cPanel tips, WHM tips, Linux tips: 2015

Tuesday, November 24, 2015

How to remove CryptoPHP malware – Scan Now

What is CryptoPHP?
CryptoPHP is a threat that uses backdoored Joomla, WordPress and Drupal themes and plug-ins to compromise webservers on a large scale. By publishing pirated themes and plug-ins free for anyone to use instead of having to pay for them, the CryptoPHP actor is social engineering site administrators into installing the included backdoor on their server.

This malware can be controled via a remote server or email. This is a well written piece of code, it can have ,

Auto integrate into most of the CMS like joomla, wordpress , drupal ,etc,.
It is encrypted key based communication between the affected server and control server
Backup and failover mechanisam incase of shut down
Remote manual management , auto update ,etc,.
Thousands of servers and websites affected by this malware. Our clients servers with proactive management are already scanned and protected from this threat . It looks like the inspection limit is increasing.

If you have some shell experience , please use the following methods for identifying the malware
1) Quick check for social*.png files ,

find /home/ -type f -iname "social*.png" -exec grep -E -o 'php.{0,80}' {} \; -print

if you see any files from the above result , then you must delete those files immediately,

2) Check all png file ,

find /home -type f -iname '*.png' -print0 | xargs -0 file | grep "PHP script" > /root/cryptoinfected.txt

Now check all the files listed in /root/cryptoinfected.txt and remove it
3) Check all other files,

You must need to check all other files too , because it is not only infected by png fines and jpeg files,

4) Use clamav or maldetect

You may please update your clamav database and maldetect database . After that run a scan , this will detect the mallware

freshclam
maldetect -U

EDIT : Further investigation found that this malware seems to be attached via email attachments too, so you may need to scan the server email accounts too.

By syslint.com

How to install odoo a.k.a openerp

What is Odoo ?

Odoo is the fastest evolving business software in the world. Odoo has a complete suite of business applications covering all business needs, from Website/Ecommerce down to manufacturing, inventory and accounting, all seamlessly integrated. It is the first time ever a software editor managed to reach such a functional coverage.

System Requirement ?

An Ordinery server with Ubuntu 14.04 LTS installed. You can install it on any platform, but here the documentations are based on the Ubuntu/debian server

Step 1: Create the Odoo user that will own and run the application

# sudo adduser --system --home=/home/odoo --group odoo

Step 2 : Install postgresql database .

# sudo apt-get install postgresql

Step 3 : Create a database user with password

You must remember the password that you are giving

# sudo su - postgres
#createuser --createdb --username postgres --no-createrole --no-superuser --pwprompt odoo
Enter password for new role: ********
Enter it again: ********


# exit

Step 4. Install the necessary Python libraries for the server

# sudo apt-get install python-dateutil python-decorator python-docutils python-feedparser \
python-gdata python-gevent python-imaging python-jinja2 python-ldap python-libxslt1 python-lxml \
python-mako python-mock python-openid python-passlib python-psutil python-psycopg2 python-pybabel \
python-pychart python-pydot python-pyparsing python-pypdf python-reportlab python-requests \
python-simplejson python-tz python-unittest2 python-vatnumber python-vobject python-werkzeug \
python-xlwt python-yaml

Now install wkhtmltox

# sudo wget http://jaist.dl.sourceforge.net/project/wkhtmltopdf/0.12.1/wkhtmltox-0.12.1_linux-trusty-amd64.deb
# sudo dpkg -i wkhtmltox-0.12.1_linux-trusty-amd64.deb
# ln -s /usr/local/bin/wkhtmltopdf /usr/bin/wkhtmltopdf
# ln -s  /usr/local/bin/wkhtmltoimage /usr/bin/wkhtmltoimage

Step 5 : Install git client

# sudo apt-get install git

Step 6 : Install Odoo server

# sudo su - odoo -s /bin/bash
# git clone https://www.github.com/odoo/odoo --depth 1 --branch 8.0 --single-branch .
# exit

Step 7 : Configuring the Odoo / OpenERP application

Now you may need to setup the odoo-server.conf and the startup script as follows,

#sudo cp /home/odoo/debian/openerp-server.conf /etc/odoo-server.conf
#sudo chown odoo: /etc/odoo-server.conf
#sudo chmod 640 /etc/odoo-server.conf

Now edit the file /etc/odoo-server.conf and modify or add the lines as follows,

db_password = NEWPASSWORD   ( Change it to the password that you used on step 3 )
addons_path = /home/odoo/addons
logfile = /var/log/odoo/odoo-server.log

