Postfix round-robin outgoing IP address the easy way

January 29th, 2016 by Russell Leave a reply »

Needed to add a second IP to my single Postfix instance and have it round-robin which IP address it sends from. Not so much for load balancing (both addresses are on the same physical server after all), but to avoid getting blocked by ISP’s from the large amount of mail being sent from one of my servers.

Through some searching, trial, and error, found out that this is really easy to do with iptables SNAT rules:

-A POSTROUTING -o eth0 -p tcp -m state –state NEW -m tcp –dport 25 -m statistic –mode nth –every 2 –packet 1 -j SNAT –to-source 1.1.1.1
-A POSTROUTING -o eth0 -p tcp -m state –state NEW -m tcp –dport 25 -m statistic –mode nth –every 2 –packet 0 -j SNAT –to-source 1.1.1.2

What this tells it to do is for every packet with a destination of port 25, rewrite the source IP to be either 1.1.1.1 or 1.1.1.2, depending on which count you are at.

No Postfix configuration changes necessary at all!

Leave a Reply