smtp client and aliased addresses

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
10 messages Options
Reply | Threaded
Open this post in threaded view
|

smtp client and aliased addresses

Postfix User-3
I'm having an issue getting the smtp client to bind to an aliased IP
address.

mail_version = 2.5.7

I've tried to no avail to have the smtp client use a aliased IP to
deliver mail but it insists on using the address of the interface the
aliased address is assigned to.

#  ifconfig eth2 && ifconfig eth2:1

eth2      Link encap:Ethernet  HWaddr 00:15:17:6f:e6:1e  
          inet addr:142.22.75.146  Bcast:142.22.75.151  Mask:255.255.255.248
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:38366130 errors:0 dropped:0 overruns:0 frame:0
          TX packets:32267506 errors:0 dropped:0 overruns:0 carrier:0
          collisions:535231 txqueuelen:100
          RX bytes:10481726082 (9.7 GiB)  TX bytes:33812562876 (31.4 GiB)
          Base address:0xece0 Memory:fc7e0000-fc800000

eth2:1    Link encap:Ethernet  HWaddr 00:15:17:6f:e6:1e  
          inet addr:142.22.75.147  Bcast:142.22.75.151  Mask:255.255.255.248
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          Base address:0xece0 Memory:fc7e0000-fc800000


I've tried the following in main.cf ...

smtp_bind_address = 142.22.75.147

I've also tried the following in master.cf ...

smtp      unix  -       -       n       -       -       smtp
       -o smtp_bind_address=142.22.75.147

Reading a correlation between smtp_bind_address and inet_interfaces in
the docs I've also tried the following in main.cf ...

inet_interfaces = $myhostname, localhost

With the later netstat shows master binding to the aliased address
142.22.75.147 and 127.0.0.1 and the smtpd server receives mail fine on
the aliased address however the smtp client persists in using
142.22.75.146 to deliver mail to other hosts.

tcp        0      0 127.0.0.1:25            0.0.0.0:*               LISTEN     27605/master        
tcp        0      0 142.22.75.147:25        0.0.0.0:*               LISTEN     27605/master      


What am I missing?

Thanks
--

Reply | Threaded
Open this post in threaded view
|

Re: smtp client and aliased addresses

Ramprasad-5

On Tue, 2009-09-29 at 00:58 -0300, Postfix User wrote:

> I'm having an issue getting the smtp client to bind to an aliased IP
> address.
>
> mail_version = 2.5.7
>
> I've tried to no avail to have the smtp client use a aliased IP to
> deliver mail but it insists on using the address of the interface the
> aliased address is assigned to.
>
> #  ifconfig eth2 && ifconfig eth2:1
>
> eth2      Link encap:Ethernet  HWaddr 00:15:17:6f:e6:1e  
>           inet addr:142.22.75.146  Bcast:142.22.75.151  Mask:255.255.255.248
>           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
>           RX packets:38366130 errors:0 dropped:0 overruns:0 frame:0
>           TX packets:32267506 errors:0 dropped:0 overruns:0 carrier:0
>           collisions:535231 txqueuelen:100
>           RX bytes:10481726082 (9.7 GiB)  TX bytes:33812562876 (31.4 GiB)
>           Base address:0xece0 Memory:fc7e0000-fc800000
>
> eth2:1    Link encap:Ethernet  HWaddr 00:15:17:6f:e6:1e  
>           inet addr:142.22.75.147  Bcast:142.22.75.151  Mask:255.255.255.248
>           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
>           Base address:0xece0 Memory:fc7e0000-fc800000
>
>
> I've tried the following in main.cf ...
>
> smtp_bind_address = 142.22.75.147
>
> I've also tried the following in master.cf ...
>
> smtp      unix  -       -       n       -       -       smtp
>        -o smtp_bind_address=142.22.75.147
>
> Reading a correlation between smtp_bind_address and inet_interfaces in
> the docs I've also tried the following in main.cf ...
>
> inet_interfaces = $myhostname, localhost
>
> With the later netstat shows master binding to the aliased address
> 142.22.75.147 and 127.0.0.1 and the smtpd server receives mail fine on
> the aliased address however the smtp client persists in using
> 142.22.75.146 to deliver mail to other hosts.
>
How can you say that ? The way of checking is send a mail to any other
server. And check the full headers for the ip used. Dont use netstat.
The smtp connection will not last too long for your inspection.




> tcp        0      0 127.0.0.1:25            0.0.0.0:*               LISTEN     27605/master        
> tcp        0      0 142.22.75.147:25        0.0.0.0:*               LISTEN     27605/master      
>
>
No this is not smtp client , this indicates smtpd listening for incoming
messages. Dont confuse smtpd with smtp


> What am I missing?

