Results 1 to 16 of 16
  1. #1
    Join Date
    May 2011
    Location
    CA, USA
    Posts
    125

    Hiding Outgoing email IP

    Currently I use mandrillapp for sending my email but noticed that my ip address for my server is still listed in the source of the email. I know i could setup a different server to handle all my email sending (already queue all emails) But the idea would be nice if I dont have to list any of my ip adresses when sending emails when using a service to send emails for me. Does any one have any suggestions.

  2. #2
    Join Date
    Dec 2010
    Location
    Good question
    Posts
    693
    Every single SaaS email app does this to offer email server admins a way to block you altogether without having to disrupt any of their other clients.

    You're probably out of luck.

  3. #3
    Join Date
    May 2011
    Location
    CA, USA
    Posts
    125
    Quote Originally Posted by Wintereise View Post
    Every single SaaS email app does this to offer email server admins a way to block you altogether without having to disrupt any of their other clients.

    You're probably out of luck.
    So you would suggest that I standup a cloud or vps server and let it do all my email sending for?

  4. #4
    Join Date
    Dec 2010
    Location
    Good question
    Posts
    693
    Quote Originally Posted by WojonsTech View Post
    So you would suggest that I standup a cloud or vps server and let it do all my email sending for?
    I would reconsider my needs for such a setup, firstly.

    But if it's an absolute necessity, and this might even be borderline 'spammy,' GRE tunnels/VMs that route your mails will be an easy exit.

  5. #5
    Join Date
    May 2011
    Location
    CA, USA
    Posts
    125
    Quote Originally Posted by Wintereise View Post
    I would reconsider my needs for such a setup, firstly.

    But if it's an absolute necessity, and this might even be borderline 'spammy,' GRE tunnels/VMs that route your mails will be an easy exit.
    I am developing a SAAS application. Currently I am useing cloudflare for a lot of the hiding of my ip addresses and so on. After looking up how to get around them Email seems to be something that I am vunrnable to. I am not to worried about script kiddies as i am that my compiteres will try to take down my service.

  6. #6
    Join Date
    Mar 2013
    Location
    North and South America
    Posts
    166
    It is bad practice to mask or hide your sending IP for email. Avoid such. Better practice is to isolate the mail function to a server that can be truthful. IP obfuscation, is what spammers do. You will be seen as a spammer and your email will not be respected. There is a purpose for the IP and that is so mailservers can determine who you are. Hiding + Email = Not Good Ever!

  7. #7
    Join Date
    May 2011
    Location
    CA, USA
    Posts
    125
    Quote Originally Posted by gPowerHost View Post
    It is bad practice to mask or hide your sending IP for email. Avoid such. Better practice is to isolate the mail function to a server that can be truthful. IP obfuscation, is what spammers do. You will be seen as a spammer and your email will not be respected. There is a purpose for the IP and that is so mailservers can determine who you are. Hiding + Email = Not Good Ever!
    Is there an issue to having a dedicated server that handles email. Is that considered hiding? When I say dedicated i mean a dedicated, vps, cloud or something and its only feature is to send emails its not part of the http group or anything? I am guessing if That is okay then i need to get the smpt port open or something like that?

  8. #8
    Join Date
    Mar 2003
    Location
    California USA
    Posts
    13,294
    If you get a dedicated email server you can do something like this?:

    http://major.io/2013/04/14/remove-se...-with-postfix/

    and then relay the email over. We have successfully done something like this for people who's sites were under massive attacks and were paying cloudflare for protection.
    Steven Ciaburri | Industry's Best Server Management - Rack911.com
    Software Auditing - 400+ Vulnerabilities Found - Quote @ https://www.RACK911Labs.com
    Fully Managed Dedicated Servers (Las Vegas, New York City, & Amsterdam) (AS62710)
    FreeBSD & Linux Server Management, Security Auditing, Server Optimization, PCI Compliance

