NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Postfix Discussion> 2007-07

RV: Problem to Load-Balance Outgoing SMTP traffic with postfix.

From: Edgar Díaz Orellana (eorellanfulltimehosting.net)
Date: Sun Jul 01 2007 - 17:21:52 CDT

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi everyone.

I have some sites hosted in this Server some of them have 2000 email
accounts, then i try to make some load balance for outgoing email traffic
because all the time, because the amount of email accounts i have in this
Server, some mayor email hosting providers like Hotmail, gmail, yahoo and
others, think i'm a spammer, then i think the best way to change this
situation, is make a load balance on the outgoing email traffic, the thing
is all outgoing traffic still goes by the eth0:222 and no balance is doing,
and I really need the balance.

Some of yours have some clue or idea to make postfix use all of the public
ip addresses to send the outgoing mail.

BTW, if need more info or other config files, please ask.

Thanks a lot for your time.

Edgar Díaz.

----------------------------------------------------------------------------
----------------------
IPCONFIG
----------------------------------------------------------------------------
----------------------
smtpout:/etc# ifconfig
eth0 Link encap:Ethernet HWaddr 00:80:C8:45:C8:01
          inet addr:200.27.132.219 Bcast:200.27.132.223
Mask:255.255.255.240
          UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
          RX packets:3013554 errors:1 dropped:0 overruns:0 frame:0
          TX packets:4715907 errors:7 dropped:0 overruns:0 carrier:7
          collisions:0 txqueuelen:1000
          RX bytes:255212695 (243.3 MiB) TX bytes:1836775991 (1.7 GiB)
          Interrupt:185 Base address:0xcc00

eth0:220 Link encap:Ethernet HWaddr 00:80:C8:45:C8:01
          inet addr:200.27.132.220 Bcast:200.27.132.223
Mask:255.255.255.240
          UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
          Interrupt:185 Base address:0xcc00

eth0:221 Link encap:Ethernet HWaddr 00:80:C8:45:C8:01
          inet addr:200.27.132.221 Bcast:200.27.132.223
Mask:255.255.255.240
          UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
          Interrupt:185 Base address:0xcc00

eth0:222 Link encap:Ethernet HWaddr 00:80:C8:45:C8:01
          inet addr:200.27.132.222 Bcast:200.27.132.223
Mask:255.255.255.240
          UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
          Interrupt:185 Base address:0xcc00

----------------------------------------------------------------------------
----------------------
Main.cf
----------------------------------------------------------------------------
----------------------
# See /usr/share/postfix/main.cf.dist for a commented, more complete version

2bounce_notice_recipient = postmastergigahost.cl
#alias_maps =
mysql:/etc/postfix/mysql/alias-maps.mysql
address_verify_poll_delay = 8s
alias_maps =
append_dot_mydomain = no
biff = no
body_checks =
pcre:/etc/postfix/pcre/body_check.pcre,
pcre:/etc/postfix/pcre/avirus_body_check.pcre
bounce_queue_lifetime = 4h
bounce_notice_recipient = postmastergigahost.cl
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
#content_filter = smtp-amavis:[virus-filter]:10024
daemon_directory = /usr/lib/postfix
delay_warning_time = 1h
disable_vrfy_command = yes
header_checks =
pcre:/etc/postfix/pcre/header_check.pcre,
pcre:/etc/postfix/pcre/avirus_header_check.pcre
home_mailbox = Maildir/
html_directory = no
invalid_hostname_reject_code = 501
inet_interfaces = 200.27.132.219 200.27.132.220
200.27.132.221 200.27.132.222
#local_recipient_maps = $alias_maps, $virtual_mailbox_maps
#local_transport = error:local mail delivery is
disabled
mailbox_command = /usr/bin/maildrop
mailbox_size_limit = 0
mailq_path = /usr/bin/mailq
#mail_owner = postfix
manpage_directory = /usr/share/man
#maps_rbl_domains = mysql:/etc/postfix/mysql/rbl.mysql
maps_rbl_reject_code = 554
maximal_queue_lifetime = 8h
maximal_queue_lifetime_days = 4d
message_size_limit = 20480000
mime_header_checks =
pcre:/etc/postfix/pcre/body_check.pcre
mydestination = localhost, localhost.localdomain,
localhost.$mydomain
mydomain = gigahost.cl
myhostname = mx.gigahost.cl
mynetworks = 127.0.0.0/8
myorigin = $myhostname
# newaliases_path = /usr/bin/newaliases
non_fqdn_reject_code = 504
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix
recipient_delimiter = +
sample_directory = /usr/share/doc/postfix/examples
sendmail_path = /usr/sbin/sendmail
setgid_group = postdrop
smtpd_banner = $myhostname ESMTP Servidor de
correo seguro
smtpd_client_connection_count_limit = 10
smtpd_client_restrictions = permit_mynetworks,
permit_sasl_authenticated, reject_unknown_client
# ,
cidr:/etc/postfix/cidr/deny_block.cidr
#
mysql:/etc/postfix/mysql/deny-access/denyhost.mysql,
#
mysql:/etc/postfix/mysql/deny-access/rbl.mysql
smtpd_data_restrictions = reject_unauth_pipelining, permit
smtpd_delay_reject = yes
smtpd_error_sleep_time = 5s
smtpd_hard_error_limit = 7
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks
#
mysql:/etc/postfix/mysql/deny-access/denytld.mysql,
#
mysql:/etc/postfix/mysql/deny-access/denyhost.mysql,
#
mysql:/etc/postfix/mysql/deny-access/rbl.mysql

