Ready to optimize Exim on cPanel?
Well you come to the right spot.
By default, Exim uses decades old defaults for many message timeouts. As a result, Exim often allows failing emails to sit in the email queue for days. In fact, Yahoo! often defers email from cPanel due to these timeout issues. cPanel’s default Exim configuration uses timeouts as long as 5 days. The long timeouts are a remnant from when the networks were unreliable. To assure network interruptions did not block an email, you used long timeouts on mail queues. Mail servers may try an email for days before giving up.
Today, networks are rarely down for more than a few minutes. We also expect emails to arrive nearly instantly. So we don’t need to hold a message longer than a few hours.
To fix this timeout issue, we will use cPanel’s Exim configuration manager to modify a few values, specifically:
- log_selector
- ignore_bounce_errors_after
- timeout_frozen_after
- RETRYBLOCK
By tuning these settings to better fit today’s internet, you can improve email deliverability.
Let’s get started.
Backup Exim Configuration
Before you make any changes to cPanel’s Exim configuration, create a backup. You can do this easily under the Backup tap. Navigate to the Exim Configuration Manager and click on the Backup tab.
I prefer to use the Save on Server option. Just click that option and click the Run Backup button.
Better Logging (log_selector)
While not specifically related to timeouts, I like to adjust the default logging used by Exim. cPanel’s default Exim configuration leaves out some useful information. To modify the log details, you have to change the log_selector fields.
I use this value:
log_slector= +address_rewrite +all_parents +arguments +connection_reject +delay_delivery +delivery_size +dnslist_defer +incoming_interface +incoming_port +lost_incoming_connection +queue_run +received_sender +received_recipients +retry_defer +sender_on_delivery +size_reject +skip_delivery +smtp_confirmation +smtp_connection +smtp_protocol_error +smtp_syntax_error +subject +tls_cipher +tls_peerdn
This increases the verbosity to your logs, which can be helpful in identifying email errors and spam. You may see some tutorials recommend +all but I find that to be too verbose.
Better Bounce Handling (ignore_bounce_errors_after)
Permanently delivery failures occur when Exim cannot deliver the email to the recipient and when there is no valid sender to send the bounce. When this occurs, Exim freezes the bounce message.
Once a message reaches the ignore_bounce_errors_after timeout, Exim tries to deliver the message one more time. If this fails, Exim discards the message.
I recommend you set this to 1 hour.
By setting this to one hour, you can quickly get rid of bounces. Usually, if you cannot send a message within an hour, the message cannot be sent ever, so there’s no reason to keep it around.
Getting Rid of Frozen Messages (timeout_frozen_after)
If timeout_frozen_after is greater than zero, Exim cancels the message on the next queue run. Unlike the ignore_bounce_errors_after settings, this timeout applies to all frozen emails. If the frozen message is a bounce message, Exim discards it; otherwise, Exim sends a bounce to the sender.
I recommend you set this to 8-12 hours.
Network issues can occur, especially if you have clients emailing business with a self-hosted email server. (Yes there are still many small businesses out there with email hosted on an MS Exchange server sitting under a desk).
Retrying Email Delivery (RETRYBLOCK)
The RETRYBLOCK determines when Exim retries email delivery. By default, cPanel uses the following retry block:
+secondarymx * F,4h,5m; G,16h,1h,1.5; F,4d,8h * * F,2h,15m; G,16h,1h,1.5; F,4d,8h
The default configures Exim to retry email delivery every 15 minutes for 2 hours, then with intervals starting at one hour and increasing by a factor of 1.5 up to 16 hours, then every 8 hours up to 5 days.
That’s right up to 5 days. Exim can keep an email in the queue for 5 days!
There’s no need for such long timeouts. Here’s some setting I recommend (based on advice from Mailchannels.com).
* data_4xx F,4h,2m * rcpt_4xx F,4h,2m * timeout F,4h,5m * refused F,1h,10m * lost_connection F,1h,2m * * F,6h,5m
With these rules, we set different timeouts for different conditions. For example, greylisting often uses 400 series error, so here we retry every 2 minutes for 4 hours. A connection timeout is likely a temporary network issue, so we retry in 5 minutes. The last rule catches any other errors and retries every 5 minutes for 6 hours.
Summary
That’s it. Now your cPanel Exim configuration will timeout messages more quickly. By timing out messages faster, your users learn of email bounces sooner. Also, preventing cPanel’s Exim from retrying delivery too frequently, you can reduce the risk of landing on an email blacklist.