Hello all,
I'm seeing a lot of bounces on the mail manager, and I'm hoping you can help me narrow down the cause.
I've got 3 WAN interfaces and a bunch of extra public IP addresses assigned to them.
x.x.x.83 is the default ip address of WAN-X2 and the interface of most of my traffic
x.x.x.217 is an additional address on interface WAN-X1 and is the public ip address associated with my exchange server
WAN-X2 and WAN-X1 are fed by different ISPs
I am using SMTP email protection/relay.
The mail manager is reporting emails leaving both .83 and .217. The ones leaving the correct IP are delivered fine, the ones leaving .83 are bounced because that IP address understandably ended up on a blacklist due to the fact that it's not associated with an MX record.
I verified that SMTP traffic is indeed going out .83 by running #tcpdump -i eth5 src host x.x.x.83 and port 25
Here are the relevant rules:
Masquerading:
Internal Networks -> WAN-X2
NAT:
SNAT
Inside (Address) -> Email ports -> Any
Source Translation: WAN-X1 [External x.x.x.217] (Address)
DNAT
AnyIPv4 -> Email ports -> WAN-X1 [External x.x.x.217] (Address
Dest. Translation: Exchange Server
Firewall:
Exchange -> Email Ports -> Any ALLOW
Any -> Email Ports -> Exchange ALLOW
EDIT Because I forgot the Multipath Rules:
Multipath:
1 Outbound via X2 [by Interface]
Internal Networks -> Any Port -> Any Address -> WAN-X2
2 Email Only Wan-X1 [by Connection]
Internal Networks -> Email Ports -> WAN-X1 [x.x.x.217] -> Uplink Interfaces
Any ideas? Any additional information needed?
This thread was automatically locked due to age.
