[SOLVED] PMG acting as relay-server for hosts in networks with dynamic public IP's

klowet

Active Member
Jun 22, 2018
43
1
28
Hi

I'm trying something with PMG. What I want to accomplish, is that I can sent mails from different hosts in different public networks on the internet via PMG acting as a SMTP relay.

The problem is, that these hosts on the internet are in networks with dynamic public IP's. So I can't at these networks to the Trusted Networks of PMG because they change quite often.
So I was thinking about white-listing the domains that can sent trough PMG. But I've fount (I think?) that the whitelist in Who Objects is only for incoming traffic and not for outgoing traffic. Correct?

Somebody any idea how I can set this up?

Thanks
 
you could use the api/cli tools in a script that resolves the domains to ips and modifies the trusted networks..
 
I've got it working with this script

Bash:
dig @ns1.my.dns my.host +short AXFR | grep '^[.0-9]*$' | sort --unique | sed 's/$/\/32/' > /etc/pmg/mynetworks

That results in a file like this:
Code:
1.1.1.1/32
2.2.2.2/32
3.3.3.3/32

Do I have to reload PMG config after each change of that file?
If yes, how? With a sync --restart 1?
 
If the hosts is in dynamic IP ranges, you have to constantly re-run the script as the IP will change unannouce.
 
Yes, that's fine. I can run it eg. each 15min.
But when I edited the files in /etc/pmg, how does that get into the Postfix config files? Do I run pmgconfig sync --restart 1 too each time?
 
pmgconfig sync is necessary, altough i am not sure if --restart is... best try it
 
Hi Great discussion
yesterday i got problem, my ISP dont give ipv4 public static anymore
so this discussion is help a lot, thanks to You All

so i want share my script maybe help other too
Code:
pmg_ip=$(grep "siteName" /etc/pmg/mynetworks | awk '{print $1}' | sed 's/\/32//')
dig_ip=$(dig +short ddns.example.com)
if [ "$pmg_ip" = "$dig_ip" ]; then
        echo "The IP addresses match."
else
        sed -i "s/^.*siteName.*$/$(dig 8b380ae50738.sn.mynetname.net +short)\/32 #siteName via $(curl -sS "https://ipinfo.io/$(dig 8b380ae50738.sn.mynetname.net +short)/json" | jq -r .org)/" /etc/pmg/mynetworks
#       pmgconfig sync
fi

first i create manually trusted network with a comment "siteName"
the script check ip in /etc/pmg/mynetworks which has comment "siteName" is equivalen with output from command of:
dig +short ddns.example.com)

if match, its not doing anything
but if not match
it will replace line with comment "siteName" with format:
a.b.c.d/32 #siteName via 1234 ISP Organization
followed by command:
pmgconfig sync
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!