From owner-freebsd-questions@FreeBSD.ORG Sat Jun 14 21:14:15 2008 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 2D364106567E for ; Sat, 14 Jun 2008 21:14:15 +0000 (UTC) (envelope-from m.seaman@infracaninophile.co.uk) Received: from smtp.infracaninophile.co.uk (gate6.infracaninophile.co.uk [IPv6:2001:8b0:151:1::1]) by mx1.freebsd.org (Postfix) with ESMTP id 96DAB8FC0C for ; Sat, 14 Jun 2008 21:14:14 +0000 (UTC) (envelope-from m.seaman@infracaninophile.co.uk) Received: from happy-idiot-talk.infracaninophile.co.uk (localhost [IPv6:::1]) (authenticated bits=0) by smtp.infracaninophile.co.uk (8.14.2/8.14.2) with ESMTP id m5ELE6Zu020787; Sat, 14 Jun 2008 22:14:07 +0100 (BST) (envelope-from m.seaman@infracaninophile.co.uk) X-DKIM: Sendmail DKIM Filter v2.5.5 smtp.infracaninophile.co.uk m5ELE6Zu020787 DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=infracaninophile.co.uk; s=200708; t=1213478047; bh=OL9LVa0HZ9lwAn TpvjK+iNe47pWZL83lOYfMcY6MK9k=; h=Message-ID:Date:From:MIME-Version: To:CC:Subject:References:In-Reply-To:Content-Type:Cc:Content-Type: Date:From:In-Reply-To:Message-ID:Mime-Version:References:To; z=Mes sage-ID:=20<48543496.4040405@infracaninophile.co.uk>|Date:=20Sat,=2 014=20Jun=202008=2022:13:58=20+0100|From:=20Matthew=20Seaman=20|Organization:=20Infracaninophile|User -Agent:=20Thunderbird=202.0.0.14=20(X11/20080607)|MIME-Version:=201 .0|To:=20Wojciech=20Puchar=20|CC:=2 0freebsd-questions@freebsd.org|Subject:=20Re:=20sendmail's=20outgoi ng=20IPs|References:=20<20080614205751.D35816@wojtek.tensor.gdynia. pl>|In-Reply-To:=20<20080614205751.D35816@wojtek.tensor.gdynia.pl>| X-Enigmail-Version:=200.95.6|Content-Type:=20multipart/signed=3B=20 micalg=3Dpgp-sha256=3B=0D=0A=20protocol=3D"application/pgp-signatur e"=3B=0D=0A=20boundary=3D"------------enig7CFCC4AD8F5D579F28790F3E" ; b=Z2iS2dEGUa+D8I8vKoEdaC1IVmo0pu8wo31y/JIBDUVU8AvZdg5qe0kYSieeC1w GMgO5YrGfFiyxkl12oOZbzgDO2Rh6CVD9GMdDGZrmoOlumbNioMjfWfFTEz6PgKsiqm ky/vYJcmYx9B91gQSeiDfwOx4i8gwiPbLuRZdulWA= Message-ID: <48543496.4040405@infracaninophile.co.uk> Date: Sat, 14 Jun 2008 22:13:58 +0100 From: Matthew Seaman Organization: Infracaninophile User-Agent: Thunderbird 2.0.0.14 (X11/20080607) MIME-Version: 1.0 To: Wojciech Puchar References: <20080614205751.D35816@wojtek.tensor.gdynia.pl> In-Reply-To: <20080614205751.D35816@wojtek.tensor.gdynia.pl> X-Enigmail-Version: 0.95.6 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="------------enig7CFCC4AD8F5D579F28790F3E" X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.0 (smtp.infracaninophile.co.uk [IPv6:::1]); Sat, 14 Jun 2008 22:14:07 +0100 (BST) X-Virus-Scanned: ClamAV version 0.93, clamav-milter version 0.93 on happy-idiot-talk.infracaninophile.co.uk X-Virus-Status: Clean X-Spam-Status: No, score=-3.0 required=5.0 tests=AWL,BAYES_00,DKIM_SIGNED, DKIM_VERIFIED,NO_RELAYS autolearn=ham version=3.2.4 X-Spam-Checker-Version: SpamAssassin 3.2.4 (2008-01-01) on happy-idiot-talk.infracaninophile.co.uk Cc: freebsd-questions@freebsd.org Subject: Re: sendmail's outgoing IPs X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 14 Jun 2008 21:14:15 -0000 This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig7CFCC4AD8F5D579F28790F3E Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: quoted-printable Wojciech Puchar wrote: > is it possible to make sendmail choose it's outgoing IP when sending=20 > mail from list of four in random or round-robin way? Not easily. sendmail(8) defaults to binding to all IPs on the machine (INADDR_ANY) and the IP it will use to send with will just be whatever would be the default from the routing table to reach the destination. You can control what interfaces sendmail will listen on by using the DAEMON_OPTIONS() macro in /etc/mail/$(hostname).mc and you can set what IP number the machine will use as the origin address using the CLIENT_OPTIONS() macro. However, CLIENT_OPTIONS() doesn't give you any method of cycling through multiple IP numbers. What could you do? Run four instances of sendmail in different jails as outgoing mail relays, each bound to a different IP. Supposing your server is called 'smtp.your.dom.ain' then you can make that an A record which returns those 4 different IP numbers. Clients looking the server up in the DNS will get a randomised list of IPs (or round-robin, depending on the configuration of the DNS servers you're using). Alternatively you can use one instance of sendmail and do NAT tricks to rewrite the packets on the way out of the firewall. See http://www.op= enbsd.org/faq/pf/nat.html and the 'NAT LOAD BALANCE' example in pf.conf(5). Note however that you should take care to ensure that the hostname your MTA helos as matches whatever IP or IPs are ultimately used in the connection to the other MTA, or your message may well be refused as likely to be spam. There are also recipes I've seen on the comp.mail.sendmail newsgroup for running sendmail with multiple virtual identities depending on the sender address of the e-mail, which isn't exactly what you asked for but might be good enough. Cheers, Matthew --=20 Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard Flat 3 PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate Kent, CT11 9PW --------------enig7CFCC4AD8F5D579F28790F3E Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (FreeBSD) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEAREIAAYFAkhUNJ4ACgkQ8Mjk52CukIw9+gCcCwREI97Suvejqzk4RMq6QdSV q80AmwSz1DZf4g7UOhZxU/wYDkCmJe5p =V5lj -----END PGP SIGNATURE----- --------------enig7CFCC4AD8F5D579F28790F3E--