Issue smtp directly from gateway
-
Hello,
I'm strange issue .
I've 5 server which will send mails.
one mail server which will be sending and receiving mails. all other 5 server to send SMTP request to my mail server and that mail server will forward it.
Servers LAN-IPs. 10.10.1-5
Mail Server with 2 NIC :
WAN Public : x.x.x.x <== set with MX / SPF / DKIM / PTR / DMARC DNS entries LAN-IP : 10.10.10.1
Currently I've installed postfix to 5 server and added relayhos= [10.10.10.1] and mynetwork=10.10.1.0/24 on each server .
But when I sent email from any server it shows following logs
Nov 29 10:55:53 localhost postfix/master[13244]: daemon started -- version 2.6.6, configuration /etc/postfix
Nov 29 11:12:41 localhost postfix/postfix-script[13735]: stopping the Postfix mail system Nov 29 11:12:41 localhost postfix/master[13244]: terminating on signal 15 Nov 29 11:12:41 localhost postfix/postfix-script[13807]: starting the Postfix mail system Nov 29 11:12:41 localhost postfix/master[13808]: daemon started -- version 2.6.6, configuration /etc/postfix Nov 29 11:14:12 localhost postfix/pickup[13810]: C66952006DA: uid=0 from= Nov 29 11:14:12 localhost postfix/cleanup[13825]: C66952006DA: message-id=20181129061412.C66952006DA@localhost.localdomain Nov 29 11:14:12 localhost postfix/qmgr[13811]: C66952006DA: from=, size=498, nrcpt=1 (queue active) Nov 29 11:14:13 localhost postfix/smtp[13827]: C66952006DA: to=, relay=10.10.10.1[10.10.10.1]:25, delay=1.1, delays=0.1/0.01/0/0.94, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as 12D4F8917E) Nov 29 11:14:13 localhost postfix/qmgr[13811]: C66952006DA: removedBut when I received mail and check source header found my gateway Public IP instead of mail Public IP.
One of my server configuration :
ponstconf -n
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
debug_peer_level = 2
html_directory = no
inet_interfaces = loopback-only
inet_protocols = all
mail_owner = postfix
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
mydestination = $myhostname, localhost.$mydomain, localhost mynetworks = 10.10.1.0/24, 127.0.0.0/8
newaliases_path = /usr/bin/newaliases.postfix
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.6.6/README_FILES
relayhost = [10.10.10.1]
sample_directory = /usr/share/doc/postfix-2.6.6/samples
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
unknown_local_recipient_reject_code = 550I dont get it why my gateway IP being used to send email instead of mail server. I've created virtual interface for mail server wan.
Regards
-
@scorpoin said in Issue smtp directly from gateway:
Servers LAN-IPs. 10.10.1-5
Mail Server with 2 NIC :
WAN Public : x.x.x.x <== set with MX / SPF / DKIM / PTR / DMARC DNS entries LAN-IP : 10.10.10.1
....
I've created virtual interface for mail server wan.
....Your mail servers are multi homed ? If not : great : no one will make anything out of it. A network graph will be much appreciated. Btw : Do not expect to find "postfix" help on a "pfsense" forum.
-
Yeah really confused how pfsense comes into play here.. Your not running any sort of postfix forwarder package or anything on pfsense?
Your mail server is behind a nat.. If you want it to "present" its public IP vs is actual local IP that is on the configuration of the MTA.
As to what IP pfsense actually uses for source for outbound nat - well that would be in your outbound nat settings.
-
@johnpoz Thanks
Could you guide me a bit to create out bount/
Let say
Interface = WAN
Source = any
source port = 25Destination : Type = network
Address = (my-public-ip-mail-server)
source port = 25correct me if im making a wrong rule for outbound NAT
-
source port would not be 25... And out of the box its going to use your WAN for the nat anyway..
If you want it to use some VIP you would have to call that out..
And NO it would not be address your public IP mail server..
What exactly are you trying to do??? You have 5 servers behind pfsense??? You have 4 servers outside pfsense and 1 behind?
But when I received mail and check source header found my gateway Public IP instead of mail Public IP.
So you have what on the WAN of pfsense for IPs.. Its normal IP and then some VIPs you setup??
-
Let me check and will get back to you .
Thanks