Hi folks, I'm running into a bit of a routing gotcha getting two mail
servers to send mail out using their own respective IP addresses.
(While this involves postfix, this is not a postfix support question,
it's a routing question)
What I'm trying to accomplish is this:
- two autonomous domains, each with their own mail server instance
(postfix in this case) so that one domain never 'mentions' the other
domain. Using one instance of postfix to relay for the 2nd domain is
not an option, as domain1.com will be shown in the headers when mail is
from domain2.com. The reason is that 2nd domain is a business entity
and should not be associated in any way with the first.
The setup (which works fine):
- the two domains have their own external IPs, dns-wise.
- two instances of postfix listen on their respective external IPs
taking mail for their domains (set in master.cf)
- postfix acts as a mail gateway on the firewall, which shuffles mail to
either of two instances of postfix on an internal mail server
- 5 (non-contiguous) IPs are assigned to me by ADSL, so I have one
physical connection, with 1 'main' IP and 4 aliases.
That works fine and dandy: two independent domains. I should mention
that (some) internal traffic, depending on its origin, is NAT'd out with
pf on those aliases, appearing to come from independent networks.
The problem:
- mail sent out via either instance of postfix, regardless of the
master.cf setting, go out on the 'main' IP, such that mail headers
appear like such:
Received: from mail.domain2.com (erratic.ca [75.119.251.119])
The goal:
I'd prefer it to read ".. from mail.domain2.com (domain2.com [a.b.c.d])"
The untouched firewall routing table looks like this:
Internet:
Destination Gateway Flags Refs Use Mtu Prio
Iface
default 206.248.154.122 UGS 322803 56410450 - 8
tun0
127/8 127.0.0.1 UGRS 0 0 33200 8 lo0
(snipping a bunch of lo0 stuff)
192.168.0/24 link#1 UC 1 0 - 4 nfe0
192.168.0.2 00:0d:60:91:5d:a4 UHLc 1 43271 - 4 nfe0
192.168.1/24 link#5 UC 2 0 - 4 sk0
192.168.1.2 00:19:5b:68:91:20 UHLc 1 7177 - 4 sk0
192.168.1.3 00:10:c6:b5:c1:72 UHLc 4 136762 - 4 sk0
192.168.2/24 link#5 UC 1 0 - 4 sk0
192.168.2.1 127.0.0.1 UGHS 0 0 33200 8 lo0
192.168.3/24 link#5 UC 0 0 - 4 sk0
192.168.3.1 127.0.0.1 UGHS 0 0 33200 8 lo0
206.248.154.122 75.119.251.119 UH 1 0 1492 4 tun0
224/4 127.0.0.1 URS 0 0 33200 8 lo0
I've tried this:
# route add 206.248.154.122 a.b.c.d
but my routing-fu is not strong. That command gives all of the above,
plus this:
206.248.154.122 a.b.c.d UGHS 0 0 - 8 tun0
Of course, sending mails from domain2.com still appears from erratic.ca.
Any suggestions? Clear as mud? The firewall does not have an
/etc/mygate set, and is OpenBSD 4.6-current (GENERIC) #7: Sat Jan 23
16:34:02 EST 2010, but I don't think a dmesg is of much use here.
Unrelated question: can smtpd handle this kind of funkiness? I'd like
to switch to smtpd eventually if it can, but that's another project for
another day.
Thanks!
--
- RSM
www.erratic.ca
