?: Technical Support <support@communigate.com>
??: Re: Multiple NIC problem
??: Thu, 10 Aug 2017 15:04:29 +0300
?: CommuniGate Pro Discussions <CGatePro@mail.stalker.com>

On 2017-08-09 08:00 , Shaun Gamble wrote:
CGP v 6.1.16 (with test .18 dlls)

Windows 2012 64bit

Internal NIC 192.168.x.x

External NIC 203.x.x.x

Our internal networks are all connected through a third party firewall [58.x.x.x] for normal traffic. Internally, our clients connect to the mail server on the mail server's internal NIC. The mail server is connected to the internet through its own internet connection (connected via its external NIC). Internal route command deals with traffic for internal networks (192.x.x.x) and everything else is routed out via the mail servers external NIC. Only the mail server can send traffic out of its external NIC.


Server LAN IP Address is set to [192.x.x.x]

WAN IPv4 Address is set to [203.x.x.x]

No LAN IP addresses listed.

This has been working quite well for quite a while. The config is not new. However, we received some emails rejected to to reverse DNS errors. The IP listed was our external firewall. It should not have been possible. After viewing the logs I find this (a lot cut out, just proof CGP was sending the outgoing traffic via the wrong NIC, trinitylinks is the receiving server, not mine):

10:36:49.513 4 SMTP-002976(trinitylinks.com.au) connecting []:0 -> []:25
10:36:49.734 4 SMTP-002976(trinitylinks.com.au) [192.x.x.x]:65032 -> []:25 connected to mail.trinitylinks.com.au(ESMTP)
10:36:50.542 4 SMTP-002976(trinitylinks.com.au) cmd: RCPT TO:<reception@trinitylinks.com.au>  NOTIFY=FAILURE,DELAY
10:36:52.502 4 SMTP-002976(trinitylinks.com.au) rsp: 550 5.7.0 Your server IP address [58.x.x.x] is missing a reverse DNS entry. Seehttp://spamauditor.org/best-practices/check-ip-reverse-dns/  for more information. Protection provided by MagicSpam 2.0.10-1http://www.magicspam.com

I "fixed" the problem by changing Settings->Mail->SMTP->Sending Source IP Address from [OS Default] to [203.x.x.x]. Have I missed a setting somewhere? I am pretty sure this has only started since I upgraded CGP to 6.1.16, it happened before the .18 test dlls.

That IP 192.x.x.x apparently assigned to one of the domains in CGPro config (the main one?) and since it's not in the LAN IPs ranges (why?) the server tried to use it for outgoing mail connection. That translated to the OS default routing through that 58.x.x.x address.

Best regards,
Dmitry Akindinov.
When answering to letters sent to you by the tech.support staff, make
sure the original message you have received is included into your
??(FEED) ??(DIGEST) ??(INDEX) ??? ?? Listmaster