smtpd_recipient_limit = 15
smtpd_recipient_overshoot_limit = 50
smtpd_recipient_restrictions = permit_mynetworks,
permit_sasl_authenticated,
                                          reject_unauth_destination,
reject_unauth_pipelining,
                                          reject_non_fqdn_hostname,
reject_non_fqdn_sender,
                                          reject_non_fqdn_recipient,
reject_sender_login_mismatch,
                                          reject_invalid_hostname,
reject_unknown_sender_domain,
                                          reject_unknown_recipient_domain
#
cidr:/etc/postfix/cidr/deny_block.cidr
#
mysql:/etc/postfix/mysql/deny-access/rbl.mysql
smtpd_sasl_authenticated_header = yes
smtpd_sasl_application_name = smtpd
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain =
smtpd_sasl_security_options = noanonymous
smtpd_sender_login_maps =
mysql:/etc/postfix/mysql/virtual/sender-login-maps.mysql
smtpd_sender_restrictions = permit_mynetworks,
permit_sasl_authenticated,

reject_authenticated_sender_login_mismatch, reject_non_fqdn_sender,
                                          reject_sender_login_mismatch,
reject_unauthenticated_sender_login_mismatch,
                                          reject_unknown_sender_domain,
reject_unverified_sender
# reject
smtpd_soft_error_limit = 5
soft_bounce = no
strict_rfc821_envelopes = yes
transport_retry_time = 60s
trigger_timeout = 5s
unverified_sender_reject_code = 550

unknown_address_reject_code = 450
unknown_client_reject_code = 450
unknown_hostname_reject_code = 450
unknown_local_recipient_reject_code = 550
unknown_relay_recipient_reject_code = 550
unknown_virtual_alias_reject_code = 550
unknown_virtual_mailbox_reject_code = 550
unverified_recipient_reject_code = 450
unverified_sender_reject_code = 450

virtual_alias_maps =
mysql:/etc/postfix/mysql/virtual/alias.mysql
virtual_create_maildirsize = yes
virtual_gid_maps = static:10000
virtual_mailbox_base = /home/hosting/vmail
virtual_mailbox_domains =
mysql:/etc/postfix/mysql/virtual/domains-master.mysql,
mysql:/etc/postfix/mysql/virtual/domains-from-alias.mysql
virtual_mailbox_extended = yes
virtual_mailbox_maps =
mysql:/etc/postfix/mysql/virtual/mailbox.mysql
virtual_mailbox_limit = 204800000
virtual_mailbox_limit_inbox = yes
virtual_mailbox_limit_maps =
mysql:/etc/postfix/mysql/virtual/quota.mysql
virtual_mailbox_limit_override = yes
virtual_minimum_uid = 10000
virtual_overquota_bounce = yes
virtual_transport = virtual
virtual_uid_maps =
mysql:/etc/postfix/mysql/virtual/uid.mysql

----------------------------------------------------------------------------
----------------------
Master.cf
----------------------------------------------------------------------------
----------------------

smtp inet n - - - 10 smtpd
pickup fifo n - - 60 1 pickup
cleanup unix n - - - 0 cleanup
qmgr fifo n - - 300 1 qmgr
rewrite unix - - - - - trivial-rewrite
bounce unix - - - - 0 bounce
defer unix - - - - 0 bounce
trace unix - - - - 0 bounce
verify unix - - - - 1 verify
flush unix n - - 1000? 0 flush
proxymap unix - - n - - proxymap
smtp unix - - - - - smtp
relay unix - - - - - smtp
showq unix n - - - - showq
error unix - - - - - error
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - n - - lmtp
anvil unix - - n - 1 anvil
maildrop unix - n n - - pipe
flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
uucp unix - n n - - pipe
flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail
($recipient)
ifmail unix - n n - - pipe
flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp unix - n n - - pipe
flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -d -t$nexthop -f$sender
recipient
scalemail-backend unix - n n - 2 pipe
flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store
${nexthop} ${user} ${extension}
tlsmgr unix - - - 1000? 1 tlsmgr
scache unix - - - - 1 scache
discard unix - - - - - discard

