LogoفارسیFA

Sender Rewriting Scheme (SRS) in Exim Version 4.96 on cPanel & WHM

This article explains how Exim 4.96 handles Sender Rewriting Scheme (SRS) in cPanel & WHM version 108 and later. It covers the changes introduced in Exim, how routers and transports must be updated, when SRS is required, and how new SMTP authentication options in the Basic Editor can simplify smarthost configurations.

Exim SRSSPF ForwardingSmarthost Authentication

~3 min read • Updated Feb 23, 2026

1. Overview


In cPanel & WHM version 108, Exim was upgraded to version 4.96. This update requires explicit configuration directives to determine when Sender Rewriting Scheme (SRS) should be applied when your server forwards email. These requirements apply to both cPanel-provided routers/transports and any custom configurations created in the Advanced Editor of the Exim Configuration Manager.


Note: Your existing Exim customizations may not require changes. However, if required changes are not applied, forwarded messages may be rejected by destination servers that enforce strict SPF policies.



2. What Changed in the cPanel & WHM Server


Routers and transports responsible for sending mail must now determine whether a message was processed by a local forwarder and apply SRS rewriting when necessary. cPanel accomplishes this by creating a duplicate version of the transport.


2.1 Transport Duplication


The duplicated transport includes two additional directives:

max_rcpt    = 1
return_path = ${srs_encode {SRS_SECRET} {$return_path} {$original_domain}}

2.2 Router Logic Update


Routers are updated to choose between the original transport and the SRS-enabled transport based on whether the nominal recipient matches the original recipient:

transport = ${if eq {$local_part@$domain} \
                {$original_local_part@$original_domain} \
                {custom_transport} {custom_transport_srs}}

For more details, refer to the Exim Configuration Manager documentation and the Exim SRS documentation. You can also review examples in the lookuphost router and the remote_smtp and remote_forwarded_smtp transports in the Advanced Editor.



3. Possible Configuration Changes


You may need to adjust your configuration depending on how your server handles forwarded messages.


3.1 Configurations That Require Changes


  • Custom smarthost configurations — Because the smarthost will eventually deliver the forwarded message, SRS must be applied to ensure SPF checks pass.

3.2 Configurations That Do Not Require Changes


  • Sending duplicate outgoing messages to an archival server — Since the archival server is not the forwarder’s target, SRS is not required. You may still apply SRS for consistency.


4. SMTP Authentication Support in the Basic Editor


In cPanel & WHM version 108, a new setting was added to the Basic Editor:

Smarthost requires SMTP authentication


This allows administrators to configure smarthost authentication without using the Advanced Editor.


4.1 How to Use This Feature


  1. Enter a route_list in the Smarthost support field.
  2. Enable Smarthost requires SMTP authentication.
  3. Provide the required Username and Password.

Note: All smarthosts configured through the Basic Editor share the same credentials. To configure multiple smarthosts with unique credentials, use the Advanced Editor.



5. Additional Documentation


For more information, refer to:

  • Exim Configuration Manager documentation
  • Exim SRS documentation
  • Examples in the Advanced Editor (lookuphost, remote_smtp, remote_forwarded_smtp)
  • How to use SendGrid as a Smarthost


Conclusion


Exim 4.96 introduces stricter requirements for SRS handling to ensure SPF compatibility when forwarding email. By updating routers and transports accordingly—and using the new SMTP authentication options in the Basic Editor—you can ensure reliable mail delivery and reduce the need for complex custom configurations.


Written & researched by Dr. Shahin Siami

Next Article