Now create the log folder and set permissions

# mkdir -pv /var/log/odoo/
# touch /var/log/odoo/odoo-server.log
# chown -R odoo: /var/log/odoo/

Step 8 : Installing the init scripts

You can download an init script from http://files.syslint.com/odoo/odoo-server.txt

# wget  http://files.syslint.com/odoo/odoo-server.txt
# mv odoo-server.txt /etc/init.d/odoo-server
# chmod 750 /etc/init.d/odoo-server
# chown root:root /etc/init.d/odoo-server

Step 9. Testing the server

Start the server

# /etc/init.d/odoo-server start

You check the log file,

# tailf /var/log/odoo/odoo-server.log

Now you can login to the Odoo server  from the following link,

# http://IP_or_domain.com:8069

You will see a database initialization wizard . You need to give the master password , by default it will be “admin” . I recommend to change the password to a complex one.

Step 10 : Add the init scripts to the startup scripts

You may please add it as follows,

# sudo update-rc.d odoo-server defaults

How to Install node.js on a cPanel Server

nstallation of node.js is not yet officially supported by cPanel.However It’s still a feature request .

(Discussion at Official cPanel Forum too )

What is Node.Js?

Node.js is an application development software written in and for javascript for real-time event-driven applications,more at http://en.wikipedia.org/wiki/Node.js

The Installation Procedure:

Installing node.js on a cPanel VPS doesn’t involve any complex tasks. Prior beginning the installation make sure following requirements are met:

GCC 4.2 or newer
Python 2.6 or 2.7
GNU Make 3.81 or newer

Run and Update for any software in the above list (If not up to date).

Initially download latest version from nodejs.org .

wget http://nodejs.org/dist/v0.11.9/node-v0.11.9.tar.gz

Next, extract the node.js tarball and install it:

tar -xzvf node-v0.11.9.tar.gz
cd node-v0.11.9
./configure
make && make install

The installation will take a while to complete . Now upon completion we could test it working.Check the version

[root@sh csf]# node -v
v0.11.9

[root@sh csf]# which node
/usr/local/bin/node
[root@sh csf]# /usr/local/bin/node –help

Usage: node [options] [ -e script | script.js ] [arguments]
node debug script.js [arguments]

Options:
-v, –version print node’s version
-e, –eval script evaluate script
-p, –print evaluate script and print result
-i, –interactive always enter the REPL even if stdin
does not appear to be a terminal
–no-deprecation silence deprecation warnings
–trace-deprecation show stack traces on deprecations
–v8-options print v8 command line options
–max-stack-size=val set max v8 stack size (bytes)

Environment variables:
NODE_PATH ‘:’-separated list of directories
prefixed to the module search path.
NODE_MODULE_CONTEXTS Set to 1 to load modules in their own
global contexts.
NODE_DISABLE_COLORS Set to 1 to disable colors in the REPL

Documentation can be found at http://nodejs.org/

Testing the Installation:

Just scroll to cd /usr/local/cpanel/htdocs

vi server.js

var http = require(“http”);
http.createServer(function(request, response) {
response.writeHead(200, {“Content-Type”: “text/plain”});
response.write(“Hello Test”);
response.end();
}).listen(8080);

save and quit

Open the port 8080 in your firewall via csf conf .

vi /etc/csf/csf.conf

TCP IN, OUT ===>8080
save and quit

csf -r

(from the dir/usr/local/cpanel/htdocs execute below )
/usr/local/bin/node server.js

Now access http://ip.add.re.ss:8080

You will get a confirmation message in your browser that says “Hello World”.

Extra:
If you need to direct traffic for our domain to the node.js build, you could implement it using via the .htaccess file by following rules.

RewriteEngine on
RewriteCond %{HTTP_HOST} ^domain\.com$ [OR]
RewriteCond %{HTTP_HOST} ^www\.domain\.com$
RewriteRule ^(.*) “http\:\/\/127\.0\.0\.1\:8080\/$1” [P,L]

Your domain name replaces “domain” in the above example. Just visit your domain again!

The above installation is tested under latest cpanel .

[root@sh]# cat /usr/local/cpanel/version
11.44.1.19
[root@sh]#

Let us know whether any sort of change or modification is needed for above installation, suggestions are invited!