----------------------------------------------------------------------------
----------------------
/etc/hosts
----------------------------------------------------------------------------
----------------------
spambox:/etc# cat hosts
127.0.0.1 localhost.localdomain localhost smtpout

127.0.0.1 FT-MYSQL mysql-server

200.27.132.219 mx.gigahost.cl
200.27.132.220 mx.gigahost.cl
200.27.132.221 mx.gigahost.cl
200.27.132.222 mx.gigahost.cl

# The following lines are desirable for IPv6 capable hosts
::1 ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
ff02::3 ip6-allhosts

----------------------------------------------------------------------------
----------------------
Dns zone store on powerdns.
----------------------------------------------------------------------------
----------------------
+------+-----------+------------------+------+------------------------------
-------------------------------------+------+------+-------------+----------
-----+
| id | domain_id | name | type | content
| ttl | prio | change_date | record_header |
+------+-----------+------------------+------+------------------------------
-------------------------------------+------+------+-------------+----------
-----+
| 832 | 61 | gigahost.cl | SOA | ns00.fulltimehosting.net
dnsmaster.fulltimehosting.net 2006011201 | 60 | NULL | NULL | SOA
|
| 833 | 61 | gigahost.cl | NS | ns00.fulltimehosting.net
| 60 | NULL | NULL | NULL |
| 834 | 61 | gigahost.cl | NS | ns01.fulltimehosting.net
| 60 | NULL | NULL | NULL |
| 835 | 61 | gigahost.cl | NS | ns02.fulltimehosting.net
| 60 | NULL | NULL | NULL |
| 836 | 61 | gigahost.cl | A | 200.27.132.222
| 60 | NULL | NULL | root |
| 837 | 61 | ftp.gigahost.cl | A | 200.27.132.222
| 60 | NULL | NULL | ftp |
| 838 | 61 | pop.gigahost.cl | A | 200.27.132.222
| 60 | NULL | NULL | pop |
| 839 | 61 | www.gigahost.cl | A | 200.27.132.222
| 60 | NULL | NULL | www |
| 840 | 61 | mx.gigahost.cl | A | 200.27.132.219
| 60 | NULL | NULL | mail |
| 841 | 61 | smtp.gigahost.cl | A | 200.27.132.222
| 60 | NULL | NULL | smtp |
| 842 | 61 | gigahost.cl | MX | mx.gigahost.cl
| 60 | 25 | NULL | mx |
| 843 | 61 | gigahost.cl | TXT | v=spf1 mx
redirect=mx.gigahost.cl | 60 | NULL |
NULL | spf |
| 844 | 61 | gigahost.cl | RP |
postmaster.fulltimehosting.net. support.fulltimehosting.net. | 60 |
NULL | NULL | RP |
| 2481 | 61 | mx.gigahost.cl | A | 200.27.132.221
| 60 | NULL | NULL | mail |
| 2482 | 61 | mx.gigahost.cl | A | 200.27.132.220
| 60 | NULL | NULL | mail |
| 2483 | 61 | mx.gigahost.cl | A | 200.27.132.222
| 60 | NULL | NULL | mail |
+------+-----------+------------------+------+------------------------------
-------------------------------------+------+------+-------------+---------

----------------------------------------------------------------------------
----------------------
Dns reverse for public ip.
----------------------------------------------------------------------------
----------------------

+------+-----------+-----------------------------+------+-------------------
----------------+-------+------+-------------+---------------+
| id | domain_id | name | type | content
| ttl | prio | change_date | record_header |
+------+-----------+-----------------------------+------+-------------------
----------------+-------+------+-------------+---------------+
| 1398 | 104 | 219.132.27.200.in-addr.arpa | PTR | mx.gigahost.cl
| 60 | NULL | NULL | PTR_219 |
| 2321 | 104 | 222.132.27.200.in-addr.arpa | PTR | mx.gigahost.cl
| 60 | NULL | NULL | PTR_222 |
| 2479 | 104 | 221.132.27.200.in-addr.arpa | PTR | mx.gigahost.cl
| 60 | NULL | NULL | PTR_221 |
| 2480 | 104 | 220.132.27.200.in-addr.arpa | PTR | mx.gigahost.cl
| 60 | NULL | NULL | PTR_220 |
+------+-----------+-----------------------------+------+-------------------
----------------+-------+------+-------------+---------------+

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]