How to Configure Postfix to Use a Specific Outbound IP Address for SMTP Delivery


2 views 


When Postfix needs to send mail, it typically binds to the system's default network interface. In multi-IP environments, we often need explicit control over outbound connections. Here's how to configure this in Postfix 2.3.3:




The main directives we'll work with:


smtp_bind_address = 66.66.66.67
smtp_bind_address6 = (for IPv6 if needed)
inet_interfaces = all (or specific IPs)




Edit your main.cf file:


# nano /etc/postfix/main.cf


Add or modify these lines:


# Specify outbound IP
smtp_bind_address = 66.66.66.67
inet_interfaces = 66.66.66.67

# For multiple IP usage scenarios:
smtp_bind_address = 66.66.66.67
smtp_bind_address6 = 
local_header_rewrite_clients = static:all




After making changes:


# postfix reload
# telnet 66.66.66.67 25


Verify the EHLO response shows the correct IP.




For more granular control, use transport maps:


# /etc/postfix/transport
example.com  smtp:[66.66.66.67]


Then in main.cf:


transport_maps = hash:/etc/postfix/transport




    

  • Check system routing tables with ip route show
    • 

  • Verify IP binding with ss -tulnp | grep master
    • 

  • Test outbound connections with postfix flush
    •

When running a mail server with multiple IP addresses, you might want Postfix to use a dedicated IP for outgoing SMTP connections rather than the system's default. This is particularly useful when:

  • Separating web and mail traffic for security
  • Avoiding IP reputation contamination
  • Implementing geo-based routing

The key parameter in Postfix for this purpose is smtp_bind_address. In your main.cf file, add:

# Force Postfix to use specific IP for outbound mail
smtp_bind_address = 66.66.66.67

For more complex setups where you need different IPs for different purposes:

# Transport-specific IP binding
transport_maps = hash:/etc/postfix/transport
sender_dependent_default_transport_maps = hash:/etc/postfix/sender_dependent

# In /etc/postfix/sender_dependent:
@domain1.com   smtp:[66.66.66.67]:25
@domain2.com   smtp:[66.66.66.68]:25

After making changes, always test:

postfix reload
telnet localhost 25
EHLO example.com

Check the received headers in test emails - they should show the correct outbound IP.

  • Firewall rules blocking the new IP
  • DNS records (PTR, SPF) not updated for the new IP
  • SMTP service not binding to the specific IP

When using multiple IPs, monitor:

  • Connection pooling efficiency
  • IP rotation impact on delivery rates
  • Resource usage across interfaces