On Wed, 30 Sep 2009 01:03:36 +1000 Barney Desmond <barneydesm...@gmail.com> wrote:
> 2009/9/30 Postfix User <post...@linuxnet.ca>: > > > I've since implemented an iptables SNAT rule as a temporary > > workaround as I really needed this working this morning. I doubt > > this will interfere with the verbose logging output. What exactly > > is it I should be looking for? > > Can you show us some proof that it's not working? Eg. send mail via > that machine and show the headers that appear on the receiving end. > > If you really want to use iptables, I'd use it for logging first. Just > some trivial rules. > > iptables -I OUTPUT -s 142.22.75.146 -p tcp --dport smtp -m state > --state NEW iptables -I OUTPUT -s 142.22.75.147 -p tcp --dport smtp > -m state --state NEW > > Send some mail and check your packet counters with `iptables -L > OUTPUT -vn` > > I don't doubt that you're seeing some sort of problem, but we need > more evidence to believe there's actually something broken/wrong with > postfix. I wouldn't bother turning on verbose logging just yet; I'm > not sure it'll show the source address, and it's a lot of information > to wade through (and noone here will read through it unless they're > sure there's a problem that needs it). Why would you think there's a problem? Postfix does not determine what interface is used for outbound email. The OS routing tables do that, so iptables will do what he wants. -- John
