Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


How to push emails through GRE
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

How to push emails through GRE

edited February 2015 in Help

I currently have a gitlab installation behind a GRE tunnel. Emails in gitlab are sent by mandrill.

How can I push emails through the GRE tunnel so that emails sent by mandrill have the GRE tunneled IP instead of the server ip?

Comments

  • agentsmithagentsmith Member
    edited February 2015

    so you want to route (layer 3) something into the gre tunnel or you want to use a proxy (layer 7)?

  • edited February 2015

    Either one will work - whichever one is easier. I just want to make the IP that shows up in the mandrill email header the one from the GRE host so that I don't leak my non-ddos protected IP out in emails.

    Edit: removed GRE proxy from the first post - its a GRE tunnel not a proxy

  • Setup a postfix server with mandrill on your server with the public facing IP. On your gitlab server, smtp your emails to that postfix server.

  • agentsmithagentsmith Member
    edited February 2015

    so i would prefer routing:

    ip r a default via <remote tunnel ip> ta 2
    ip ru a fwmark 0x2 ta 2
    iptables -t mangle -A OUTPUT -p tcp --dport 25 -j MARK --fwmark 0x2
    iptables -t mangle -A POSTROUTING -p tcp --dport 25 -o eth0 -j DROP
    

    on the remote side:

    iptables -t nat -A POSTROUTING -s <tunnel ip> -j MASQUERADE
    echo 1 > /proc/sys/net/ipv4/ip_forward
    

    without testing anything...

Sign In or Register to comment.