Outgoing gateway IP rotation
Question asked by echoDreamz - May 8, 2017 at 12:20 PM
Unanswered
Would be great if SmarterMail's outgoing gateway setting could be configured to rotate IP addresses automatically. That way instead of having multiple dedicated SM instances, we could have 1 / 2 that rotate through a group of IPs. Currently, there is no real way to do that as far as I can tell.

Christopher

5 Replies

Reply to Thread
0
Webio Replied
+1 from me. This would be needed for not having gateways blacklisted when some account would be hijacked. This can end up with sending emails from all gateways to spam traps.
0
Paul Blank Replied
You can use a Sonicwall, for instance, to do a "round-robin" load-balance thing, but you might need to dedicate the Sonicwall to SM if you don't want the rest of your LAN to be load-balanced that way also. And then (because all accounts would be perhaps sending from all gateways), as Webio appears to point out, you could run the risk of ALL your gateways being blacklisted if an account is compromised. For strictly load-balancing, you can find an inexpensive, used older Sonicwall on ebay, for instance, as long as it has some version of their Enhanced firmware AND can handle the throughput you need.
 
Lastly, if you are using multiple ISPs for gateway IPs, remember that your SM server needs to access nameservers that will work with all your ISPs, such as Google DNS or OpenDNS.  Most ISPs these days limit use of their nameservers to only their circuits.
0
echoDreamz Replied
We use some outgoing filtering as well as hijack with declude which has been nearly 100%. We have ZERO issues with hijacked or compromised accounts since implementing it.

Christopher

0
Paul Blank Replied
In that case, of course, you can go right ahead and use all the gateway addresses you like.
 
Two other solutions (I have used all of these in one instance or another): 1: Barracuda Link Balancer appliance; 2: Sharedband, inexpensive routers + cloud service that provides inbound AND outbound bandwidth aggregation and failover for multiple (2 or more) ISPs.
 
But the least expensive solution would be the used Sonicwall (or any Sonicwall with Enhanced firmware). Used just for outbound round-robin load balancing, you don't need a subscription, nor do you even need the latest firmware. Inbound could load-balance as well, for instance, if you gave each incoming IP address the same MX priority in the domain's zone file. And you could also use the Sonicwall for email filtering if you purchase a subscription with security package.
0
im Waiting for this options too :)

Reply to Thread