I dont think there is anything. You are probably already meeting your
requirement



>
> Thanks
> --
>

Reply | Threaded
Open this post in threaded view
|

Re: smtp client and aliased addresses

Postfix User-3

On Tue, 2009-09-29 at 14:28 +0530, ram wrote:

> On Tue, 2009-09-29 at 00:58 -0300, Postfix User wrote:
> > I'm having an issue getting the smtp client to bind to an aliased IP
> > address.
> >
> > mail_version = 2.5.7
> >
> > I've tried to no avail to have the smtp client use a aliased IP to
> > deliver mail but it insists on using the address of the interface the
> > aliased address is assigned to.
> >
> > #  ifconfig eth2 && ifconfig eth2:1
> >
> > eth2      Link encap:Ethernet  HWaddr 00:15:17:6f:e6:1e  
> >           inet addr:142.22.75.146  Bcast:142.22.75.151  Mask:255.255.255.248
> >           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
> >           RX packets:38366130 errors:0 dropped:0 overruns:0 frame:0
> >           TX packets:32267506 errors:0 dropped:0 overruns:0 carrier:0
> >           collisions:535231 txqueuelen:100
> >           RX bytes:10481726082 (9.7 GiB)  TX bytes:33812562876 (31.4 GiB)
> >           Base address:0xece0 Memory:fc7e0000-fc800000
> >
> > eth2:1    Link encap:Ethernet  HWaddr 00:15:17:6f:e6:1e  
> >           inet addr:142.22.75.147  Bcast:142.22.75.151  Mask:255.255.255.248
> >           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
> >           Base address:0xece0 Memory:fc7e0000-fc800000
> >
> >
> > I've tried the following in main.cf ...
> >
> > smtp_bind_address = 142.22.75.147
> >
> > I've also tried the following in master.cf ...
> >
> > smtp      unix  -       -       n       -       -       smtp
> >        -o smtp_bind_address=142.22.75.147
> >
> > Reading a correlation between smtp_bind_address and inet_interfaces in
> > the docs I've also tried the following in main.cf ...
> >
> > inet_interfaces = $myhostname, localhost
> >
> > With the later netstat shows master binding to the aliased address
> > 142.22.75.147 and 127.0.0.1 and the smtpd server receives mail fine on
> > the aliased address however the smtp client persists in using
> > 142.22.75.146 to deliver mail to other hosts.
> >
> How can you say that ? The way of checking is send a mail to any other
> server. And check the full headers for the ip used. Dont use netstat.
> The smtp connection will not last too long for your inspection.
>

Indeed, I've confirmed it by checking both headers and logs. Sorry about
that, I thought that a little too obvious to mention.  

>
> > tcp        0      0 127.0.0.1:25            0.0.0.0:*               LISTEN     27605/master        
> > tcp        0      0 142.22.75.147:25        0.0.0.0:*               LISTEN     27605/master      
> >
> >
> No this is not smtp client , this indicates smtpd listening for incoming
> messages. Dont confuse smtpd with smtp
>

I'm aware of that and it was mentioned, I showed the netstat output to
show that postfix was using inet_interfaces as expected. FWIW I also
tried this with just the aliased IP address.
 
> > What am I missing?
>
> I dont think there is anything. You are probably already meeting your
> requirement
>

As I've confirmed that it's not, any other suggestions?


Thanks
--



Reply | Threaded
Open this post in threaded view
|

Re: smtp client and aliased addresses

John Peach-2
On Tue, 29 Sep 2009 07:57:54 -0300
Postfix User <[hidden email]> wrote:

>
> On Tue, 2009-09-29 at 14:28 +0530, ram wrote:
> > On Tue, 2009-09-29 at 00:58 -0300, Postfix User wrote:
> > > I'm having an issue getting the smtp client to bind to an aliased
> > > IP address.
> > >
> > > mail_version = 2.5.7
> > >
> > > I've tried to no avail to have the smtp client use a aliased IP to
> > > deliver mail but it insists on using the address of the interface
> > > the aliased address is assigned to.
> > >
[snip]
>
> As I've confirmed that it's not, any other suggestions?

Postfix does not decide which interface to use for sending mail. That
is handled by your routing tables.



--
John
Reply | Threaded
Open this post in threaded view
|

Re: smtp client and aliased addresses

Postfix User-3

On Tue, 2009-09-29 at 07:51 -0400, John Peach wrote:
> On Tue, 29 Sep 2009 07:57:54 -0300
> Postfix User <[hidden email]> wrote:
> [snip]
> >
> > As I've confirmed that it's not, any other suggestions?
>
> Postfix does not decide which interface to use for sending mail. That
> is handled by your routing tables.

