In an effort to resolve a few issues (seems like I was outgrowing the memory usage I had and the next step up was far too expensive), I ended up migrating Cloudron to a new server. The server is configured with the primary IP assigned by the provider, plus it has a failover IP I assigned to it. Cloudron is configured to use the failover IP per the Network settings, but yet it seems some (or all) emails are being sent out on the primary IP instead of the failover IP set in Network settings. Is this always the case? I think I had it working with just the failover IP before in months past.
Here is an error I see for some people sending to Gmail addresses in particular (but funny enough no other receiving mail servers yet):
"message": "550 5.7.1 [<primaryIP>] The IP you're using to send mail is not authorized to send email directly to our servers. Please use the SMTP relay at your service provider instead. Learn more at https://support.google.com/mail/?p=NotAuthorizedError n1si17186552jat.109 - gsmtp",
The primary IP looks like: 51.79.xx.xx
The failover IP looks like: 51.222.xxx.xx
The Network settings is set to use the 51.222.xxx.xx failover IP address. So why is email going out on the primary IP instead?
I believe I've worked around this temporarily by editing the SPF record to include my IP address, but it's a pain when I have to add that for many different domains. I'd like to ultimately resolve this so email is sent on the failover IP assigned in Cloudron.