From owner-freebsd-questions@FreeBSD.ORG Fri Oct 24 16:41:57 2014 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id DE4344B2 for ; Fri, 24 Oct 2014 16:41:57 +0000 (UTC) Received: from mx2.blackfoot.net (mx2.blackfoot.net [216.14.232.11]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (Client CN "spam.blackfoot.net", Issuer "GeoTrust DV SSL CA" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id AA18DD52 for ; Fri, 24 Oct 2014 16:41:57 +0000 (UTC) Received: from blackfoot.vision.net ([216.220.3.42]) by mx2.blackfoot.net ({f463150a-8fc3-47f8-9d9f-72f34f8bb0de}) via TCP (outbound) with ESMTP id 20141024163816228 for ; Fri, 24 Oct 2014 16:38:16 +0000 X-RC-FROM: X-RC-RCPT: Received: from webmail.blackfoot.net (unknown [10.40.25.30]) (Authenticated sender: vagabond) by blackfoot.vision.net (Postfix) with ESMTPA id EBE107043 for ; Fri, 24 Oct 2014 10:38:14 -0600 (MDT) Received: from 66.109.141.62 (SquirrelMail authenticated user vagabond) by webmail.blackfoot.net with HTTP; Fri, 24 Oct 2014 10:38:14 -0600 Message-ID: Date: Fri, 24 Oct 2014 10:38:14 -0600 Subject: bridging mode, ppp tunneling, IP addrs and outgoing mail (sendmail) From: "Gary Aitken" To: freebsd-questions@freebsd.org User-Agent: SquirrelMail/1.4.22 MIME-Version: 1.0 Content-Type: text/plain;charset=utf-8 Content-Transfer-Encoding: 8bit X-Priority: 3 (Normal) Importance: Normal X-MAG-OUTBOUND: blackfoot.redcondor.net@216.220.3.42/32 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 24 Oct 2014 16:41:58 -0000 I've got a gateway currently set up as follows: ISP -- DSL Modem (a.b.c.d/30) -- (a.b.c.e/30) FreeBSD (a.b.c.f/30) --- internal net The internal net uses both public IPs and private IPs via aliases on the interfaces. The DSL modem is in bridging mode. Inside the fbsd box I'm running user ppp which is set up to pass public IPs and nat private IPs. The fbsd box is also running the mail server (sendmail). Questions: 1. Since the modem is in bridging mode and ppp is tunneling, the IP addr on stuff sent out from the fbsd machine carries the ip addr ppp uses, which is one belonging to the ISP and not one of our assigned IP addrs. As currently set up, I'm using up 4 of the assigned IP addrs just to deal with the modem. It seems to me none of those addrs will ever appear anywhere else, so is there any reason not to use something from the set of private IPs for the fbsd -- modem connection? 2. Because the ppp connection gets the IP addr assigned by the ISP and not one from our assigned set, mail goes out with an origin IP addr which is not our own. Mail services which do reverse lookups therefore sometimes reject mail because the claimed sender domain doesn't match the reverse dns domain (or one of the mx records for the domain, not sure which). Is there a way to force sendmail to either: a. use an address other than the assigned one (I suspect this won't work because the IP addr causing the problem comes from the IP layer, not sendmail) b. direct the mail to an internal port which then takes the default route out subsequently? c. Can this be dealt with by assigning an alias IP addr to tun0 after ppp comes up and having sendmail send out that somehow? d. If necessary, the mail host could be changed to a different system on the internal network with a public ip addr. That would give the outgoing mail a public ip addr, but seems like a big hoop to jump through. Correct? Thanks for any enlightenment, Gary