What's the intended use of smtp_bind_address for then?


Reply | Threaded
Open this post in threaded view
|

Re: smtp client and aliased addresses

Ramprasad-5
In reply to this post by Postfix User-3

On Tue, 2009-09-29 at 07:57 -0300, Postfix User wrote:

> On Tue, 2009-09-29 at 14:28 +0530, ram wrote:
> > On Tue, 2009-09-29 at 00:58 -0300, Postfix User wrote:
> > > I'm having an issue getting the smtp client to bind to an aliased IP
> > > address.
> > >
> > > mail_version = 2.5.7
> > >
> > > I've tried to no avail to have the smtp client use a aliased IP to
> > > deliver mail but it insists on using the address of the interface the
> > > aliased address is assigned to.
> > >
> > > #  ifconfig eth2 && ifconfig eth2:1
> > >
> > > eth2      Link encap:Ethernet  HWaddr 00:15:17:6f:e6:1e  
> > >           inet addr:142.22.75.146  Bcast:142.22.75.151  Mask:255.255.255.248
> > >           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
> > >           RX packets:38366130 errors:0 dropped:0 overruns:0 frame:0
> > >           TX packets:32267506 errors:0 dropped:0 overruns:0 carrier:0
> > >           collisions:535231 txqueuelen:100
> > >           RX bytes:10481726082 (9.7 GiB)  TX bytes:33812562876 (31.4 GiB)
> > >           Base address:0xece0 Memory:fc7e0000-fc800000
> > >
> > > eth2:1    Link encap:Ethernet  HWaddr 00:15:17:6f:e6:1e  
> > >           inet addr:142.22.75.147  Bcast:142.22.75.151  Mask:255.255.255.248
> > >           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
> > >           Base address:0xece0 Memory:fc7e0000-fc800000
> > >
> > >
> > > I've tried the following in main.cf ...
> > >
> > > smtp_bind_address = 142.22.75.147
> > >
> > > I've also tried the following in master.cf ...
> > >
> > > smtp      unix  -       -       n       -       -       smtp
> > >        -o smtp_bind_address=142.22.75.147
> > >
> > > Reading a correlation between smtp_bind_address and inet_interfaces in
> > > the docs I've also tried the following in main.cf ...
> > >
> > > inet_interfaces = $myhostname, localhost
> > >
> > > With the later netstat shows master binding to the aliased address
> > > 142.22.75.147 and 127.0.0.1 and the smtpd server receives mail fine on
> > > the aliased address however the smtp client persists in using
> > > 142.22.75.146 to deliver mail to other hosts.
> > >
> > How can you say that ? The way of checking is send a mail to any other
> > server. And check the full headers for the ip used. Dont use netstat.
> > The smtp connection will not last too long for your inspection.
> >
>
> Indeed, I've confirmed it by checking both headers and logs. Sorry about
> that, I thought that a little too obvious to mention.  
>
> >
> > > tcp        0      0 127.0.0.1:25            0.0.0.0:*               LISTEN     27605/master        
> > > tcp        0      0 142.22.75.147:25        0.0.0.0:*               LISTEN     27605/master      
> > >
> > >
> > No this is not smtp client , this indicates smtpd listening for incoming
> > messages. Dont confuse smtpd with smtp
> >
>
> I'm aware of that and it was mentioned, I showed the netstat output to
> show that postfix was using inet_interfaces as expected. FWIW I also
> tried this with just the aliased IP address.
>  
> > > What am I missing?
> >
> > I dont think there is anything. You are probably already meeting your
> > requirement
> >
>
> As I've confirmed that it's not, any other suggestions?
>
smtp bind works fine.
Trace the mail in the logs. Probably enable verbose logging for smtp
Did you see any error line that says could not bind to <ip>








>
> Thanks
> --
>
>
>

Reply | Threaded
Open this post in threaded view
|

Re: smtp client and aliased addresses

Postfix User-3

On Tue, 2009-09-29 at 19:10 +0530, ram wrote:

> On Tue, 2009-09-29 at 07:57 -0300, Postfix User wrote:
> > On Tue, 2009-09-29 at 14:28 +0530, ram wrote:
> > > On Tue, 2009-09-29 at 00:58 -0300, Postfix User wrote:
> > > > I'm having an issue getting the smtp client to bind to an aliased IP
> > > > address.
> > > >
> >  
> > > > What am I missing?
> > >
> > > I dont think there is anything. You are probably already meeting your
> > > requirement
> > >
> >
> > As I've confirmed that it's not, any other suggestions?
> >
> smtp bind works fine.
> Trace the mail in the logs. Probably enable verbose logging for smtp
> Did you see any error line that says could not bind to <ip>

First thing I did was an egrep '(warning|error|fatal|panic):' on the
mail logs, nothing relevant seen.

