Postfix behind pfSense wrong WAN IP in Received header
-
Hi,
Hopefully someone can shed some light on this issue...
My mail server is all working fine, however the Received from: is showing the WAN IP of pfSense router and not the WAN IP of the mail server.
I have 192.168.1.4 (mail servers internal LAN IP) > port forwarded to my chosen WAN IP.
I have also firewall rules to match incoming mail to forward to the 192.168.1.4 address, telnetting the MX server sends everything to the destination, however outgoing email as I say is refusing to pick up the correct WAN IP which is causing issues with mail deliverability in some cases with the WAN IP being wrong.
How can this be solved?
Thank's in advance for any advice.
-
@kush420 said in Postfix behind pfSense wrong WAN IP in Received header:
I have 192.168.1.4 (mail servers internal LAN IP) > port forwarded to my chosen WAN IP.
?
You have multiple WAN IPs and want to assign one of them to the mail server, I guess.
So add a 1:1 NAT rule to the WAN where you enter the mail server external IP in "External subnet IP" and its internal at "Internal IP". -
@viragomann Thanks for the reply...
We have a bunch of WAN IPs yea (All setup in virtual IPs config) - the .160 address is for MX server only and NAT back to 192.168.1.4, I had tried to do the 1:1 NAT rule but didn't appear to prevent the Received header still promoting the pfSense router IP ending .164
Would Hybrid mode NAT have any adverse effects on this?
-
It should work with a 1:1 rule. I would try a packet capture on WAN to see what's going on there.
Yes, you may also set the outbound mapping in Outbound NAT. If it is working in automatic mode you have to switch to hybrid first, then add a rule to WAN with source = MX server and translation = your desired outbound IP.
-
@viragomann said in Postfix behind pfSense wrong WAN IP in Received header:
It should work with a 1:1 rule. I would try a packet capture on WAN to see what's going on there.
Yes, you may also set the outbound mapping in Outbound NAT. If it is working in automatic mode you have to switch to hybrid first, then add a rule to WAN with source = MX server and translation = your desired outbound IP.
will check and reply back :-)
-
1:1 NAT is not providing the outbound mail to the .160 IP address, it remains as .164
Packet Capture is not providing anything remotely useful to ascertain the issue either :(