Email Server using wrong WAN? (SOLVED)

killmasta93

Hi,
I was wondering if someone has accomplish what im trying to do? I have done with a VIP IP using fiber internet, But Im trying to accomplish this with 3 nics.

So right now have pfSense with WAN,LAN,EMAIL server
See picture

the issue is that when a user sends out an email it goes out with the WAN ip instead of the Email IP which gives me the SPF fail, see picture

I feel like im missing something on the outbound or the 1:1?
Because the incoming works perfect and the website also has no issue.

Thank you
Clipboarder.2016.10.09-004.png

Clipboarder.2016.10.09-005.png

Clipboarder.2016.10.09-006.png

Clipboarder.2016.10.09-008.png

![Email dual IP.jpg](/public/imported_attachments/1/Email dual IP.jpg)
![Email dual IP.jpg_thumb](/public/imported_attachments/1/Email dual IP.jpg_thumb)

viragomann

@killmasta93:

I feel like im missing something on the outbound or the 1:1?

Yes, switch the outbound NAT to Hybrid mode and add a rule to EMAILSERVER interface and set the translation address to the wished outbound IP, presumably the interface address.

However, you will also need to add a firewall rule to the top of LAN rule set, allowing the SMTP outbound and set the gateway to EMAILSERVER GW (policy routing).

killmasta93

Wow thank you so much I am attaching photos if anyone else need this help

Clipboarder.2016.10.09-010.png

Clipboarder.2016.10.09-009.png

killmasta93

Hi,
I So everything was working wonder full with the separation of the Ip but i just realized when it reboots for some odd reason it grabs as the WAN the 200.116.xx.xx when it shows clearly the WAN is the 181.xx.xx.xx, So when it reboots i have to disable the opt1 reboot then re enable the opt1( emailserver). So odd any ideas?

Thank you

killmasta93

Hi,
I So everything was working wonder full with the separation of the Ip but i just realized when it reboots for some odd reason it grabs as the WAN the 200.116.xx.xx when it shows clearly the WAN is the 181.xx.xx.xx, So when it reboots i have to disable the opt1 reboot then re enable the opt1( emailserver). So odd any ideas? Could it be the order of the re0-re2?

Thank you

Edit: i was looking at the system logs found something very odd..

Nov 7 22:36:04 	php-fpm[21478]: /rc.newwanip: pfSense package system has detected an IP change or dynamic WAN reconnection - 200.116.3.14XX -> 200.116.3.14XX - Restarting packages.
Nov 7 22:36:02 	php-fpm[21478]: /rc.newwanip: Creating rrd update script
Nov 7 22:36:02 	php-fpm[21478]: /rc.newwanip: Resyncing OpenVPN instances for interface EMAILSERVER.
Nov 7 22:36:02 	php-fpm[9836]: /interfaces.php: Creating rrd update script
Nov 7 22:36:02 	check_reload_status: Reloading filter
Nov 7 22:36:00 	check_reload_status: updating dyndns opt1
Nov 7 22:35:59 	php-fpm[21478]: /rc.newwanip: rc.newwanip: on (IP address: 200.116.3.14XX) (interface: EMAILSERVER[opt1]) (real interface: re1).
Nov 7 22:35:59 	php-fpm[21478]: /rc.newwanip: rc.newwanip: Info: starting on re1.
Nov 7 22:35:58 	check_reload_status: Restarting ipsec tunnels
Nov 7 22:35:58 	check_reload_status: rc.newwanip starting re1
Nov 7 22:35:58 	kernel: arpresolve: can't allocate llinfo for 200.116.3.X on re1
Nov 7 22:35:58 	kernel: arpresolve: can't allocate llinfo for 200.116.3.X on re1
Nov 7 22:35:58 	kernel: arpresolve: can't allocate llinfo for 200.116.3.X on re1
Nov 7 22:35:58 	kernel: arpresolve: can't allocate llinfo for 200.116.3.X on re1
Nov 7 22:35:58 	kernel: arpresolve: can't allocate llinfo for 200.116.3.X on re1
Nov 7 22:35:58 	kernel: arpresolve: can't allocate llinfo for 200.116.3.X on re1
Nov 7 22:35:58 	kernel: arpresolve: can't allocate llinfo for 200.116.3.X on re1

Clipboarder.2016.11.07.png
Clipboarder.2016.11.07.png_thumb