Setting smtp_bind_address based on smtpd received address
Ronan Mullally
traffic into/out of the system. The trickiest part of this strikes me
as being differentiating outbound SMTP data so that traffic from
particular sources can be measured seperately.
Outbound SMTP traffic will be submitted to mail.abc.com, mail.def.com,
..., mail.xyz.com depending on user in question. Mail.*.com will be a
virtual server. The various mail.*.com virtual servers will all be
served by the same set of real hosts behind a load-balancer.
To keep traffic measurement simple I'd like to measure this traffic at
an IP level - either from individual (sub-)interfaces, or from the
load-balancer. My preference is the latter. In order to associate the
outbound traffic with the correct virtual-server I'll need the outbound
SMTP sessions, to originate connections from particular IP addresses.
I can accomplish this by running multiple instances of postfix, each
with its own configuration and queues, but I'd rather find a more elegant
approach. What I ideally need is some may of setting the smtp_bind_address
for a relayed message based on the interface upon which smtpd received the
message.
I've had a look at using one postfix instance, and binding smtpd on
different addresses / ports, but I can't see how I can enfore a particular
source address for outbound messages. I've tried '-o smtp_bind_address'
in the master.cf definition of each smtpd listener, but it doesn't appear
to work (not surprisingly, it's an SMTP client option, not a daemon
option).
Another possibility might be to try and put messages from each of the
various smtpd listeners into different queues, which are then delivered
by smtp clients configured with queue-specific source addresses, but I
haven't looked into that properly yet.
Just to complicate matters even more, content filtering will be thrown
into the loop as well, but that's another story...
Has anybody done this before? Are multiple postfix instances the only
way to achieve it? Might something other than postfix be a better fit?
Thanks in advance,
-Ronan
Magnus Bäck
Ronan Mullally <ro...@iol.ie> wrote:
[...]
> I can accomplish this by running multiple instances of postfix, each
> with its own configuration and queues, but I'd rather find a more
> elegant approach. What I ideally need is some may of setting the
> smtp_bind_address for a relayed message based on the interface upon
> which smtpd received the message.
Not possible with a single Postfix instance. Postfix supports routing
based on the recipient address, nothing else.
But sure, it might theoretically be possible with one or two Postfix
instances using some really gross access map hacks, but then you'd be
way better off with one instance per domain.
> I've had a look at using one postfix instance, and binding smtpd on
> different addresses / ports, but I can't see how I can enfore a
> particular source address for outbound messages. I've tried '-o
> smtp_bind_address' in the master.cf definition of each smtpd listener,
> but it doesn't appear to work (not surprisingly, it's an SMTP client
> option, not a daemon option).
Exactly.
> Another possibility might be to try and put messages from each of
> the various smtpd listeners into different queues, which are then
> delivered by smtp clients configured with queue-specific source
> addresses, but I haven't looked into that properly yet.
Do you by any chance have a sendmail background? Postfix doesn't have
such a concept of multiple queues, so you don't have to look into it.
[...]
--
Magnus Bäck
mag...@dsek.lth.se
Ronan Mullally
> But sure, it might theoretically be possible with one or two Postfix
> instances using some really gross access map hacks, but then you'd be
> way better off with one instance per domain.
Given a choice between gross hacks and multiple instances I'll be going
with multiple instances (or extracting the info from the mail logs).
> > Another possibility might be to try and put messages from each of
> > the various smtpd listeners into different queues, which are then
> > delivered by smtp clients configured with queue-specific source
> > addresses, but I haven't looked into that properly yet.
>
> Do you by any chance have a sendmail background? Postfix doesn't have
> such a concept of multiple queues, so you don't have to look into it.
I cut my teeth on sendmail 10+ years ago - last time I looked it didn't
support multiple queues. Having re-looked, the multi-queue functionality
it has does not support what I'm after - I'd still need to run multiple
instances to ensure each domain's queue is processed with a different
source IP address.
-Ronan