Sendmail on a multihomed server...

Wed Jun 30 14:27:00 EDT 2004

On Tue, 2004-06-29 at 22:33, Steven W. Orr wrote:
> On Tuesday, Jun 29th 2004 at 18:32 -0400, quoth Fred:
...
> =>So, all I need to do is tell Sendmail to use a different IP address for
> =>its outgoing connections, but thus far all the obvious approaches have
> =>failed. Outside of juggling IP orders on the NIC, is there a way to bind
> =>Sendmail to a different outgoing IP address?
> =>
> =>Thanks.
> 
> Sounds interesting but I'm *almost* sure I'm not understanding your 
> question completely. So to help me understand your problem better, let me 
> suggest a solution and then you can explain why that won't work.
> 
> Why don't you tell your sendmail server to relay all the mail through 
> theworld.com? That way you get rid of the mail, they're happy to get it 
> from you because (I assume) you are a client of Barry's, and the mail gets 
> delivered by the actual correct server. And you get the added benefit of 
> being SPF compliant.

That's not quite it. The problem is that when sendmail on the server
makes a connection to AOL's server, it does so from an IP address that
AOL thinks is an open relay, and rejects delivery of the mail. I have
fixed the apparent open relay problem, but AOL still has that IP address
blacklisted. There are other IP addresses assigned to that server, but
Sendmail still prefers the primary one assigned to eth0. The others are
assigned to eth0:1, eth0:2, etc.

It is becoming apparent that Sendmail does not have a way to bind an
outgoing connection to a particular IP address, but relies on the kernel
to make that decision through the routing tables. So, comma, I am going
to have to modify the routing tables on that server, it seems -- but
since that server is remote and is a money maker, I am loathe to do
anything to the routing tables at all. Another approach is to juggle the
IP address assignments on the NICs, but I am loathe to do that as well
for the same reasons.

I rather do almost anything else than that, even switch to another MTA
if need be, though I'll have to know up front that the MTA can be set to
bind its outgoing connections through a particular IP address on this
multihomed machine.

I know Postfix is *supposed* to be a drop-in replacement, but not from
the configuration level it seems (correct me if I'm wrong). The ideal
MTA replacement must be able to read Sendmail's standard configuration
files --- I'll forego sendmail.mc/cf, but it has to be able to read the
others.

-- 
Fred -- fred at lrc.puissante.com -- place "[hey]" in your subject.
There are inflows and outflows -- and you're just a little node.
Know then, what transcendental sets have you.