By syslint.com

Managing Multiple Hard Drives with cPanel

f you have a server with single standalone drives, you may have considered the possibility of adding additional hard drives to provide more disk capacity to your system. Luckily, this is very easy to set up and use with cPanel.

First things first, I’ll assume that you already have the hard drive physically installed in your system. This guide will show you how to partition, format, and configure cPanel to use an additional hard drive, in the simplest way possible.

1. Partitioning the Disk

We’ll assume that the additional disk is supplementary to a system that already has an existing drive and OS installation. Therefore, the new disk will usually only need to be one single partition, unless you have different planned uses for it. If this is the second disk in your server, it’s going to be named either /dev/sdb or /dev/hdb, depending on what kind of drive it is. The last letter in the drive name will depend on how many other disks you have in your server, so see this article for a simple explanation on Linux drive mappings.

To find the new disk you added, use fdisk -l, which will list the disks active on your server. The additional disk should show up in the order that it’s physically configured inside the server:

Disk /dev/sdb: 250.0 GB, 250000000000 bytes
255 heads, 63 sectors/track, 30394 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes

If you notice, the already-partitioned volumes also list the partition info. For example, this is what the output for the primary hard drive in my test server looks like, which is already set up with two partitions on the primary drive:

Device Boot Start End Blocks Id System
/dev/sda1 * 1 29884 240043198+ 83 Linux
/dev/sda2 29885 30394 4096575 82 Linux swap / Solaris

The partition information is blank for the new disk, indicating that it has not been partitioned yet. If yours has already been partitioned and you want to keep that structure, you can skip this section and go straight to formatting.

From here, I want to create one partition which will be /home2 on this server, to provide additional capacity for users on this system. GNU parted is a simple command line utility to manage disk partitions, and I’ll use this to create a partition on my new hard drive:

parted /dev/sdb

Once in parted, type print free to show how much space is available to be partitioned:

Number  Start   End    Size   Type  File system  Flags
        0.00kB  250GB  250GB        Free Space

Since I’m only creating one partition, I use the parted mkpart command to specify the start and end space to occupy the whole disk:

(parted) mkpart
Partition type? primary/extended? primary
File system type? [ext2]? ext3
Start? 0kB
End? 250GB

Then when I type in print, I see my new partition listed:

Number Start End Size Type File system Flags
1 0.51kB 250GB 250GB primary

Now, if you’re creating multiple partitions on the disk, do the same thing, but modify the start and end parameters to sequentially create your partitions. In the above example, that partition would have a device name as /dev/sdb1, since it’s the partition numbered 1 on disk /dev/sdb. If I had a second and third partition, they would be named /dev/sdb2 and /dev/sdb3, respectively.

Type quit to close the parted session.

2. Formatting and Configuring the Disk

Once you’ve created the partitions, you can format them easily with mkfs.ext[2|3], using the device name as the argument:

For ext2: mkfs.ext2 /dev/sdb1
For ext3: mkfs.ext3 /dev/sdb1
For ext4: mkfs.ext4 /dev/sdb1

Repeat this for all the partitions you created, which will be numbered started as /dev/<device><partition>. My example is using the first partition of the second SCSI hard drive, so the partition device name is /dev/sdb1 . You can also find the new partition names by running fdisk -l again to see the names of the partitions for the new disk.

I also prefer to set the reserved disk space for the root user, as by default this will be 5% of the total partition size. This means for my 250GB disk, about 12GB is being reserved, which is a bit excessive. I instead usually set this to 2500 blocks:

root@server [~]# tune2fs -r 2500 /dev/sdb1
tune2fs 1.39 (29-May-2006)
Setting reserved blocks count to 2500

TIP: You can also pass -m <%> to the mkfs.ext[2|3] commands to set the percentage for reserved disk space during formatting, which can of course be changed later with tune2fs

3. Labeling and Mounting the Disk

Now, you need to label the disk and add it to fstab. In my example, I want to label the disk as /home2, so I’d use thee2label command and pass the partition’s device name and my desired label as arguments:

e2label /dev/sdb1 /home2

This can be confirmed by typing e2label /dev/sdb1:

root@server [~]# e2label /dev/sdb1
/home2

In order to mount the partition, it needs a mount point, and to be added to the file system table. Since the partition will be mounted as /home2, I created a folder called /home2, and added the following to /etc/fstab:

LABEL=/home2 /home2 ext4 defaults,usrquota,noatime 0 0

The LABEL value would be set to the label you used in e2label. Replace ‘ext4’ with the partition type you created in step 2. To find out more about the fstab file, see this article. Again, you need to repeat these steps for each partition you created.

