In from IP2 out always from IP1

[xpepermint]

Hey. I have an issue with in-out IPs. An email is sent from MX2(IP2) and is always delivered from MX1(IP1). Where can I get more info? Thx!

[smfreegard]

I know this is an old thread; but I've just noticed it.

You mean that you are receiving mail on interface A, but delivery is always happening through interface B?

[xpepermint]

Yes.

[smfreegard]

Ok - let me see if I can cook up a patch to address this for you. What is happening now is that Haraka simply requests a connection to the destination host and the OS kernel decides which interface is used.

We have a new'ish option in the MX lookup code which allows you to specify a 'bind' address e.g. which interface to use, which is optional and normally only supplied by a plugin hooking get_mx and providing a custom function which sets mx.bind to the desired address.

I'll see if I can make Haraka default to sending mail out of the same IP address it received it on.

[xpepermint]

That would be great. Btw... I will continue working on haraka for our project in a few months thus I can't give you the latest feedback right now. But the idea is that a user will get smtp access on IP1 (mx1) thus all emails should be sent from this IP address (we have multiple users, each user gets a dedicated SMTP access). Thx...

[smfreegard]

Ok - I've done some experiments and the issue is that by default Haraka will listen on [::0]:25 or 0.0.0.0:25 which is 'all interfaces'. When it does this - the local_ip reported to node.js is always '::' or '0.0.0.0' which wouldn't be too useful to you as the behaviour wouldn't change.

If I manually set Haraka's listen= interfaces in smtp.ini - then the local_ip is reported correctly, however you would have to modify this setting and restart Haraka every time you added a new IP address, again - I'm guessing that this wouldn't be too useful.

The only thing I can come up with is allowing you to set connect.transaction.notes.outbound_ip = 'ip.ip.ip.ip' which you can then set from your own plugin. e.g. you could have a map of sender domain => outbound IP which would then be applied.

Thoughts?

[xpepermint]

Thanks @smfreegard. Well ... What's important is that if a user connects to SMTP on interface mx.domain.com and sends an email, the outgoing email should be sent from mx.domain.com, not from the default interface.

Maybe a plugin would be a solution, yes.

[smfreegard]

The point here is that Haraka has no concept of what mx.domain.com is (indeed with NAT, the external IP address might be completely different to the interface address), unlike HTTP - there's no 'Host' header available.

The only way around this would be to use something like interface aliases like you would with SSL e.g.

eth0 = 1.1.1.1 eth0:1 = 2.2.2.2 eth0:2 = 3.3.3.3 eth0:3 = 4.4.4.4

Then explicitly bind Haraka to these interfaces listen=127.0.0.1:25, 1.1.1.1:25, 2.2.2.2:25, 3.3.3.3:25, 4.4.4.4:25

Then if someone connects to 1.1.1.1:25, then Haraka will see a local_ip of 1.1.1.1.

However - this isn't very scalable as you would have to modify smtp.ini and restart Haraka every time you added an alias interface.

The alternative is to use a plugin instead, and set the correct IP address based on who the sender or recipients are. However the drawback here is that this map is server specific as the IP addresses would change depending on which system they were running on.

[xpepermint]

I see. Hum... I think that a reusable plugin, based on notes, should be possible in this case. This thing could work similar to your example above (e.g. we can define a file with matches {sender from domain}>{send using mx/interface} or smth).

[msimerson]

resolved by #806 (if not @xpepermint , you can re-open)