Postfix using multiple IPs (catch22) Help!!!!

Postfix will use different IP addresses to send mail on a server with virtual IPs:
Eth0 = 1.1.1.1 (rdns=mx.example.com)
eth0:0 = 1.1.1.2 (rdns=mx.example.com)
eth0:1 = 1.1.1.3 (rdns=mx.example.com)
eth0:2 = 1.1.1.4 (rdns=mx.example.com)
The problem is that if it sends mail from one of the virtual ip the reverse dns will never match and much of the mail gets labeled as SPAM even thought the SPF record clearly states that receiving mail from that IP for that domain is OK.
The possible fix to the problem was to smtp_bind_address in /etc/postfix/main.cf to 1.1.1.1, but if you do so all the other processes that will internally contact the server at 127.0.0.1 will fail and your mail will back up in the queue(postqueue -p).
So I've already tried changing the master.cf config to:
1.1.1.1:10025 inet n - - - - smtpd
But it did not work apparently with an ISPCONFIG setup there are more things to consider (AMAVIS, etc,etc,etc).
Just grepping for 127.0.0.1 in postfix returns many other things to change:
/etc/postfix# grep -R '127.0.0.1' *
main.cf:#inet_interfaces = 1.1.1.1,127.0.0.1
main.cf:content_filter = amavis:[127.0.0.1]:10024
main.cf~:content_filter = amavis:[127.0.0.1]:10024
main.cf~2:content_filter = amavis:[127.0.0.1]:10024
main.cf~3:content_filter = amavis:[127.0.0.1]:10024
master.cf:127.0.0.1:10025 inet n - - - - smtpd
master.cf~:127.0.0.1:10025 inet n - - - - smtpd
mysql-virtual_client.cf:hosts = 127.0.0.1
mysql-virtual_client.cf~:hosts = 127.0.0.1
mysql-virtual_domains.cf:hosts = 127.0.0.1
mysql-virtual_domains.cf~:hosts = 127.0.0.1
mysql-virtual_email2email.cf:hosts = 127.0.0.1
mysql-virtual_email2email.cf~:hosts = 127.0.0.1
mysql-virtual_forwardings.cf:hosts = 127.0.0.1
mysql-virtual_forwardings.cf~:hosts = 127.0.0.1
mysql-virtual_mailboxes.cf:hosts = 127.0.0.1
mysql-virtual_mailboxes.cf~:hosts = 127.0.0.1
mysql-virtual_recipient.cf:hosts = 127.0.0.1
mysql-virtual_recipient.cf~:hosts = 127.0.0.1
mysql-virtual_relaydomains.cf:hosts = 127.0.0.1
mysql-virtual_relaydomains.cf~:hosts = 127.0.0.1
mysql-virtual_relayrecipientmaps.cf:hosts = 127.0.0.1
mysql-virtual_relayrecipientmaps.cf~:hosts = 127.0.0.1
mysql-virtual_sender.cf:hosts = 127.0.0.1
mysql-virtual_sender.cf~:hosts = 127.0.0.1
mysql-virtual_transports.cf:hosts = 127.0.0.1
mysql-virtual_transports.cf~:hosts = 127.0.0.1
So my question is, am I going about this all wrong??? Is there an easier way to force postfix to use the main ip for outgoing and still service 127.0.0.1?
HELP!!!!

 

smtp_bind_address binds postfix smtp-client to an ip-address when making a connection. You can define this in the main.cf or or in any service in the master.cf with -o smtp_bind_address=xxx - and this works with ispconfig.

You must restart (not just reload) postfix after changing thi smtp-binding.

What did you set for mynetworks?

 

Yes, I know and it works, however it causes the postqueue to pile up with failures.

mynetworks = 127.0.0.0/8 [::1]/128
That's the default. I followed the perfect server guide for debian 7.

 

Not sure if you really need it, but i always add a "bind-ip" to mynetworks. Can you post the log when a mail-processing fails? Did you use -o 127.0.0.1 in the master.cf for the amavis-service?

 

Ok I will add smtp_bind_address = 1.1.1.1 to my /etc/postfix/main.cf and restart postfix.
I do postqueue -p and begin seeing messages like these begin to fill the queue:
F30976980355 2001 Wed May 27 11:39:30 [email protected]
(lost connection with 127.0.0.1[127.0.0.1] while receiving the initial server greeting)
[email protected]

This is the only section of master.conf that specifies 127.0.0.1:

Code:

127.0.0.1:10025 inet n - - - - smtpd
  -o content_filter=
  -o local_recipient_maps=
  -o relay_recipient_maps=
  -o smtpd_restriction_classes=
  -o smtpd_client_restrictions=
  -o smtpd_helo_restrictions=
  -o smtpd_sender_restrictions=
  -o smtpd_recipient_restrictions=permit_mynetworks,reject
  -o mynetworks=127.0.0.0/8,xxx.xxx.xxx.xxx/29
  -o strict_rfc821_envelopes=yes
  -o receive_override_options=no_unknown_recipient_checks,no_header_body_checks

 

I think I fixed it with help from this post:
http://www.faqforge.com/linux/send-all-outgoing-email-trough-one-ip-address-in-postfix/
OK I added to /etc/postfix/main.cf

Code:

inet_interfaces = 1.1.1.1,127.0.0.1
smtp_bind_address = 1.1.1.1

and created /etc/amavis/conf.d/60-custom with this in it:

Code:

@inet_acl = qw( 127.0.0.1 [::1] 1.1.1.1 );

And everything seems to work right up to this moment. I will run a battery of tests and check logs to see if it did no affect something else.

 

So far so good. Looks like everything chugs along just fine.

 

This is probably something I would like to see permanently implemented into ISPCONFIG, as I don't know anyone that would want postfix mail leaving the server from an IP without a matching RDNS record.
This should probably be written into the PERFECT SERVER guides.

 

You don´t need inet_interfaces to SEND on a specified ip. inet_interfaces defines the address(es) postfix should listen on.

 

Good idea. I'll remove this.