On Thu, Feb 19, 2009 at 3:15 PM, Bokhan Artem <art...@academ.org> wrote: > Peter Blair пишет: >> >> It's easier to do with a src-nat within network gear. > > I understand, I just wanted to know if there is an intelligence way to bind > every ip address its own helo.
Well, you could place a slim smtp proxy between postfix and the Internet. Say you have a /24, and you want your egress servers to HELO from the unique PTR addresses on your spread, then you'd want to do something like this in postfix: virtual_transport = smtp:127.0.0.1:12345 Now, have your server have virtual interfaces for each of your IPs. Have a small little SMTP proxy sitting on 0:12345 that bind a local socket to one of your virtual IPs, and then just blindly relay all communications from postfix -> remote MX, while replacing your local postfix's HELO/EHLO with a predefined EHLO/HELO that matches the PTR of the IP address that you've just bound yourself to. *shudder* - Ok, I feel like a spammer now :) > But let me tell >> >> you that this is referred to as "snowshoeing" as it expands your IP >> footprint, and is seen in the deliverability world as a slimy thing to >> do. >> >> People do it to mitigate the effects of their IP addresses being >> blacklisted. But the cleaner solution is to ensure that the mail >> egressing from your platform shouldn't warrent a ban. > > Also some systems have too high limits, so legitimate mail is delivered with > delays... True enough. With today's virtualization technologies, it isn't that hard to roll out several linux images, and place them behind a load balancer. That way you deliver to your virtual ip, and allow the load balancer to relay the message to your local relays, which will just act as normal servers. This will maintain a 1:1 ratio between your virtual server and IP address.
