OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
Re: Postfix send emails from a subnet, how to config?

From: Phillip Smith (fukawi2gmail.com)
Date: Sat Nov 14 2009 - 21:48:12 CST


2009/11/15 Mihai Mustea <mihai.musteaswissventure.ro>:

> work for) a website with fashion campaigns and it sends more than 50K
> emails each day, 90% of them being hosted by Yahoo (all users being
> registered, so this is not spam) and I'm sure that you are aware of
> Yahoo's policies. I tried to use throttling solutions (send 2 emails per
> second or even less), the messages are still deferred after some time.
> So my last option before buying some service from inxmail or mailchimp
> is to try this, but I cannot implement it (google is not my best friend
> in this case).

If your aim is to distribute the outbound load across multiple IP
addresses for the purposes of fooling Yahoo into believing you're
multiple different mail servers (ie, mail doesn't *have* to be in .2
and out .2, it can be in .2 and out .57) then you can do some nasty
hacky workarounds in iptables... Something along the lines of....

iptables -t nat -I POSTROUTING -m state --state NEW -p tcp --dport 25
-o eth0 -m statistic --mode nth --every 200 -j SNAT --to-source
192.168.10.1
iptables -t nat -I POSTROUTING -m state --state NEW -p tcp --dport 25
-o eth0 -m statistic --mode nth --every 200 -j SNAT --to-source
192.168.10.2
iptables -t nat -I POSTROUTING -m state --state NEW -p tcp --dport 25
-o eth0 -m statistic --mode nth --every 200 -j SNAT --to-source
192.168.10.3
iptables -t nat -I POSTROUTING -m state --state NEW -p tcp --dport 25
-o eth0 -m statistic --mode nth --every 200 -j SNAT --to-source
192.168.10.4
iptables -t nat -I POSTROUTING -m state --state NEW -p tcp --dport 25
-o eth0 -m statistic --mode nth --every 200 -j SNAT --to-source
192.168.10.5
iptables -t nat -I POSTROUTING -m state --state NEW -p tcp --dport 25
-o eth0 -m statistic --mode nth --every 200 -j SNAT --to-source
192.168.10.6
<etc>
<etc>
<etc>
iptables -t nat -I POSTROUTING -m state --state NEW -p tcp --dport 25
-o eth0 -m statistic --mode nth --every 200 -j SNAT --to-source
192.168.10.199
iptables -t nat -I POSTROUTING -m state --state NEW -p tcp --dport 25
-o eth0 -m statistic --mode nth --every 200 -j SNAT --to-source
192.168.10.200

1) I'm assuming all these IP addresses are on the one interface (eth0)
2) Replace the '--every 200' with the total number of IP addresses you
have for outgoing mail.

This is untested so it's at your own risk, but I believe it should work.