On 01/07/2015 10:40 PM, Brad Riemann wrote:
Hello!
First time caller, long time listener J.
I’ve been working on a new mail filtering solution for our company
that revolves around the solution receiving inbound mail through a
load balancer.
We have come upon an issue that I am not finding any sort of
documentation or notes that others have experienced..
We are using a load balancer behind a nat, that distributes the
inbound emails to a clustered mail scanning solution (we have been
having issues with our current solution where the existing servers are
overloaded, and this gives us the ability to plug and play new servers
with zero dns adjustments..) Now, our load balancers hands off the
message to the first available postfix server, we get headers that
look like the following (after postfix picks it up).
--
Received: from batch.email.flyfrontier.com (edge1.dc1.domain.com
[172.16.4.#])
by mta02.dc1.domain.com (Postfix) with ESMTP id ###########
for <u...@domain.com>; Wed, 7 Jan 2015 10:48:52 -0600 (CST)
--
The issue, if you don’t see it, is that postfix seems to be using the
load balancer ip as the last hop, and because the load balancer is
just pushing content through it is not recording the previous hop to
the headers, which is causing some issues..
This seems to be a Firewall NAT issue. The Load balancer would add a HOP
if it is on the application layer.
What is the load balancer you are using. We use LVS and we always get
the IP of the smtp client machine on postfix, not the load balancer IP
Thanks
Ram
