Re: Multiple IP interfaces, mail is being sent out through diffe

wsandkuyl · ‎01-24-2011

Hello,

Here's our current situation. We have multiple IP interfaces with one listener each setup on our blocker with distinct hostnames and IP addresses, still all within the same subnet.

I've noticed that mail arriving on interface "A" with listener "A" attached to it is being delivered through a different interface and IP ("B") when the mail is delivered to the final mailserver.

In short:

Mail arrives on blocker with IP 1.1.1.1 and hostname mailhostA.com, and is being sent out to the exchange server using IP 1.1.1.2 and hostname mailhostB.com.

Is this expected behaviour, or did I miss something when setting up the various IP interfaces / listeners?

Regards,

Wessel

chris.pope · ‎01-24-2011

Hi Wessel,

Just curious how are your SMTP Routes setup?

Chris

wsandkuyl · ‎01-24-2011

Hi Chris,

They're simple definitions based on receiving domain. For the full picture I'll try to describe my setup below.

IP Interfaces (Name / IP / Hostname):

mx.mailhostA.com 1.1.1.1/24 mx.mailhostA.com

mx.mailhostB.com 1.1.1.2/24 mx.mailhostB.com

Listeners (Name / Interface):

mx.mailhostA.com mx.mailhostA.com (1.1.1.1)

mx.mailhostB.com mx.mailhostB.com (1.1.1.2)

SMTP Routes (Receiving domain / Destination Hosts):

mailhostA.com 1.1.1.11

mailhostB.com 1.1.1.12

Under the RAT for each Listener I've created the appropriate recipients, so mailhostA.com is only listed under Listener mx.mailhostA.com (1.1.1.1) and mailhostB.com is only listed under Listener mx.mailhostB.com (1.1.1.2).

What happens is when mail is sent to test@mailhostB.com it arrives at the blocker just fine, is processed and then delivered to 1.1.1.12, but when looking up the mailheaders from that email it seems to originate from mx.mailhostA.com with IP 1.1.1.1.

Let me know if you have any other questions.

Regards,

Wessel

jasbryan · ‎01-24-2011

hi Wessel,

Just a couple of qucik questions:

I know you didn't put the exact ip address on screen but do you really have two interface on the same subnet?

If so does both have the same gateway?

Jason Bryant

Cisco Support Engineer

Martin Eppler · ‎01-24-2011

Hello Wessel,

the receiving and delivery part are handled by two different instances on the Blocker appliance. Messages are received via the Listener that resides on an IP Interface. The delivery is not done by the Listener, but by a dedicated delivery process that uses the configuration set up on the CLI with the command 'deliveryconfig' -> 'setup':

no.de> deliveryconfig

Default interface to deliver mail: Auto

"Possible Delivery": Enabled
Default system wide maximum outbound message delivery concurrency: 10000
Default system wide TLS maximum outbound message delivery concurrency: 100

Choose the operation you want to perform:
- SETUP - Configure mail delivery.
[]> setup

Choose the default interface to deliver mail.
1. Auto
2. DMZ (10.10.10.136/24: no.de)
3. Management (192.168.42.136/24: no.de)
[1]>

When setting to 'Auto', the interface that is closest to the configured default gateway will be involved. Please note that ALL deliveries will then use this default setting (unless you use either alt-mailhost action in the message filter or have a content filter with 'Deliver from IP Interface' action involved), so please ensure that the seletced interface can reach all destinations then (internal and external).

Hope this helps. If not, please let us know.

Thanks and regards,

Martin

Multiple IP interfaces, mail is being sent out through different interface then it came in