sendmail's outgoing IPs

Matthew Seaman m.seaman at infracaninophile.co.uk
Sat Jun 14 21:14:15 UTC 2008 

Wojciech Puchar wrote:
> is it possible to make sendmail choose it's outgoing IP when sending 
> mail from list of four in random or round-robin way?

Not easily.  sendmail(8) defaults to binding to all IPs on the machine
(INADDR_ANY) and the IP it will use to send with will just be whatever
would be the default from the routing table to reach the destination.

You can control what interfaces sendmail will listen on by using the
DAEMON_OPTIONS() macro in /etc/mail/$(hostname).mc and you can
set what IP number the machine will use as the origin address using
the CLIENT_OPTIONS() macro.  However, CLIENT_OPTIONS() doesn't give
you any method of cycling through multiple IP numbers.

What could you do? Run four instances of sendmail in different jails
as outgoing mail relays, each bound to a different IP.  Supposing your
server is called 'smtp.your.dom.ain' then you can make that an A record
which returns those 4 different IP numbers.  Clients looking the server
up in the DNS will get a randomised list of IPs (or round-robin,
depending on the configuration of the DNS servers you're using).

Alternatively you can use one instance of sendmail and do NAT tricks
to rewrite the packets on the way out of the firewall.  See http://www.openbsd.org/faq/pf/nat.html and the 'NAT LOAD BALANCE' example
in pf.conf(5).  Note however that you should take care to ensure that
the hostname your MTA helos as matches whatever IP or IPs are ultimately
used in the connection to the other MTA, or your message may well be
refused as likely to be spam.

There are also recipes I've seen on the comp.mail.sendmail newsgroup
for running sendmail with multiple virtual identities depending on the
sender address of the e-mail, which isn't exactly what you asked for
but might be good enough.

	Cheers,

	Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.                   7 Priory Courtyard
                                                  Flat 3
PGP: http://www.infracaninophile.co.uk/pgpkey     Ramsgate
                                                  Kent, CT11 9PW

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 258 bytes
Desc: OpenPGP digital signature
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20080614/da3d7e5b/signature-0001.pgp

More information about the freebsd-questions mailing list