Monthly Archives: April 2010

Antinat outgoing ip same as incoming

Problem

The previous post shows you how you can configure the outgoing ip in antinat but if you have multiple ips and you want to use all of them and you want to be able to control which one to be used for certain things that patch doesn't do enough for you.

Solution

Antinat should bind the ougoing connection on the same ip on which it receives the connection from the client.

So if you want to use a different ip just set your configure your socks settings in the browser or proxifier to the ip you want antinat to use.

And here's the patch to let you do that ...

Antinat outgoing ip same as Incomming-1.0 (10.1 KB)

This patch is incompatible with the one on the previous post, you can either have that one or  this one so make sure you apply it on the original antinat source.

Questions or suggestions are welcome as always ...

http://www.google.com/url?sa=t&source=web&ct=res&cd=1&ved=0CAgQFjAA&url=http%3A%2F%2Fantinat.sourceforge.net%2F&ei=WoKjS9DcKczFsgaGwJjMCA&usg=AFQjCNEOlqPAc6T7bkDx0VQpJc2kIBBYHA&sig2=Mdve5s6Ylxdz72SqWJdYfA

Antinat outgoing ip

This post is the first in a series of posts about antinat. The posts will provide solutions for some "problems' with antinat. So here goes the first one ....

Problem

Antinat creates outgoing connection from the primary ip defined on the machine where it's running. There's a config option to make antinat listen on a specific ip but no config option to make it use a specific ip for outgoing connections.

Solution

The attached patch will make antinat use the same ip that it's listening on for outgoing connections. You specify the listening ip with the "interface" config option and now that ip will also be used for outgoing connections.

Antinat outgoing ip-1.0 (3.57 KB)

I assume you already know how to patch ... if not ... just ask in the comments or hire me to patch it for you :)

Qmail per domain concurrency

Problem

In my last post about qmail I said that once you solve the big concurrency problem you'll end up with another problem because your mail server would create too many outgoing connections to some domains and you risk having your ips banned by those servers.

Solution

The solution is to have a way of limiting the maximum concurrency rate by domains. To do that you'll need the   qmail channels patch or write your own patch like I did ( mostly because I was unaware of the existence of the qmail channels patch )

The home page of the qmail channels patch will explain how to setup and configure qmail to limit the concurrency by a domain or group of domains.

What I like about this patch is that it allows you to set a concurrency limit for a group of domains like set 100 for all yahoo.com, yahoo.co.uk, yahoo.ca, etc .

What I don't like is that it doesn't seem to be able to set a default concurrency level for any domain. If I'm wrong please correct me, but if I'm right then this seems like a major problem for an email server that sends to a large number of addresses distributed over a large number of domains because you would have to configure concurrency limits for a lot of domains.

The ideal solution would allow you to specify a default per domain concurrency and this would apply to any domain that doesn't have a specific concurrency. For example most email servers would be ok with 5 concurrency connections from the same ip but no way for AOL (unless you're white listed and maybe not even then ) .

Another feature I would like is to be able to specify concurrency by domain's MX records or ips/group of ips assigned to the MX servers instead of the actual domain. This would ease the configuration for ISPs that host a lot of domains like rr or yahoo.