Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Connect » Outgoing SMTP IP address? (Where to set the connecting SMTP IP address?)
  •  
JS

Messages: 3
Karma: 0
Send a private message to this user
Sorry if I'm asking an old question but couldn't find an answer for it..

Kerio seems to be using the last available IP of the system for sending emails instead of the one that SMTP/SSMTP bound to.

Is there any other option to make sure Kerio is using a specific IP address for the outgoing SMTP connections?

Thanks
  •  
sedell

Messages: 1168
Karma: 1
Send a private message to this user
Unfortunately, no. I ran into the same issue myself when we first started using KMS. Unlike other mail servers I've used, the binding under each service is for listening only. KMS relies on the OS to select an IP address and route the network connections. In my case, it seemed to send using either of the systems two IP addresses randomly.

Eventually, I was able to get around the issue using dynamic NAT for outgoing SMTP connections, instead of static NAT. It's set up so that any outgoing SMTP connections from the 2 IP addresses KMS is on get routed through the same external IP address.

Another option, assuming you have static NAT set up, is to set up a PTR record for the other IP address, and update any anti-spam/spoofing DNS records you may be using (like SPF, Caller-ID, etc.) to add that address as an allowed sender. Then either address will work for sending since they will be set up properly for delivering mail. I had to do that at first. It wasn't ideal, but it did the job until I got the dynamic NAT entries at the firewall sorted out.

Scott
  •  
JS

Messages: 3
Karma: 0
Send a private message to this user
Hi Scott, thx for the reply.

Well, it's pretty sad there is no proper option to bind outgoing smtp, but I was able to set it right using iptables thanks to your comment.

I have several static IP addresses, so if anyone else has the same problem and doesn't want to fiddle with PTR and rDNS for the other ones here's the one-liner:

iptables -t nat -I POSTROUTING -p tcp --dport 25 -j SNAT --to-source 1.1.1.1

(Where 1.1.1.1 is obviously your mail.domain.com IP address)
Previous Topic: Sync calendar with Iphone
Next Topic: Firefox / Godaddy SSL
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Thu Nov 23 06:48:06 CET 2017

Total time taken to generate the page: 0.00364 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.