From: Justin McAleer (pflistfehuq.com)
Date: Thu Jan 03 2008 - 07:42:54 CST

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Carlos Jiménez wrote:
>
> Hello, everybody:
>
>
>
> I have two server with Postfix running as a Mail Gateway with antispam
> filtering. These two computers are connected to a load balancer
> (hardware appliance). Unfortunately, this device receives all SMTP
> traffic and modifies IP value of the sender with its own (load
> balancer IP).
>

Do you need to have the load balancer doing source NAT? Most hardware
load balancers have the option to do that, where you see only
connections from the load balancer itself, or to pass the traffic
"straight" through to the hosts behind the balancer, so the servers
would see the actual client IPs. We have 4 front-end Postfix servers set
up without source NAT behind our load balancer. It does require your
Postfix servers to have public IP addresses, though.

I just wanted to ask, even though you may well have good reason to be
configured that way, because it would be the easiest way to fix your
problem.

> We have configured a filtering based on RBL’s, but it doesn’t work
> because this IP address is a valid one.
>
> We should use RBL’s based on domain name, but would it be possible to
> configure Postfix to skip the IP of the load balancer and just
> filtering the IP of the original sender?
>
> If it is not possible, do you know an efficient way to bypass this issue?
>
>
>
> We are now using RBL’s, but we’d like later to implement GreyListing
> and a few filters based on sender IP.
>
>
>
>
>
> Thank you in advance.
>
>
>
> Carlos.
>

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]