Integrating Google Apps with cPanel domains

Dan

Moderator
First off thanks to BAlGaInTl for the original write up on how to integrate with DirectAdmin. Much of how to do this is the same as BAlGaInT's post and you can accomplish the goal using his write-up as well but since it is a different control panel I thought I would make a post as well.

Google Apps is an offering by Google to help out with a number of things most significantly (in my opinion) is email storage. With the standard (free) account each user (up to 100) gets 7Gb of storage. In addition to email there is also Google docs, calendar, a custom start page, and their Chat utility as well. Head on over there and read up on it if you'd like more information.

Sign up for a Google Apps account for your domain.

Once in the control panel there will be a link to verify ownership. I never even bothered to try the html route as the CNAME is very easy to do.

Log in to WHM and go to Edit DNS Zone. Select the domain you're adding Google Apps to and click edit. At the bottom you will find where to enter new records. Enter the random string from Google, select CNAME, and put in google.com. (have to have the period at the end).

ai536.photobucket.com_albums_ff322_dmorgan002_whm_dns_edit1.jpg


And then click Save.

On the Google Apps page click I have completed this step. At this point Google claims this can take up to 48 hours but I have always seen it happen very quickly.

I then customize/configure the services I want to use. Click the service name (Ex: Start Page) and configure it as you want. I like to give access to the services being used through subdomains as they are much easier to remember. As you go through and do this you will be told to add the CNAME to your DNS zone which you can do at that time or you can do all at one time. I use the subdomain "email" for email rather than "webmail" because cPanel has that one pretty well tied up, I'm sure it could be changed but I didn't find it worth the trouble to do so. Here is what I end up which sets up email.domain.com, start.domain.com, calendar.domain.com, and docs.domain.com.

ai536.photobucket.com_albums_ff322_dmorgan002_whm_dns_edit2.jpg


Then we need to modify and add MX records so that email gets routed to the Google servers instead of locally. Click the link under Email to Activate email. This will give you instructions on how to modify your DNS zone. I modify my local MX to be higher than Google's. That way if there is ever a problem then my server will catch the email and when Google's come back up it will be spooled off to them. Local accounts can NOT exist for this work. If they do then when the email is received the system will spool it into that users inbox rather than spooling it off to Google's server when it comes back up. Here is what you should end up having (the order does not matter) note that the record pointing to domain.com has been changed to 40.

ai536.photobucket.com_albums_ff322_dmorgan002_whm_dns_edit3.jpg


Once you click to save the DNS zone you will be informed that cPanel is not handling the email for this domain any longer. That's fine it's not supposed to be since we just changed to Google's servers.

You will also need to either add or modify your SPF record for the domain. Google gives you one but in order for your VPS to also be allowed do not use it. Here is what I have mine set to.

ai536.photobucket.com_albums_ff322_dmorgan002_whm_dns_edit4.jpg


At any time during this process you can delete the googlerandomstring CNAME once the control panel shows that it has been verified.

Now simply create your users. By default they will be assigned a temporary password and will be prompted to change it at first login. You can instead assign a password for them if you know what it should be. At first login all users will also have to verify a CAPTCHA image.

Everything should be good to go now except for migrating everything over. I found that simply adding the new account to my email client (go to "Settings" and then "Forwarding and POP/IMAP" to enable) and copying emails over worked well although I did read posts of people trying to copy too much and it caused problems. I kept it to a max of 12megs at a time and didn't have any trouble.
 
I have a shared hosting account from KH that used CPanel, how to verify by add the CNAME Record and edit the MX entry? The tuts above for VPS that use WHM.
 
You can check record resolution with the help of the "nslookup" utility. For example to check if "test.domain.com" has an "A" or "CNAME" record you can run the following command on your computer:

Code:
nslookup test.domain.com

to check domain's MX record(s) use the following command:

Code:
nslookup -q=mx domain.com


You do not have access to WHM with the shared hosting account. Please feel free to open a support ticket if you'd like to add/modify/remove DNS records for your domain.
 
Hi Andy,

Can you open a ticket with: The path to ImageMagick you are trying to use The full error message if applicable you receiveThe subdomain issue - the sub domains appear setup and operational, but arent showing as subdomains although they appear in the dropdown menu in the subdomain page. Well have to do some testing on this one although well probably have to refer it up to cPanel Inc as that part of the system is their proprietary encrypted code.
 
Hi Nnyan,

You can just leave it to automatically detect. If you configure as shown then it will be a secondary or backup MX.
 
Great tutorial, Dan. Thank you. I'm seriously thinking about switching my VPS email to Google Apps to conserve some power. I have a couple of questions, though.

If I'm using Google Apps for all VPS email, what can I have KH disable concerning email to conserve VPS power? And how will the server handle form mail at that point? Do you think it will be safe to disable ClamAV at that point?

Sorry for the noob questions. :D
 
Hi Kingtas,

I wouldn't have KH disable or turn off anything, do it yourself! ;)

Really what you're saving will be CPU and RAM for email, spam, and AV scanning if you use them. I would not recommend disabling Exim. But the spam engine and AV scanning, sure you can disable those if you would like. Spam scanning there is no question. AV scanning you might want to think about a bit as people can still upload infected files. If all you had Clamd enabled for was email however then by all means go ahead and disable it. I know that both spam engines and Clamd are ram hogs so can definitely see why you would want to do this.

And there's no such thing as a noob question :)

PS: It has been a while since this post was done and I have not added it to any domains recently so if you run into anything different than what is shown let me know and we'll see about getting it updated.
 
This tutorial may be outdated.

The MX servers recommended by google are a little different:
10
ASPMX.L.GOOGLE.COM.
20
ALT1.ASPMX.L.GOOGLE.COM.
30
ALT2.ASPMX.L.GOOGLE.COM.
40
ASPMX2.GOOGLEMAIL.COM.
50
ASPMX3.GOOGLEMAIL.COM.
So I have two questions:

1. Do we have to do the SPF record step (it's on this tutorial, but google does not say anything about it)??

2. What do I choose on "E-mail routing for..."?
  • Automatically Detect Configuration: Local (recommended)
  • Local Mail Exchanger
  • Backup Mail Exchanger
  • Remote Mail Exchanger
 
Hello Marcelos :)

I did some digging around in Google's help system and see where their email servers as listed in the original post are still viable. I have no idea why they would drop some off the end but with so many it should not ever use them anyways. But thank you for pointing it out!

1. Do we have to do the SPF record step (it's on this tutorial, but google does not say anything about it)??

I do believe that there is a button or a link to get some tips on SPF in the configuration you run through although as I stated you do not want to use their suggested as then your own VPS will not be included. And as for whether or not you want to even add an SPF record that is your choice but it will help with keeping emails sent from your domains from ending up in the recipient's junk mail folders :)

2. What do I choose on "E-mail routing for..."?

At the end of my post you should see
Once you click to save the DNS zone you will be informed that cPanel is not handling the email for this domain any longer. That's fine it's not supposed to be since we just changed to Google's servers.
The system will autodetect (via the external MX records) that it is not handling email any longer and configure appropriately :)

Hope that helps!
 
Top