After you do this, you can mount the new partitions normally:

mount /home2

4. Setting up cPanel

As far as setting up cPanel, there’s only one file you have to edit – /etc/wwwacct.conf.

HOMEDIR : The location where all new user home folders will be created (/home by default)
HOMEMATCH: Additional home directories that will also be used for new home directory creations – only takesone value, leaving blank disables.

So, if you want to specify the partition/folder that all users are set up on, edit the HOMEDIR value and leave HOMEMATCH blank. If you specify a value for HOMEMATCH, cPanel will pick the partition based on which one has the most free space available.

For example, if you specify “home” for HOMEMATCH, it will configure users in the following locations:

/home
/home* (/home2, /home3, etc)
/anythingwith/home
/usr/home

By thecpaneladmin.com

Increasing the Size of tmpDSK (/tmp)

You may have noticed that cPanel’s default partition size for /tmp is 512 MB, which in some cases can be way too small. The /tmp partition on cPanel servers, assuming it was the one cPanel created and not one you did yourself, is a file-base

d partition that can easily be resized.

By default on most servers, /tmp is the temporary dumping place for a lot of things, for example:

PHP session files
PHP temporary file uploads
MySQL temporary files
Cache files for certain Apache modules

Most software that uses temporary files or sessions will automatically prefer to use /tmp – this folder is usually set to 777 permissions and therefore writeable by every user on the server.

When your /tmp partition fills up, it can cause noticeable problems for your users. If you run a larger server, the /tmp folder can fill up quickly and be very annoying as far as maintenance is concerned. Fortunately there is a very easy way to increase the size of this partition on a standalone server.

Stop MySQL, Apache, and cPanel to prevent writing to the /tmp partition
Copy the contents of /tmp to another location, such as /home (cp -rfp /tmp /home)
Unmount /tmp. If you’re unable to, you can do an lsof (lsof |grep /tmp) to see what processes are still writing to it, and kill them off. Or do a lazy unmount (umount -l /tmp) .
Delete /usr/tmpDSK (rm -rf /usr/tmpDSK)

Now open /scripts/securetmp and look for this line:

my $tmpdsksize = 512000; # Must be larger than 250000

And change the “512000” value to your desired size in MB, and save the file. Now run the following script to recreate /tmp:

/scripts/securetmp

This will recreate your /tmp (tmpDSK) partition using the size you specified. While the securetmp script may be overwritten in a cPanel update, the size of /tmp will not be affected one you alter its size.

By thecpaneladmin.com

How to FSCK a Linux Filesystem

There comes a time in every sysadmin’s life where filesystem errors just…happen. Luckily, these are somewhat easy to fix, assuming you don’t have a greater problem involving physical hardware damage.

First, you need to know the name of the disk device having the problem. Do a quick df to see what device the affected partition is on:

Filesystem      Size Used Avail Use% Mounted on
/dev/sda3       2.7T 2.6T 106G 97% /
/usr/tmpDSK     4.0G 1.7G 2.2G 44% /tmp

Look under the “Filesystem” column to see the device name for the partition in question. Now, if this is any filesystem but “/”, your job is probably going to be easy. Simply unmount the file system and run a fsck against it. For example, if you have a separate /home partition listed as /dev/sda3, you would do:

umount /home
fsck -yC /dev/sda3

There are a number of options for fsck, but the above combination is my personal preference. The ‘y’ tells the fsck to fix whatever error sees, which is preferable unless you feel that your index finger has the stamina to hit ‘y’ 500 times in a row, and the ‘C’ prints out a pretty little progress bar so you can keep an eye on it. Ext4 fiesystems fsck rather quickly – typically less than an hour for a 2TB filesystem. Ext3 takes significantly longer.

Now, unmounting a filesystem may not be straight-forward – if any services are actively using files on that partition, the OS will refuse to unmount it. Doing a lazy unmount (umount -l) won’t work here either – you need to unmount it cleanly. To see what processes are using the filesystem in question, use lsof. From the above example:

lsof -p |grep /var/

Then stop any services or processes using it.

If the filesystem issue is on your primary partition, you have a little more work ahead of you. You’re going to need to boot into a rescue image. To do this, simply use a Netinstall image and boot to the CentOS installation screen, then type:

linux rescue nomount

You can skip networking and all that jazz, then run the shell. From there, you’ll need to find the partition in question and run the same fsck command. Do note that on CentOS 6+, the device name may be incremented since it will count the rescue image as the first device in most cases. So your /dev/sda3 might be /dev/sdb3 now, or even /dev/sdc3.

