1

Topic: Postfix on External Virtual IP?

I recently installed iRedMail onto CentOs 5.5.  The server has two IP addresses.  The main hostname in this example is
    host.mydomain.com at IP 6.97.29.101
and the one I want to handle all email related stuff is
    mail.mydomain.com at IP 6.97.29.102
   
All mail clients are able to send/receive email using mail.mydomain.com and this is the MX record for the domains it handles.  However, the HEADERS on sent email give away the wrong IP address.  How can I force postfix to only send email via the 2nd virtual IP?  I included an example email sent from mydomain to gmail.  You will see that the final send from my server to Google sends via 6.97.29.101 instead of 6.97.29.102.  In fact, the SPF check that Google does, mentions the .102 address as well.  Any help, is this even possible?

I did update vi postfix/main.cf as follows, which doesn;t help.
inet_interfaces = 6.97.29.102, localhost

All IP addresses, hostnames, and email addresses were modified as obfuscation.

MAIL SOURCE:
------------------
                                                                                                                                                                                                                                                               
Delivered-To: mygmail@gmail.com
Received: by 10.229.42.75 with SMTP id r11cs98381qce;
        Wed, 21 Jul 2010 17:15:41 -0700 (PDT)

Received: by 10.224.37.9 with SMTP id v9mr770806qad.114.1279757740640;
        Wed, 21 Jul 2010 17:15:40 -0700 (PDT)
Return-Path: <steve@mydomain.com>
Received: from mail.mydomain.com (host.mydomain.com [6.97.29.101])
        by mx.google.com with ESMTP id a30si12567454qco.3.2010.07.21.17.15.40;
        Wed, 21 Jul 2010 17:15:40 -0700 (PDT)
Received-SPF: pass (google.com: domain of steve@mydomain.com designates 66.197.129.101 as permitted sender) client-ip=66.197.129.101;
Authentication-Results: mx.google.com; spf=pass (google.com: domain of steve@mydomain.com designates 66.197.129.101 as permitted sender) smtp.mail=steve@mydomain.com
Received: from localhost (localhost.localdomain [127.0.0.1])
    by mail.mydomain.com (iRedMail) with ESMTP id 773911F005D
    for <mygmail@gmail.com>; Wed, 21 Jul 2010 20:15:39 -0400 (EDT)
X-Virus-Scanned: amavisd-new at mail.mydomain.com
Received: from mail.mydomain.com ([127.0.0.1])
    by localhost (mail.coparttech.com [127.0.0.1]) (amavisd-new, port 10024)
    with ESMTP id nYUeTTlsxmrY for <mygmail@gmail.com>;
    Wed, 21 Jul 2010 20:15:38 -0400 (EDT)
Received: from [192.168.1.175] (myhomewanip.dyn.optonline.net [6.8.100.1])
    by mail.mydomain.com (iRedMail) with ESMTPSA id 759431F005C
    for <mygmail@gmail.com>; Wed, 21 Jul 2010 20:15:38 -0400 (EDT)
Message-ID: <4C478DAA.3050207@mydomain.com>
Date: Wed, 21 Jul 2010 20:15:38 -0400
From: Steve <steve@mydomain.com>
MIME-Version: 1.0
To: Steve <mygmail@gmail.com>
Subject: test
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit

test

2

Re: Postfix on External Virtual IP?

Hi,

What is your myorigin in the main.cf?

3

Re: Postfix on External Virtual IP?

ze wrote:

Hi,

What is your myorigin in the main.cf?

grep myorigin /etc/postfix/main.cf
# The myorigin parameter specifies the domain that locally-posted
# myorigin also specifies the default domain name that is appended
#myorigin = $myhostname
#myorigin = $mydomain
myorigin = mail.mydomain.com

4 (edited by ze 2010-07-30 04:47:49)

Re: Postfix on External Virtual IP?

copart wrote:

I did update vi postfix/main.cf as follows, which doesn;t help.
inet_interfaces = 6.97.29.102, localhost

Hi,

Can you double check this?  Is it suppose to be 66.97. a typo?  Also replace localhost with 127.0.0.1.  how about the outputs of postconf -n and netstat -tulpn | grep 25?

5 (edited by udi omar 2012-08-20 12:13:16)

Re: Postfix on External Virtual IP?

Sometimes you may in need to use an external SMTP provider to send your emails, and usually ISPs give instruction on how to configure mail clients such as Outlook or Thunderbird. But what if you are already using an internal SMTP server such as Postfix?
These guidelines are for Debian (but may be helpful with other systems as well) and are related to Postfix. The SMTP provider in the example which is a well known provider for SMTP relaying.
Given you already have a working Postfix environment, first of all edit your main.cf and add these lines:

relayhost = [mail.authsmtp.com]
smtp_sasl_auth_enable=yes
smtp_sasl_password_maps=hash:/etc/postfix/sasl-passwords
smtp_sasl_mechanism_filter = digest-md5
smtp_sasl_security_options=
then, create with $EDITOR a file called /etc/postfix/sasl-passwords and fill it with something like this:

[mail.authsmtp.com] yourusername:yourpassword

then, compile the map file

# postmap hash:/etc/postfix/sasl-passwords

now we are almost done, just restart postfix and it should work.
Now, probably it won’t really work and you’ll start to see messages like these in your postfix log:

warning: SASL authentication failure: No worthy mechs found
SASL authentication failed; cannot authenticate to server

that’s because you are missing some SASL packages from Debian. Issue

# aptitude install libsasl2-modules

and it should install all the missing packages and make the thing work smile