Jan 022010
 

Recently there have been requests for sending mail with source IP addresses that depend on the envelope sender, it’s very usefull to protect IP-based domain reputations of different customers.

New Feature in postfix postfix-2.7-20091209 is sender_dependent_default_transport_maps

sender_dependent_default_transport_maps (default: empty)

    A sender-dependent override for the global default_transport parameter setting.
    The tables are searched by the envelope sender address and @domain.
    A lookup result of DUNNO terminates the search without overriding the global default_transport parameter setting.
    This information is overruled with the transport(5) table.

    Note: this overrides default_transport, not transport_maps, and therefore the expected syntax is that of default_transport.
          This feature does not support the transport_maps syntax for null transport, null nexthop, or null email addresses.

    For safety reasons, this feature does not allow $number substitutions in regular expression maps.

    This feature is available in Postfix 2.7 and later.

Create file called sdd_transport_maps.regexp:

/@customer1-dom\.tld$/		customer1:
/@customer2-dom\.tld$/		customer2:
/@customer3-dom\.tld$/		customer3:
..... next .....

In master.cf create special transport called customer1, customer2, customer3….and so on

customer1  unix -       -       n       -       -       smtp
   -o smtp_bind_address=1.1.1.1
   -o smtp_helo_name=customer1-dom.tld
   -o syslog_name=postfix-customer1

customer2  unix -       -       n       -       -       smtp
   -o smtp_bind_address=1.1.1.2
   -o smtp_helo_name=customer2-dom.tld
   -o syslog_name=postfix-customer2

customer3  unix -       -       n       -       -       smtp
   -o smtp_bind_address=1.1.1.3
   -o smtp_helo_name=customer3-dom.tld
   -o syslog_name=postfix-customer3

..... next .....

In main.cf add sender_dependent_default_transport_maps line:

sender_dependent_default_transport_maps = regexp:/etc/postfix/sdd_transport_maps.regexp

Don’t forget to create ip aliasing for each ip address in smtp_bind_address

reload postfix

# postfix reload

  53 Responses to “Postfix Bind Sender Domain To Dedicated Outgoing IP Address”

Comments (53)
  1. now THAT’s a good question…

  2. Exactly what I needed. It worked perfectly first try. Thanks!!

  3. Does this means that it will generate a specific outbound queue for those transports?

  4. no, in order to make multiple queue you must use multiple instances

  5. Unfortunately i’m not having as much luck as others, though i’m doing exactly what’s shown here and other sites.

    My postfix version 2.9.5 on CentOS 6.3 blatantly refuses to bind IPs based on these headers. It will always use the eth0 IP and not the eth0:1, eth0:2, etc.

    I’ve tried using regexp and shown in this example as well as hash table but same result.

    master.cf (eth0 = 1.1.1.1, eth0:1 = 1.1.1.2, eth0:2 = 1.1.1.3)


    smtp inet n - n - - smtpd
    pickup fifo n - n 60 1 pickup
    cleanup unix n - n - 0 cleanup
    qmgr fifo n - n 300 1 qmgr
    tlsmgr unix - - n 1000? 1 tlsmgr
    rewrite unix - - n - - trivial-rewrite
    bounce unix - - n - 0 bounce
    defer unix - - n - 0 bounce
    trace unix - - n - 0 bounce
    verify unix - - n - 1 verify
    flush unix n - n 1000? 0 flush
    proxymap unix - - n - - proxymap
    proxywrite unix - - n - 1 proxymap
    smtp unix - - n - - smtp
    relay unix - - n - - smtp
    -o smtp_fallback_relay=
    showq unix n - n - - showq
    error unix - - n - - error
    retry unix - - n - - error
    discard unix - - n - - discard
    local unix - n n - - local
    virtual unix - n n - - virtual
    lmtp unix - - n - - lmtp
    anvil unix - - n - 1 anvil
    scache unix - - n - 1 scache

    one unix - - n - - smtp
    -o smtp_bind_address=1.1.1.2
    -o smtp_helo_name=mail1.one.com

    two unix - - n - - smtp
    -o smtp_bind_address=1.1.1.3
    -o smtp_helo_name=mail1.one.com

    main.cf

    sender_dependent_default_transport_maps = regexp:/etc/postfix/sdd_transport_maps.regexp

    sdd_transport_maps.regexp

    /@one\.com$/ one:
    /@two\.com$/ two:

    Yeah, i’ve postmapped all these files, reloaded postfix, even restarted it and then restarted the server. my postfix also indeed supports regexp.

    Is there any debugging i can enable to figure this out?

 Leave a Reply

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

(required)

(required)

*

This site uses Akismet to reduce spam. Learn how your comment data is processed.