Exim IP based authentication (DirectAdmin)

  1. Ensure the IP address is added as an authorized smarthost (without authentication)
  2. Ensure the outgoing user has correct limits set matching your traffic volumes
  3. Add the following in the routers section (after begin routers) directly in the /etc/exim.conf file:
  4. spamexperts_smarthost_router:
    driver = manualroute
    domains = ! +local_domains
    ignore_target_hosts =
    condition = "${perl{check_limits}}"
    # Exclude null sender messages from relaying via the smarthost
    condition = ${if or {{!eq{$sender_address}{}} {!eq{$sender_host_address}{}}}}
    headers_add = ${if !eq{$original_domain}{$domain}{X-Forwarded-For: $original_local_part@$original_domain}}
    headers_add = X-AuthUser: $authenticated_id
    transport = spamexperts_smarthost_transport
    route_list = $domain SMARTHOST::587

  5. You MAY have to comment "lookuphost:" router depending on your configuration.
  6. Add the following in the transports section (after begin transports):
  7. spamexperts_smarthost_transport:
    driver = smtp
    # In-case your server continues to send outgoing over port 25 please add the below line
    port = 587
    hosts_require_tls = SMARTHOST

  8. Finally restart Exim.
  9. If you are signing with DKIM on your Direct Admin server you may need to add the following line under hosts_require_tls
  10. .include_if_exists /etc/exim.dkim.conf