Re: Two different IP for one mx

2018-01-31 Thread
Ok, I already started a discussion with ISP and they obviously have no idea what they doing. However, they did not provide any effort to fix this setup. I'm still waiting. May be it is the time to find a proper ISP and replace with it. 2018-01-31 17:00 GMT+03:00 Bill Cole < postfixlists-070...@bil

Re: Two different IP for one mx

2018-01-31 Thread Bill Cole
On 30 Jan 2018, at 6:07 (-0500), jin&hitman&Barracuda wrote: Yes I saw connections coming from 172.27.203.20 and it was me. I believe this setup is not fit mail servers. Absolutely true. 3 widespread ISP tactics that make a network unfit for an Internet-facing MTA: 1. DNS hijacking 2. Firew

Re: Two different IP for one mx

2018-01-30 Thread
On 30 Jan 2018 7:00 p.m., "Bill Shirley" wrote: On 1/30/2018 9:15 AM, Karol Augustin wrote: >From the information you provided it looks like problem is not fixable by you. It's ok to have private address configured on your server if it is properly translated upstream. Amazon does that. You have

Re: Two different IP for one mx

2018-01-30 Thread Karol Augustin
On 2018-01-30 15:59, Bill Shirley wrote: > > In an earlier post: > Becouse I prefer to use fail2ban for brute force attacks and fail2ban depends > source IP address.In this setup I can't see source IP. Also I'll use iptables > as a permanent filter for some IPv4 blocks (like china). > > He n

Re: Two different IP for one mx

2018-01-30 Thread Bill Shirley
On 1/30/2018 9:15 AM, Karol Augustin wrote: From the information you provided it looks like problem is not fixable by you. It's ok to have private address configured on your server if it is properly translated upstream. Amazon does that. You have private IP configured on your machine but it is t

Re: Two different IP for one mx

2018-01-30 Thread Karol Augustin
On 2018-01-30 14:08, jin&hitman&Barracuda wrote: > 2018-01-30 15:22 GMT+03:00 Bill Shirley : > >> On the new Postfix server, are you using DHCP client on the WAN interface >> to get a IP address? You should not be. You should assign your public >> address >> to the WAN interface. >> >> I have

Re: Two different IP for one mx

2018-01-30 Thread
2018-01-30 16:42 GMT+03:00 Matus UHLAR - fantomas : > If you see this IP when you connect to your postfix from the internet, >>> complain to your new ISP immediately. Connections from outside >>> should not be NATted. >>> >> > On 30.01.18 14:34, jin&hitman&Barracuda wrote: > >> Wh

Re: Two different IP for one mx

2018-01-30 Thread
2018-01-30 15:22 GMT+03:00 Bill Shirley : > On the new Postfix server, are you using DHCP client on the WAN interface > to get a IP address? You should not be. You should assign your public > address > to the WAN interface. > > I have static addresses with my ISP. My ISP's modem will hand out p

Re: Two different IP for one mx

2018-01-30 Thread
2018-01-30 14:42 GMT+03:00 G : > On 01/29/2018 11:09 PM, jin&hitman&Barracuda wrote: > >> Hi >> >> We are tring to move our mx server to another isp. >> > > You have two postfix installations then, one in your current MX record and > a new > which is not yet published on DNS . Is that correct ? >

Re: Two different IP for one mx

2018-01-30 Thread Matus UHLAR - fantomas
If you see this IP when you connect to your postfix from the internet, complain to your new ISP immediately. Connections from outside should not be NATted. On 30.01.18 14:34, jin&hitman&Barracuda wrote: When I connecting from internet (for example from 149.XXX.164.55) I did run tcpdump command

Re: Two different IP for one mx

2018-01-30 Thread Bill Shirley
On the new Postfix server, are you using DHCP client on the WAN interface to get a IP address?  You should not be.  You should assign your public address to the WAN interface. I have static addresses with my ISP.  My ISP's modem will hand out private addresses if I use DHCP client.  I don't conf

Re: Two different IP for one mx

2018-01-30 Thread G
On 01/29/2018 11:09 PM, jin&hitman&Barracuda wrote: Hi We are tring to move our mx server to another isp. You have two postfix installations then, one in your current MX record and a new which is not yet published on DNS . Is that correct ? They gave us an IP address but there is some stran

