iptables + postfix = random 5 IPS

opencag · 07-16-2015, 10:31 AM

I need to randomize 5 ips for iptables..

code:

Code:

iptables -t nat -I POSTROUTING -m state --state NEW -p tcp --dport 25 -o eth0 -m statistic --mode nth --every 5 --packet 1 -j SNAT --to-source 179x.x.238
iptables -t nat -I POSTROUTING -m state --state NEW -p tcp --dport 25 -o eth0 -m statistic --mode nth --every 5 --packet 2 -j SNAT --to-source 179x.x.239
iptables -t nat -I POSTROUTING -m state --state NEW -p tcp --dport 25 -o eth0 -m statistic --mode nth --every 5 --packet 3 -j SNAT --to-source 179x.x.240
iptables -t nat -I POSTROUTING -m state --state NEW -p tcp --dport 25 -o eth0 -m statistic --mode nth --every 5 --packet 4 -j SNAT --to-source 179x.x.241
iptables -t nat -I POSTROUTING -m state --state NEW -p tcp --dport 25 -o eth0 -m statistic --mode nth --every 5 --packet 5 -j SNAT --to-source 179x.x.242

The problem is that only randomizes the first 5 requests.

After sending the first 5 requests, he repeats the primary IP interface.

lazydog · 07-16-2015, 02:39 PM

This may be a dumb question but why do you need to randomize the source ip address?

opencag · 07-16-2015, 06:48 PM

GMAIL , YAHOO reject IPS with many hits.

We send a lot of emails . We have 100 e- mail accounts.

I need to randomize the output via iptables.

lazydog · 07-17-2015, 11:42 AM

So you don't send email direct you go though Gmail and Yahoo to do this? Why not setup your own SMTP server and to this all yourself?

opencag · 07-18-2015, 03:37 PM

Is rule is for my SMTP server.

lazydog · 07-19-2015, 01:07 AM

Try this;

Code:

iptables -t nat -A POSTROUTING -p tcp -o eth0 --dport 25 -m state --state NEW -j SNAT --to-source 179.x.x.238-179.x.x.242

astrogeek · 07-19-2015, 01:16 AM

Quote:

Originally Posted by opencag

GMAIL , YAHOO reject IPS with many hits.

We send a lot of emails . We have 100 e- mail accounts.

I need to randomize the output via iptables.

This sounds like you are trying to circumvent gmail and yahoo spam blocking rules.

To be clear, are you sending to your own users accounts on gmail and yahoo, or to others which do not recognize the from address?
Are the 100 email accounts you mention the from address accounts or just 100 random gmail and yahoo recipients?

opencag · 07-19-2015, 02:04 PM

I have 100 accounts in my business.

These 100 accounts send to gmail , hotmail and yahoo.

required randomize the IP Shipping by iptables.

astrogeek · 07-19-2015, 03:10 PM

To ask again...

Quote:

To be clear, are you sending to your own users accounts on gmail and yahoo, or to others which do not recognize the from address?

Can you tell us the approximate rate at which emails are being sent as well.

If your 100 users are communicating with various gmail, yahoo and hotmail users there should really be no rate problem and maybe your problem is not rate related.

On the other hand, if your 100 accounts are not real users and are sending large volumes of unsolicited email to yahoo, gmail and hotmail, that constitutes a different problem.

Which is it?

opencag · 07-19-2015, 04:04 PM

Medium send 500 emails per hour for gmail/hotmail.