attacker need find only one.'" - rxfn

If some people dont like a site you host, and they ddos the site, and the site is on its own IP, then you just go to your upstream and get the ip blocked before it even enters the network. sure the site is down, but the rest of the sites on the server will be fine.

The sites are not IP based...they are shared. I do have the possibility to make them IP based if that is needed, but I was hoping to use my couple "free" addresses for a couple larger sites.

To do the PTR records, just enter them in the DNS panel?

Just to be clear though, it seems that any website sending e-mail goes through that one server IP address, it doesn't seem to even TRY sending out of the others. Is that perhaps because the others are shared?

Originally posted by RTKS
To do the PTR records, just enter them in the DNS panel?


You probably need to request it be done through your ISP.

Chris

OK, that I can do. Just give them the two addresses and the site name for each pair?

Would that change how e-mail is being sent though? If the PTR records weren't there, I would think e-mail would still be sent through the IPs I want, but would be returned as the receiving server couldn't verify "who" the sending server is.

Just ask them to add a PTR record for ip X.X.X.X facing something.mail.com

when you traceroute the IP address the last line (with that ip address) should no longer give an error, and now show the domain you asked it to resolve to.

Chris

Cool...but back to the original question...

Is there a way I can setup a mailserver for the xyz domain and force users of that domain to use that server? Right now all mail goes through the server ip address. I'd like mail for xyz to go through xyz, not the server ip. How can I make that happen?

The easiest way would probably be to setup the domain as an IP based site, using the IP you want to use as the mail server.

Chris

Ahh, ok...so now the next question, can I run multiple instances of sendmail? I'd like to have a mail server for xyz.com and one for abc.com.

You wouldn't need to run multiple instances of sendmail.

Chris

I guess I need to do a manual config of sendmail/exim then? Or is DA supposed to be setting things up how I described automatically and it isn't so I should open a ticket?

You can use multiple IPs for your mailserver and only run 1 instance of exim. All IP addresses are basically aliases and aslong as the records are setup correctly you will be fine :)

Chris