... > Although NAT would seem to be the most flexible solution (seems like you > just need to read up on SNAT? I have been doing that but thought I'd ask here for the advice from the experts... There are many bad ways to skin a cat and I just wanted to make sure I was using a reasonable way. > Probably also some network stack tuning needed > for such a large amount of NAT..?), That was what I was hoping to avoid... > you can probably also do this by adding > the public IPs to your mailserver? Definitely, makes load shifting very complicated though... > Eg with Postfix you can either lightly > overload settings per transport in master.cf ( > http://www.postfix.org/master.5.html ), or if you need something which more > closely emulates a virtual machine then see the multi-instance stuff ( > http://www.postfix.org/MULTI_INSTANCE_README.html ). I see no theoretical > reason you couldn't have a (very) multihomed machine with the IPs on the > servers themselves? The benefit might be that mailservers under high load > will normally have a lot of connections open (hence high NAT requirements) > > Postfix also has some interesting options to add connection caching and some > other tricks which are helpful for larger installations and large outbound > queue volumes. Postfix wasn't really designed for sending newsletters for lots of companies efficiently, and it doesn't do a very good job compared to some highly targeted products (PowerMTA, Message Systems, etc.) > You should probably spend some time on followup questions covering why you > aren't a spam sender. Many technical folks will jump to the conclusion that > anyone asking for help pumping large volumes of mail is likely to be up to > no good. Just saying how it is... :-). I was hoping to avoid that but you are right. Funnily enough, pretty much no one sends bulk newsletters with their own servers any more, and we have spammers to thank for that! Probably something like 90% of fortune 500s use specialist providers, hence why IBM and other megacorps decided they needed in. The problem being that "technical folks" usually don't have the time or patience to properly take care of the "marketing folks" - mail servers need to be set up with sending newsletters in mind because if they aren't then the MSPs (Mailbox Service Providers, like Hotmail, Yahoo, GMail) or ISPs (like Comcast, etc.) will just block and say "this is probably spam". Most postmasters don't know or care (or do but don't have the time) about this, so tell the marketing people to send them from elsewhere, hence the development of an email broadcasting outsourcing sector. Receivers set up http://www.maawg.org/, and have welcomed in broadcasters (and senders) so there can be a forum for them to tell us how to send to them. People DO sign up for newsletters, and that means they want them, so ISPs can't (and don't) just block everything. ISPs and MSPs WANT individual clients to have dedicated IPs, so they can more easily identify and whitelist/throttle/trash/block. That means if you have many thousands of clients, you need many thousands of IPs... But you don't need many thousands of machines (save the planet! :-)) - particularly if you can set up SNAT efficiently! Cheers Anton -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