Once the fsck is done, reboot and confirm your filesystem is clean:

dumpe2fs -h /dev/sda3

The “Filesystem state” line should read “clean”. If it doesn’t, the fsck either didn’t complete correctly, or you have a larger problem on your hands.

By thecpaneladmin.com

Changing Exim’s Sending IP

Anyone running a shared hosting server is probably now accustomed to dealing with constant complaints about blacklisting. It’s exim’s default setup on a cPanel server to use the shared IP of the server to send email, which means that all your clients on one server are sending out email on the same IP. All it takes is for one spammer to send out a mailing list or one customer to get hacked and run a Darkmailer script, and suddenly everyone on your server seems to be complaining about getting their mail bounced.

You can change the server’s IP address for sending email. Assuming you already have an IP set up on your server with a valid PTR, you probably already saw on the cPanel forums or some other location that you can simply change the interface lines in your /etc/exim.conf file and restart exim:

remote_smtp:
driver = smtp
interface = ${if exists {/etc/mailips}{${lookup{$sender_address_domain}lsearch*{/etc/mailips}{$value}{}}}{}}
helo_data = ${if exists {/etc/mailhelo}{${lookup{$sender_address_domain}lsearch*{/etc/mailhelo}{$value}{$primary_hostname}}}{$primary_hostname}}

dk_remote_smtp:
driver = smtp
interface = ${if exists {/etc/mailips}{${lookup{$sender_address_domain}lsearch*{/etc/mailips}{$value}{}}}{}}
helo_data = ${if exists {/etc/mailhelo}{${lookup{$sender_address_domain}lsearch*{/etc/mailhelo}{$value}{$primary_hostname}}}{$primary_hostname}}
dk_private_key = "/var/cpanel/domain_keys/private/${dk_domain}"
dk_canon = nofws
dk_selector = default

In the above example, all you’d do is comment out the interface lines and replace them with:

interface = xx.xx.xx.xx

However, this tends to be a band-aid fix, as a cPanel update or any change made in WHM’s Exim Configuration Editor will regenerate the Exim config and overwrite your change. To make this more permanent, you’ll want to use the /etc/mailips file.

To set this up initially, go into WHM > Exim Configuration and enable this option:

** Send outgoing mail from the ip that matches the domain name in /etc/mailips (*: IP can be added to the file to change the main outgoing interface) [?]

Or, in /etc/exim.conf.localopts, add/change this line:

per_domain_mailips=1

Then run

/scripts/buildeximconf
service exim restart

*The /etc/mailips file should be root:exim, chmod 440 if it doesn’t already exist.

chattr +i /etc/mailips

Now for actually changing the IP:

Changing the IP Globally

If you want everyone on the server to send out on the same IP, just add the following to /etc/mailips:

*: xxx.xxx.xxx.xxx

Then add the IP and it’s matching PTR to /etc/mail_reverse_dns:

xxx.xxx.xxx.xxx hostname.tld

This will tell Exim to use that IP for any sender on the server.

Changing the IP Per Domain

If you want your users with dedicated IP addresses to be able to use those IPs to send email as well, you can add them to /etc/mailips. cPanel actually now has documentation on how to do this properly:

http://docs.cpanel.net/twiki/bin/view/AllDocumentation/WHMDocs/EximDifferentIps

If you have multiple dedicated IP domains already, I’ve devised a simple loop you can use to populate /etc/mailips automatically:

while read line ; do DOMAIN=`echo -e $line |awk '{print $2}'` && IP=`echo -e $line |awk '{print $1}' |cut -d: -f1` && echo "$DOMAIN: $IP" >> /etc/mailips ;done < /etc/domainips

You’ll always want the wildcard line to be in there to account for any domain not listed in the file, whether it is the main server’s IP or another that you have assigned for email:

*: xxx.xxx.xxx.xxx

Then:

cp /etc/domainips /etc/mail_reverse_dns

This will set all the existing sites on dedicated IPs to send out mail on those IPs.

By thecpaneladmin.com

SendGrid on cPanel/WHM

Setting up your cPanel server to send through a third-party mail server is very easy to do, if you understand the basics of how cPanel builds its Exim configs. You never want to edit your exim.conf file directly – your changes will be wiped out any time a cPanel update runs or someone makes a change via the Exim Configuration Editor in WHM. Below is a quick guide on setting up a custom mail router with a provider like SendGrid, which in turn will route all outbound email through the external mail service.

