Re: Postfix Multiple IPs
2009/11/18 Dhiraj Chatpar dchat...@gmail.com: Dear Sir, I read your post on the postfix forum. I am a fan of yours after what solutions you gave regarding iptables and rotation of IPs. i tried doing that on my server and still get deferred from yahoo. Is there a way i can rotate my IPs by way of a script or something. Please advice me. Please also mention that iptables method.. will it send each email from the new ip i mention or just rotate the IPs? how does it work? Need your help Rgds Dhiraj The IP tables rules I posted will Source NAT each *new* outbound connection on port 25 to a different IP address. This should make each new connection appear from a different IP address. It works at the TCP level (layer 3) and as such is not aware of the SMTP transaction(s) at Layer 4. If your mail server is configured to deliver multiple messages per SMTP session, then the IP address will not be cycled since they are being delivered in the same single TCP connection. Please do not reply off-list in future. The mailing list exists for a reason.
Re: Postfix send emails from a subnet, how to config?
2009/11/16 Mihai Mustea mihai.mus...@swissventure.ro: My emails are deferred by Yahoo (when I was sending from only one interface). Do you think this solution can solve my issues or I can get into trouble? I did say it was a nasty hack ;) Everything mentioned by /dev/rob0 are valid comments. Deferrals are part of the process for a reason, and as frustrating as Yahoo's policy may be for you, you could be creating more problems for yourself when a retry comes from a different address than the first attempt.
Re: Postfix send emails from a subnet, how to config?
2009/11/15 Mihai Mustea mihai.mus...@swissventure.ro: work for) a website with fashion campaigns and it sends more than 50K emails each day, 90% of them being hosted by Yahoo (all users being registered, so this is not spam) and I'm sure that you are aware of Yahoo's policies. I tried to use throttling solutions (send 2 emails per second or even less), the messages are still deferred after some time. So my last option before buying some service from inxmail or mailchimp is to try this, but I cannot implement it (google is not my best friend in this case). If your aim is to distribute the outbound load across multiple IP addresses for the purposes of fooling Yahoo into believing you're multiple different mail servers (ie, mail doesn't *have* to be in .2 and out .2, it can be in .2 and out .57) then you can do some nasty hacky workarounds in iptables... Something along the lines of iptables -t nat -I POSTROUTING -m state --state NEW -p tcp --dport 25 -o eth0 -m statistic --mode nth --every 200 -j SNAT --to-source 192.168.10.1 iptables -t nat -I POSTROUTING -m state --state NEW -p tcp --dport 25 -o eth0 -m statistic --mode nth --every 200 -j SNAT --to-source 192.168.10.2 iptables -t nat -I POSTROUTING -m state --state NEW -p tcp --dport 25 -o eth0 -m statistic --mode nth --every 200 -j SNAT --to-source 192.168.10.3 iptables -t nat -I POSTROUTING -m state --state NEW -p tcp --dport 25 -o eth0 -m statistic --mode nth --every 200 -j SNAT --to-source 192.168.10.4 iptables -t nat -I POSTROUTING -m state --state NEW -p tcp --dport 25 -o eth0 -m statistic --mode nth --every 200 -j SNAT --to-source 192.168.10.5 iptables -t nat -I POSTROUTING -m state --state NEW -p tcp --dport 25 -o eth0 -m statistic --mode nth --every 200 -j SNAT --to-source 192.168.10.6 etc etc etc iptables -t nat -I POSTROUTING -m state --state NEW -p tcp --dport 25 -o eth0 -m statistic --mode nth --every 200 -j SNAT --to-source 192.168.10.199 iptables -t nat -I POSTROUTING -m state --state NEW -p tcp --dport 25 -o eth0 -m statistic --mode nth --every 200 -j SNAT --to-source 192.168.10.200 1) I'm assuming all these IP addresses are on the one interface (eth0) 2) Replace the '--every 200' with the total number of IP addresses you have for outgoing mail. This is untested so it's at your own risk, but I believe it should work.
Re: Test e-mailservice
2009/11/12 Michael Saldivar mike.saldi...@advocatecreditrepair.com: I use the open-source monitoring tool http://www.nagios.org/ combined with NRPE to monitor all my servers and services. +1 NRPE allows you to connect to the system being monitored, and execute any command on the local system, returning the result to the Nagios server. In your case, you could either check for TCP connectivity on 127.0.0.1:10024 or use the check_procs plugin to see if the process is running -- or both. If firewalls etc prevent you configuring the Monitoring server connecting to the Mail Server to initiate NRPE checks, then you can use NSCA which is basically the same thing, except the machine being monitored is responsible for checking the status, and sending notifications to the monitoring server (passive checks).
Re: Reverse DNS Rejection Problem
Tell the admin of the remote domain to fix their PTR records and/or MX helo configuration because in the meantime, you're going to have to implement a dirty hack to make their server work. But the PTR needs no fix. The IP resolves to a hostname perfectly fine , only that the hostname does not resolve. Then a) it doesn't resolve perfectly -- it should resolve both ways. And b) any given IP address should only have *one* corresponding PTR record, not multiple PTR's. For one, it causes problems like this.
Re: Reverse DNS Rejection Problem
2009/10/28 Dennis Putnam dennis.put...@aimaudit.com Thanks or the reply. That sucks. Is there a way around this, short of turning that off or whitelisting? Tell the admin of the remote domain to fix their PTR records and/or MX helo configuration because in the meantime, you're going to have to implement a dirty hack to make their server work.
Re: Feature Request
2009/10/7 Wietse Venema wie...@porcupine.org: Phillip Smith: Where is the best place to file a feature request? I can't find anything on the website, although I may be a little slow in that regard! Discuss it on the mailing list. Thanks for the reply Wietse, here goes :) I was wondering about the possibility of having Postfix being able to handle *making* ETRN requests as well as responding to them. Have a config setting similar to $relaydomains to list domains that have backup MX's that support ETRN and issue ETRN to the servers for these domains on Postfix startup. The servers to contact could either be configured by hand, or via an MX lookup for the domain, discarding the highest priority (the highest priority being the primary MX and the host that is doing this process). I don't know if this is workable, or even desirable, but after looking into ETRN over the last week or so it seems like something that would be helpful when using multiple MX servers and ETRN.
Re: Feature Request
2009/10/8 Wietse Venema wie...@porcupine.org This could easily be scripted and run from cron. Massage the output from host(1) or dig(1) to extract hosts, and use an expect script to do the talking, like http://www.cymru.com/Tools/mtaprobe.exp. The whole thing should not take more than a dozen or so lines. I have a script that does it which I call from rc.local but it depends on fetchmail, and I've scripted it heavily towards a PostgreSQL backend: http://www.pastebin.ca/1602946 I was just wondering if it wouldn't be a nice feature for Postfix to have since at the moment it only seems to be doing half the job -- responding to ETRN requests, but no capability to make the requests. Both requesting and responding are part of the MTA/MDA tasks (as opposed to MUA tasks).
Feature Request
Where is the best place to file a feature request? I can't find anything on the website, although I may be a little slow in that regard!