Re: Two different IP for one mx

2018-01-30 Thread
2018-01-30 14:16 GMT+03:00 Matus UHLAR - fantomas : > On 30 Jan 2018 3:43 a.m., "Paul" wrote: >>> What is the source IP you see making connections to your new postfix >> server ? >> > > On 30.01.18 09:28, jin&hitman&Barracuda wrote: > >> It is 172.27.203.20 >> > >

Re: Two different IP for one mx

2018-01-30 Thread Matus UHLAR - fantomas
On 30 Jan 2018 3:43 a.m., "Paul" wrote: What is the source IP you see making connections to your new postfix server ? On 30.01.18 09:28, jin&hitman&Barracuda wrote: It is 172.27.203.20 2018-01-30 12:03 GMT+03:00 Matus UHLAR - fantomas : If you see this IP when you connect to your postfix

Re: Two different IP for one mx

2018-01-30 Thread
2018-01-30 13:29 GMT+03:00 Matus UHLAR - fantomas : > On 30 Jan 2018 3:43 a.m., "Paul" wrote: >>> What is the source IP you see making connections to your new postfix server ? >>> On 30.01.18 09:28, jin&hitman&Barracuda wrote: >>> It is 172.27.203.20 >>> > 2018-

Re: Two different IP for one mx

2018-01-30 Thread Matus UHLAR - fantomas
On 30 Jan 2018 3:43 a.m., "Paul" wrote: What is the source IP you see making connections to your new postfix server ? On 30.01.18 09:28, jin&hitman&Barracuda wrote: It is 172.27.203.20 2018-01-30 12:03 GMT+03:00 Matus UHLAR - fantomas : this is also a private address and it should not ap

Re: Two different IP for one mx

2018-01-30 Thread
2018-01-30 12:03 GMT+03:00 Matus UHLAR - fantomas : > On 30.01.18 00:09, jin&hitman&Barracuda wrote: > >> In-Reply-To: > ail.com> >> References: > ail.com> >> >> > > hell, how did you create this e-mail? it looks like reply to thread with > another 9 e-mails. (Plese send new post when asking new

Re: Two different IP for one mx

2018-01-30 Thread Matus UHLAR - fantomas
On 30.01.18 00:09, jin&hitman&Barracuda wrote: In-Reply-To: References: hell, how did you create this e-mail? it looks like reply to thread with another 9 e-mails. (Plese send new post when asking new question) We are tring to move our mx server to another isp. They gave us an IP address

Re: Two different IP for one mx

2018-01-29 Thread
On 30 Jan 2018 3:43 a.m., "Paul" wrote: On 29/01/2018 21:09, jin&hitman&Barracuda wrote: > Hi > > We are tring to move our mx server to another isp. They gave us an IP > address but there is some strange points. When i try to connect any mail > related port on that ip, it send my connection to

Re: Two different IP for one mx

2018-01-29 Thread Paul
On 29/01/2018 21:09, jin&hitman&Barracuda wrote: Hi We are tring to move our mx server to another isp. They gave us an IP address but there is some strange points. When i try to connect any mail related port on that ip, it send my connection to our new postfix server. There is a destination

Re: Two different IP for one mx

2018-01-29 Thread Kevin A. McGrail
On 1/29/2018 5:03 PM, jin&hitman&Barracuda wrote: It is 192.168.34.30/24 So that's a Class C (256 IPs) block from the reserved private class B address block*.  So you are definitely NATted if you have access to the internet. If you have a 1:1 NAT and can do port fo

Re: Two different IP for one mx

2018-01-29 Thread
On 30 Jan 2018 12:56 a.m., "Kevin A. McGrail" wrote: On 1/29/2018 4:09 PM, jin&hitman&Barracuda wrote: > We are tring to move our mx server to another isp. They gave us an IP > address but there is some strange points. When i try to connect any mail > related port on that ip, it send my connecti

Re: Two different IP for one mx

2018-01-29 Thread Kevin A. McGrail
On 1/29/2018 4:09 PM, jin&hitman&Barracuda wrote: We are tring to move our mx server to another isp. They gave us an IP address but there is some strange points. When i try to connect any mail related port on that ip, it send my connection to our new postfix server. There is a destination nat o