The below instructions cover how to do this via command line. If you prefer WHM, simply go to WHM -> Exim Configuration Manager -> Advanced Editor and alter the sections indicated.

First, open up your /etc/exim.conf.local file in an editor and look for the @AUTH@ section. Modify it to look like this:

@AUTH@
sendgrid_login:
driver = plaintext
public_name = LOGIN
client_send = : <user> : <password>

Of course, replace <user> with your SendGrid username and <password> with your SendGrid account password. If you already have something in the AUTH section, simply add this block of text below it.

Now look for the @PREROUTERS@ section, and modify it to look like this:

@PREROUTERS@
send_via_sendgrid:
driver = manualroute
domains = ! +local_domains
transport = sendgrid_smtp
route_list = "* smtp.sendgrid.net::587 byname"
host_find_failed = defer
no_more

The last modification should be to the @TRANSPORTSTART@ section:

@TRANSPORTSTART@
sendgrid_smtp:
driver = smtp
hosts = smtp.sendgrid.net
hosts_require_auth = smtp.sendgrid.net
hosts_require_tls = smtp.sendgrid.net

Now save the file, and apply the changes:

/scripts/buildeximconf

service exim restart

To test whether things are working, send an email out from your server, and look for it in /var/log/exim_mainlog. You should see something like this in your log entry:

2013-10-08 19:37:29 1VTjeS-0000Ac-O3 -> my@email R=send_via_sendgrid T=sendgrid_smtp H=smtp.sendgrid.net [x.x.x.x] X=TLSv1:DHE-RSA-AES256-SHA:256

If you have SPF records, you’ll need to add the hostname of the SMTP server to the record itself to allow the third-party mail server to send email on behalf of your domain. Sendgrid will provide the hostname you should use.

By thecpaneladmin.com

Mandrill on cPanel/WHM

Mandrill is a transactional email service run by MailChimp, comparable to SendGrid. It comes stock with a powerful API for fast implementation into applications for sending email reliably over SMTP, but it can also be used as a smart host for all of your server’s outgoing email.

The below instructions cover how to do this via command line. If you prefer WHM, simply go to WHM -> Exim Configuration Manager -> Advanced Editor and alter the sections indicated.

First, open up your /etc/exim.conf.local file in an editor and look for the @AUTH@ section. Modify it to look like this:

@AUTH@
auth_login:
driver = plaintext
public_name = LOGIN
hide client_send = : your@email : api_key

Note: If exim.conf.local doesn’t exist, create it. There’s a template here.

The value of api_key is not your Mandrill account password – it’s your API key. You can find it in your account settings under “SMTP & API Credentials”

Also, replace your@email with your Mandrill account email address. If you already have something in the AUTH section, simply add this block of text below it.

Now look for the @PREROUTERS@ section, and modify it to look like this:

@PREROUTERS@
smart_route:
driver = manualroute
domains = ! +local_domains
ignore_target_hosts = 127.0.0.0/8
transport = auth_relay
route_list = * smtp.mandrillapp.com
no_more

The last modification should be to the @TRANSPORTSTART@ section:

@TRANSPORTSTART@
auth_relay:
driver = smtp
port = 587
hosts_require_auth = $host_address
hosts_require_tls = $host_address

Save this file. Now open /etc/exim.conf.localopts and add this line (or modify it and append the hostname to the existing line)

smarthost_routelist=*: smtp.mandrillapp.com

If you’re using WHM, this is under Basic Editor -> Mail -> Smarthost support.

Save the file, and apply the changes:

/scripts/buildeximconf

service exim restart

To test whether things are working, send an email out from your server, and look for it in /var/log/exim_mainlog. You should see something like this in your log entry:

2014-03-11 21:59:50 1WNbGg-0006ud-2d => to@email R=smart_route T=auth_relay H=smtp.us-east-1.mandrillapp.com [x.x.x.x] X=UNKNOWN:ECDHE-RSA-AES256-GCM-SHA384:256 A=auth_login C="250 2.0.0 Ok: queued as 3529E193E178"

If you have SPF records, you’ll need to add the hostname of the SMTP server to the record itself to allow the third-party mail server to send email on behalf of your domain. Mandrill will provide the hostname you should use underSettings -> Sending Domains, when you do an SPF test.

By thecpaneladmin.com