Sending E-Mail without source IP thru VPS

nandika

Hi!
I have a high traffic website.
Due to DDoS protection measures I'm hiding the original server IP in every possible way.

For e-mail sending I'm using a HTTP passthru to a VPS: posting all mail data via curl to a VPS with open IP, and that was sending the mail, so the original server address is not seen).

This now prevents me to send a mass-mailing to all of my customer base, which is becoming bigger and bigger.

When I've tried to send a mass mailing, the VPS's apache halted with an 500 Error, waiting to be rebooted.

My question would be if there is any tutorial here to setup an SMTP server which does not show my server's original IP? I was trying out authmailer.com service, but that forwards the originating IP in a header field, which allowed my original server to be attacked via the IP

Thanks for the help in advance!

4n0nx

Yes. Use SMTP and add this to postfix to remove the IP address of the "hidden" server from the headers:

##remove IP header##
# requires postfix-pcre (apt-get install postfix-pcre)
#header_checks has the following content:
#/^\s*(Received: from)[^\n]*(.*)/ REPLACE $1 [127.0.0.1] (localhost [127.0.0.1])$2
#
#smtp_header_checks = pcre:/etc/postfix/header_checks

Taken from:

https://tech.tiq.cc/2014/02/how-to-set-up-an-email-server-with-postfix-and-dovecot-without-mysql-on-debian-7/

Nomad

Also check for Originating IP

AlexBarakov

And why not just use a 3rd party smtp provider? Sendgrid for example. It's cheap enough

nandika

@AlexBarakov said:
And why not just use a 3rd party smtp provider? Sendgrid for example. It's cheap enough

only tried authmailer, but they've forwarded my server ip to everyone.

Bruce

@AlexBarakov said:
And why not just use a 3rd party smtp provider? Sendgrid for example. It's cheap enough

:

Open your free SendGrid account
Send up to 12,000 emails a month, no credit card needed, no expiration.

Clouvider

Use Mandrilll perhaps for transactional and Mailchimp for mailing?

Tom

SendGrid forwards your server IP too, just a warning.

Nyr

@Clouvider said:
Use Mandrilll perhaps for transactional and Mailchimp for mailing?

Mandrill will not hide your origin.

Bruce

I'm looking at setup of a different VPS, just for private mail relay. same reason, to avoid disclosure of server IP that is "protected" by cloudflare. current plan is to VPN / gre tunnel to the VPS, so origin IP will then be 192.168.x.x rather than external IP of the server.

if there's a better plan, I'm listening. surely can't be first to need this solution

nexusrain

Uhm..what about a nice DDoS protection?

4n0nx

Bruce said: if there's a better plan, I'm listening. surely can't be first to need this solution

There is one just a few posts above you:

http://www.lowendtalk.com/discussion/comment/1212142/#Comment_1212142

Bruce

@4n0nx said:
There is one just a few posts above you:

which I am going to test. thanks for the info. seems too good to be true, that's all. easy to test, so will find out soon enough

4n0nx

Bruce said: which I am going to test. thanks for the info. seems too good to be true, that's all. easy to test, so will find out soon enough

I use it on several mail servers, just because I can (there is no reason for the headers to stay), and it works flawlessly.

MrX

Mailjet does not disclose origin IP. It's free up to 6,000 emails per month or 200 per day. Non-free tiers aren't too bad either.

https://www.mailjet.com/pricing_v3