Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Issue smtp directly from gateway

    General pfSense Questions
    3
    6
    596
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      scorpoin
      last edited by scorpoin

      Hello,

      I'm strange issue .

      I've 5 server which will send mails.

      one mail server which will be sending and receiving mails. all other 5 server to send SMTP request to my mail server and that mail server will forward it.

      Servers LAN-IPs. 10.10.1-5

      Mail Server with 2 NIC :

      WAN Public : x.x.x.x <== set with MX / SPF / DKIM / PTR / DMARC DNS entries LAN-IP : 10.10.10.1

      Currently I've installed postfix to 5 server and added relayhos= [10.10.10.1] and mynetwork=10.10.1.0/24 on each server .

      But when I sent email from any server it shows following logs

      Nov 29 10:55:53 localhost postfix/master[13244]: daemon started -- version 2.6.6, configuration /etc/postfix
      Nov 29 11:12:41 localhost postfix/postfix-script[13735]: stopping the Postfix mail system Nov 29 11:12:41 localhost postfix/master[13244]: terminating on signal 15 Nov 29 11:12:41 localhost postfix/postfix-script[13807]: starting the Postfix mail system Nov 29 11:12:41 localhost postfix/master[13808]: daemon started -- version 2.6.6, configuration /etc/postfix Nov 29 11:14:12 localhost postfix/pickup[13810]: C66952006DA: uid=0 from= Nov 29 11:14:12 localhost postfix/cleanup[13825]: C66952006DA: message-id=20181129061412.C66952006DA@localhost.localdomain Nov 29 11:14:12 localhost postfix/qmgr[13811]: C66952006DA: from=, size=498, nrcpt=1 (queue active) Nov 29 11:14:13 localhost postfix/smtp[13827]: C66952006DA: to=, relay=10.10.10.1[10.10.10.1]:25, delay=1.1, delays=0.1/0.01/0/0.94, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as 12D4F8917E) Nov 29 11:14:13 localhost postfix/qmgr[13811]: C66952006DA: removed

      But when I received mail and check source header found my gateway Public IP instead of mail Public IP.

      One of my server configuration :

      ponstconf -n

      alias_database = hash:/etc/aliases
      alias_maps = hash:/etc/aliases
      command_directory = /usr/sbin
      config_directory = /etc/postfix
      daemon_directory = /usr/libexec/postfix
      data_directory = /var/lib/postfix
      debug_peer_level = 2
      html_directory = no
      inet_interfaces = loopback-only
      inet_protocols = all
      mail_owner = postfix
      mailq_path = /usr/bin/mailq.postfix
      manpage_directory = /usr/share/man
      mydestination = $myhostname, localhost.$mydomain, localhost mynetworks = 10.10.1.0/24, 127.0.0.0/8
      newaliases_path = /usr/bin/newaliases.postfix
      queue_directory = /var/spool/postfix
      readme_directory = /usr/share/doc/postfix-2.6.6/README_FILES
      relayhost = [10.10.10.1]
      sample_directory = /usr/share/doc/postfix-2.6.6/samples
      sendmail_path = /usr/sbin/sendmail.postfix
      setgid_group = postdrop
      unknown_local_recipient_reject_code = 550

      I dont get it why my gateway IP being used to send email instead of mail server. I've created virtual interface for mail server wan.

      Regards

      GertjanG 1 Reply Last reply Reply Quote 0
      • GertjanG
        Gertjan @scorpoin
        last edited by

        @scorpoin said in Issue smtp directly from gateway:

        Servers LAN-IPs. 10.10.1-5
        Mail Server with 2 NIC :
        WAN Public : x.x.x.x <== set with MX / SPF / DKIM / PTR / DMARC DNS entries LAN-IP : 10.10.10.1
        ....
        I've created virtual interface for mail server wan.
        ....

        Your mail servers are multi homed ? If not : great : no one will make anything out of it. A network graph will be much appreciated. Btw : Do not expect to find "postfix" help on a "pfsense" forum.

        No "help me" PM's please. Use the forum, the community will thank you.
        Edit : and where are the logs ??

        1 Reply Last reply Reply Quote 0
        • johnpozJ
          johnpoz LAYER 8 Global Moderator
          last edited by johnpoz

          Yeah really confused how pfsense comes into play here.. Your not running any sort of postfix forwarder package or anything on pfsense?

          Your mail server is behind a nat.. If you want it to "present" its public IP vs is actual local IP that is on the configuration of the MTA.

          As to what IP pfsense actually uses for source for outbound nat - well that would be in your outbound nat settings.

          An intelligent man is sometimes forced to be drunk to spend time with his fools
          If you get confused: Listen to the Music Play
          Please don't Chat/PM me for help, unless mod related
          SG-4860 24.11 | Lab VMs 2.7.2, 24.11

          1 Reply Last reply Reply Quote 0
          • S
            scorpoin
            last edited by

            @johnpoz Thanks

            Could you guide me a bit to create out bount/

            Let say
            Interface = WAN
            Source = any
            source port = 25

            Destination : Type = network
            Address = (my-public-ip-mail-server)
            source port = 25

            correct me if im making a wrong rule for outbound NAT

            1 Reply Last reply Reply Quote 0
            • johnpozJ
              johnpoz LAYER 8 Global Moderator
              last edited by

              source port would not be 25... And out of the box its going to use your WAN for the nat anyway..

              If you want it to use some VIP you would have to call that out..

              And NO it would not be address your public IP mail server..

              What exactly are you trying to do??? You have 5 servers behind pfsense??? You have 4 servers outside pfsense and 1 behind?

              But when I received mail and check source header found my gateway Public IP instead of mail Public IP.

              So you have what on the WAN of pfsense for IPs.. Its normal IP and then some VIPs you setup??

              An intelligent man is sometimes forced to be drunk to spend time with his fools
              If you get confused: Listen to the Music Play
              Please don't Chat/PM me for help, unless mod related
              SG-4860 24.11 | Lab VMs 2.7.2, 24.11

              1 Reply Last reply Reply Quote 0
              • S
                scorpoin
                last edited by

                Let me check and will get back to you .

                Thanks

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.