LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Newbie (https://www.linuxquestions.org/questions/linux-newbie-8/)
-   -   Hide a mail servers IP address - postfix headers and email relay (https://www.linuxquestions.org/questions/linux-newbie-8/hide-a-mail-servers-ip-address-postfix-headers-and-email-relay-4175452614/)

pagespony 03-04-2013 04:35 AM
Hide a mail servers IP address - postfix headers and email relay
 
Hi,

I have a mail server running cPanel (WHM), I have close to 3000 clients that check their mail from cPanel's webmail options.

The mail server gets DDoS attacked fairly frequently and I've lost over a thousand dollars on different hosts who have terminated my account because of these attacks.

I am trying to sort out an elaborate system to hide the cPanel server and make the site as a whole harder to attack.

What I have so far:

For apache:
Code:
                            --> EC2 server
                            |    (load shared)
                            |
Mail Server---Reverse Proxy----> EC2 server
(cPanel)                    |    (load shared)
                            |
                            --> EC2 server
                                  (load shared)
That all works fine. The mail servers IP is hidden from the user (+headers), they can access their webmail and the site is load shared with instances from all over the world to help with the DDoS attacks.

But my problem is with setting up mail relays, I have no idea what my postfix config file should look like and really don't understand smart hosts or mail relays enough to set it up, I've tried heaps of tutorials online about setting up a mail relay and still can't get it working. Ideally I need something like this:

Mail Outgoing:
(I already have Exim routing to a random EC2 instance working, I set up a smart host in WHM to do it)
Code:
Mail-->Exim route     
        to         
  random smarthost (EC2 instance)-->EC2 server
                                    |
                                    -Strip mailserver IP from headers
                                    -Send mail
Mail Incoming:
Code:
Mail--->EC2 server (MX #1)
      |
        -Send mail to cPanel mail server IP address
        -Strips cPanel mail server IP address from header
So put together you have a mail relay that pretends it's the final destination for mail:
Code:
                Mail server on EC2 instance
                Stripping any mention of the cpanel
Mail Server------IP address in the mail headers------ INTERNET
                before either sending mail to
                the destination or sending mail
                to the cPanel server for Exim to
                          deal with.
So I need advice on how to go about this.

a) Is the best method for me? I know a lot of EC2 IP addresses are registered as spammers but EC2 offers some help with that...

b) Should I choose postfix or exim, I've spent literally hundreds of hours trying to get this working on EC2 and postfix but just don't have the knowledge to make this work.

c) Could you please help me with setting this up? Show me what my postfix config file should look like or give me any tips.

pagespony 03-06-2013 08:51 PM
Does anyone have any suggestions to help me out?


All times are GMT -5. The time now is 03:02 PM.