|
We run into this scenario frequently in the hosting business. These are servers with multiple IP addresses, sometimes two or three hundred, to a single machine, and the MTA is either incapable or too unfriendly when it comes to getting it to bind to a specific IP address. Other reasons to use this might stem from ending up with an IP address that is on one of the more difficult to remove real-time blacklists (RBLs). As such, you need to restrict your MTA to send mail from a specific IP address. The following rule should do the trick: # Where eth0 is your external interface # Where $EXTERNALIP is the IP you'd like your MTA to # send mail from $IPTABLES -t nat -A POSTROUTING -o eth0 -p tcp \ --dport 25 -j SNAT --to-source $EXTERNALIP |
|