NAT with Spam Filter and Web Servers

  • We have a spam filter on the same network as our webservers sitting behind pfsense as a router/firewall

    We have the 1&1 NAT rules setup to forward each server to its virtual IP, which all works fine.

    When the web server is sending out mail to a client that is using our spam filter. The spam filter is seeing it as coming from the internal IP as it should do because NAT redirection is turned on.

    The issue we have is that the spam filter is blocking the emails from the web servers because the SPF record has got the external IP address on it and they are showing up from the internal IP.

    Is there a way that we can get the external IP to show up instead of the internal one or is there another way to do this?

  • This isn't really a pfSense question. You have to look at the config on your spam filter to see if there's a whitelist option to allow relays from your internal web server. Otherwise, smart host your webserver to some other MTA that won't bother checking the SPF record.

Log in to reply