Setup Amazon SES for a Single Domain(s) in Exim (WHM)
So, you’ve got your own cPanel server, domain and you’ve signed up for Amazon SES. I’m not going to go into what Amazon SES is and why you should (or should not) use it, that’s documented quite well around the Internet, but you’ve run into a snag: all of the documentation out there for setting up Amazon SES is for all domains on the server. What if you just want one domain? Perhaps only two domains? How does one set that up?
Well, it’s actually a lot more complicated than the setup for all domains, but with some basic help, you can set this up yourself.
Step 1
The first thing you need to do is setup your Amazon SES account and get the SMTP username and password. Again, this process is well documented, so do that first, then come back here.
Step 2
Now, you need to setup Exim to actually use the Amazon SES service. To do that, open WHM and navigate to the Exim Configuration Manager (hint: use the search box under the WHM logo). Once there, click on the Advanced Editor tab.
Here, we’re going to edit the AUTH
,
ROUTERSTART
and TRANSPORTSTART
sections.
In the AUTH
section, you’re going to need
to add the authentication data that you got in Step 1. So, use the
CTRL-F (Command-F for Mac users) option to find the
AUTH
section. There’s a box there, so you can add the
following into it:
# Added for Amazon SES
ses_login: driver = plaintext
public_name = LOGIN
client_send = : USERNAME: PASSWORD
###
Make sure you replace the above USERNAME
and PASSWORD
entries that you got from your Amazon SES
setup.
Now, move to the ROUTERSTART
section and in
the box there add:
# Added for Amazon SES
smarthost_dkim:
driver = manualroute
domains = !"+local_domains +smart_hosts"
condition = "${if eq{${lookup{$sender_address_domain}partial-lsearch{/etc/staticroutes}{$value}}}{}{false}{true}}"
ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8 : YOUR_SERVER_IP
headers_add = "${perl{mailtrapheaders}}"
require_files = "+/var/cpanel/domain_keys/private/${sender_address_domain}"
transport = remote_smtp_smart_dkim
route_list = !+local_domains "${lookup{$sender_address_domain}partial-lsearch{/etc/staticroutes}}"
smarthost_regular:
driver = manualroute
domains = !"+local_domains +smart_hosts"
condition = "${if eq{${lookup{$sender_address_domain}partial-lsearch{/etc/staticroutes}{$value}}}{}{false}{true}}"
ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8 : YOUR_SERVER_IP
headers_add = "${perl{mailtrapheaders}}"
transport = remote_smtp_smart_regular
route_list = !+local_domains "${lookup{$sender_address_domain}partial-lsearch{/etc/staticroutes}}"
###
Now, before you move on, make sure you change the
YOUR_SERVER_IP
item above to the IP address of
your server. If you have more than one, then you’ll want to add
each IP you use to this line. So, if you have IPs 1.2.3.4 and
5.6.7.8, then your line will look like:
ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8 : 1.2.3.4 : 5.6.7.8
Now, move to the TRANSPORTSTART
section and add
this in the text box:
# Added for Amazon SES
remote_smtp_smart_dkim:
driver = smtp
hosts_require_auth = *
hosts_require_tls = *
interface = ${if exists {/etc/mailips}{${lookup{$sender_address_domain}lsearch*{/etc/mailips}{$value}{}}}{}}
helo_data = ${if exists {/etc/mailhelo}{${lookup{$sender_address_domain}lsearch*{/etc/mailhelo}{$value}{$primary_hostname}}}{$primary_hostname}}
dkim_domain = $sender_address_domain
dkim_selector = default
dkim_private_key = "/var/cpanel/domain_keys/private/${dkim_domain}"
dkim_canon = relaxed
remote_smtp_smart_regular:
driver = smtp
hosts_require_tls = *
hosts_require_auth = *
interface = ${if exists {/etc/mailips}{${lookup{$sender_address_domain}lsearch*{/etc/mailips}{$value}{}}}{}}
helo_data = ${if exists {/etc/mailhelo}{${lookup{$sender_address_domain}lsearch*{/etc/mailhelo}{$value}{$primary_hostname}}}{$primary_hostname}}
###
OK, you’re done with your setup inside of WHM.
Step 3
Now it’s time to move to the command line. You can use an SSH session or the terminal inside of WHM. Either way, you need Root access to change the next set of files.
There are 3 files we’ll be editing, they are the
/etc/exim.conf.local
, /etc/smarthosts
and
/etc/staticroutes
files. Starting with the
/etc/exim.conf.local
, add the following under the
@[email protected]
section:
# Added for Amazon SES
hostlist smart_hosts = lsearch;/etc/smarthosts
###
Save and close the file.
Now, for the /etc/smarthosts
file, add:
# Added for Amazon SES
domain_1.tld: Amazon_SES_Server
domain_2.tld: Amazon_SES_Server
###
Here, you’ll need to change the
domain_1.tld
entry to the domain you’ll be having
email sent through Amazon SES. The Amazon_SES_Server
entry should be changed to the appropriate Amazon server given to
you during your setup, such as
email-smtp.us-west-1.amazonaws.com
or something
similar.
You’ll do the same for domain_2.tld
and add any
additional domains that you want to use the Amazon SES domain
on.
Save and close the file.
Now, for the /etc/staticroutes
file,
you’ll configure it the exact same as the
/etc/smarthosts
file. It’s not clear if a
symlink will work and I haven’t tried it, so if you decide to try
and it works for you, let me know in the comments!
Step 4
Now, your files are all setup, the Exim configuration on your cPanel server is all setup. Just one more step. Run:
/scripts/buildeximconf
That’ll rebuild the Exim configuration and put all the changes that you have done into action. It’ll also check for syntax errors, so if you have any, pay attention to the errors and correct as needed.
From here, perform some email sending to validate that
it’s all working and you should be well on your way to having a
setup that uses Amazon SES, but only for the domains listed in the
/etc/smarthosts
and /etc/staticroutes
configuration files.