I'll try turning on verbose logging and look for clues.

I've since implemented an iptables SNAT rule as a temporary workaround
as I really needed this working this morning. I doubt this will
interfere with the verbose logging output. What exactly is it I should
be looking for?

--

Reply | Threaded
Open this post in threaded view
|

Re: smtp client and aliased addresses

Barney Desmond
2009/9/30 Postfix User <[hidden email]>:

> I've since implemented an iptables SNAT rule as a temporary workaround
> as I really needed this working this morning. I doubt this will
> interfere with the verbose logging output. What exactly is it I should
> be looking for?

Can you show us some proof that it's not working? Eg. send mail via
that machine and show the headers that appear on the receiving end.

If you really want to use iptables, I'd use it for logging first. Just
some trivial rules.

iptables -I OUTPUT -s 142.22.75.146 -p tcp --dport smtp -m state --state NEW
iptables -I OUTPUT -s 142.22.75.147 -p tcp --dport smtp -m state --state NEW

Send some mail and check your packet counters with `iptables -L OUTPUT -vn`

I don't doubt that you're seeing some sort of problem, but we need
more evidence to believe there's actually something broken/wrong with
postfix. I wouldn't bother turning on verbose logging just yet; I'm
not sure it'll show the source address, and it's a lot of information
to wade through (and noone here will read through it unless they're
sure there's a problem that needs it).
Reply | Threaded
Open this post in threaded view
|

Re: smtp client and aliased addresses

John Peach-2
On Wed, 30 Sep 2009 01:03:36 +1000
Barney Desmond <[hidden email]> wrote:

> 2009/9/30 Postfix User <[hidden email]>:
>
> > I've since implemented an iptables SNAT rule as a temporary
> > workaround as I really needed this working this morning. I doubt
> > this will interfere with the verbose logging output. What exactly
> > is it I should be looking for?
>
> Can you show us some proof that it's not working? Eg. send mail via
> that machine and show the headers that appear on the receiving end.
>
> If you really want to use iptables, I'd use it for logging first. Just
> some trivial rules.
>
> iptables -I OUTPUT -s 142.22.75.146 -p tcp --dport smtp -m state
> --state NEW iptables -I OUTPUT -s 142.22.75.147 -p tcp --dport smtp
> -m state --state NEW
>
> Send some mail and check your packet counters with `iptables -L
> OUTPUT -vn`
>
> I don't doubt that you're seeing some sort of problem, but we need
> more evidence to believe there's actually something broken/wrong with
> postfix. I wouldn't bother turning on verbose logging just yet; I'm
> not sure it'll show the source address, and it's a lot of information
> to wade through (and noone here will read through it unless they're
> sure there's a problem that needs it).

Why would you think there's a problem? Postfix does not determine what
interface is used for outbound email. The OS routing tables do that, so
iptables will do what he wants.



--
John
Reply | Threaded
Open this post in threaded view
|

Re: smtp client and aliased addresses

Postfix User-3
In reply to this post by Barney Desmond

> 2009/9/30 Postfix User <[hidden email]>:
>
> > I've since implemented an iptables SNAT rule as a temporary workaround
> > as I really needed this working this morning. I doubt this will
> > interfere with the verbose logging output. What exactly is it I should
> > be looking for?
>
> Can you show us some proof that it's not working? Eg. send mail via
> that machine and show the headers that appear on the receiving end.
>

> If you really want to use iptables, I'd use it for logging first. Just
> some trivial rules.
>
> iptables -I OUTPUT -s 142.22.75.146 -p tcp --dport smtp -m state --state NEW
> iptables -I OUTPUT -s 142.22.75.147 -p tcp --dport smtp -m state --state NEW
>

Bingo, good thinking Barney.

I removed my SNAT rule and sent a couple of emails and this shed some
light on it as the second rule was the only one to increment so postfix
was working as expected yet email headers and logs on the receiving MTA
showed delivery using 142.22.75.146 so I dropped the firewall sent
another email and the results were as expected on the receiving end, ie
142.22.75.147 was used. Wadding through the firewall rules I spotted the
culprit rule. The rules are not my handy work and they certainly need
peer review as looking deeper I see a few others I had to cock an eye
at.

Anyhow, *perceived* problem solved, thank you very much for the help
guys and sorry for wasting everyones time.

--