Controlling HTTP & SMTP IP flow for 3 NIC's
Tim Alberts
talberts at msiscales.com
Thu Jan 24 00:50:46 UTC 2008
John Summerfield wrote:
> Tim Alberts wrote:
>> A little background first..I run 2 servers, mail and web. The mail
>> server is down for hardware problems. I'm running both email and web
>> on one server. The web server has 3 network interfaces 1 for public
>> email, 1 for public web, and 1 for private network. I use 3 cards
>> because the router I connect to the internet won't recognize multiple
>> IP's for a single hardware MAC.
>>
>> The problem is, that my email messages seem to be going out the web
>> network interface. This is typically not a problem except for the
>> reverse DNS lookup fails which at least one domain (Comcast.Net)
>> rejects.
>>
>> My question therefore is, how can I route my sendmail traffic to go
>> out the correct ethernet interface? I'm sure I'll need to do the
>> same for the web traffic so web site spoofing alarms are triggered.
>>
>> I have told sendmail to listen to the correct interfaces, but that
>> apparently doesn't mean only write to those interfaces. I don't see
>> how to control this by setting up my routes and I can only really
>> think of ways to block it in IPtables, not re-route it.
>>
>
> The problem arises in part because of the complexity of the network.
>
> I run several servers (smtp, ssh, www, imap), and they all work
> perfectly well from a single IP address, so I wonder, Why do you need
> so many?
Please refer to the several times I've explained, the router provided by
my ISP is not accepting virtual IP addresses.
>
> In some cases, the services are served from different boxes; ssh to
> where I work and it terminates on my desktop, smtp on another goes to
> one server or another, depending on where you are. It's how I receive
> email to this address from some locations, but _you_ can't email to it.
>
>
>
More information about the fedora-list
mailing list