  9. #9
    Join Date
    Mar 2013
    Location
    North and South America
    Posts
    166
    Sure. The masking you want to do is presumably to keep some application safe, or not known by IP. I get that. So just put your mail elsewhere and use whatever IP you get. Setup rDNS and PTR records on your mailserver. Assuming you are not hiding your domain, your mailserver box might be mail.yourdomain.com and the IP is whatever your host gives you. Setup your DNS and SOA authoritatively, and ask upstream provider to set your PTR record to mail.yourdomain.com with rDNS match to your IP. Nothing hidden here. Everything setup by the book. It just so happens that yourdomain.com and mail.yourdomain.com are possibly two boxes next to each other or located half way around the planet. No way to tell.
    Last edited by gPowerHost; 10-05-2013 at 02:05 PM. Reason: typo

  10. #10
    Join Date
    May 2011
    Location
    CA, USA
    Posts
    125
    Quote Originally Posted by Steven View Post
    If you get a dedicated email server you can do something like this?:

    http://major.io/2013/04/14/remove-se...-with-postfix/

    and then relay the email over. We have successfully done something like this for people who's sites were under massive attacks and were paying cloudflare for protection.
    Yeah i have done some reading on stuff like this. Currently since I am using mandrill api and all my emails are already in a queue it would just be a while look script to run on a different server. But this defently gets me off being part of mandrill's rep

  11. #11
    Join Date
    May 2011
    Location
    CA, USA
    Posts
    125
    Quote Originally Posted by gPowerHost View Post
    Sure. The masking you want to do is presumably to keep some application safe, or not known by IP. I get that. So just put your mail elsewhere and use whatever IP you get. Setup rDNS and PTR records on your mailserver. Assuming you are not hiding your domain, your mailserver box might be mail.yourdomain.com and the IP is whatever your host gives you. Setup your DNS and SOA authoritatively, and ask upstream provider to set your PTR record to mail.yourdomain.com with rDNS match to your IP. Nothing hidden here. Everything setup by the book. It just so happens that yourdomain.com and mail.yourdomain.com are possibly two boxes next to each other or located half way around the planet. No way to tell.
    This is pretty much how it works when I use mandril i have all the ptr records and so on setup the only differenace is i am running the sending mail script on the same host and ip as the site and mandrill is reporting that

  12. #12
    Join Date
    Feb 2010
    Location
    Ohio, USA
    Posts
    120
    Instead of hiding your IP, firewall it.

    Configure your firewall so that only you, Cloudflare, and mandrill can access it directly.
    error mounting /proc: No such file or directory
    error mounting /sys: No such file or directory
    Kernel panic - not syncing: Attempted to kill init!

    ..OMG they tried to kill init.. you [email protected]

  13. #13
    Join Date
    May 2011
    Location
    CA, USA
    Posts
    125
    Quote Originally Posted by Joe262 View Post
    Instead of hiding your IP, firewall it.

    Configure your firewall so that only you, Cloudflare, and mandrill can access it directly.
    That stops random people from connecting to i and some low ddos attacks. But does not protect from a real ddos and knowing my ip addresses.

  14. #14
    Join Date
    Jan 2010
    Posts
    49
    Quote Originally Posted by WojonsTech View Post
    That stops random people from connecting to i and some low ddos attacks. But does not protect from a real ddos and knowing my ip addresses.
    how would the ddos be effective if all ports block the traffic?

  15. #15
    Join Date
    Apr 2014
    Posts
    264
    Quote Originally Posted by acegilz View Post
    how would the ddos be effective if all ports block the traffic?
    That's the beauty of the denial of service attack. I don't even have to really "connect" to you to stop others from connecting to you.

    Firewall me at your server and I'll saturate the 100mbps port it's connected to.
    Firewall me at your Firewall and I'll saturate the 10gbps port it's connected to.
    Firewall me where the fiber enters the building and i'll saturate that.

    If you don't believe it's possible, look at the specs on your datacenter's connections and consider that CloudFlare has reported DDOS attacks in the hundreds of gigabits per second range.

  16. #16
    Join Date
    Jan 2010
    Posts
    49
    thats really impressive.
    What should i expect the free package of cloudflare to handle +-? 100mb? 200mbit?

Similar Threads

  1. Hiding email addresses
    By Mark L in forum Web Design and Content
    Replies: 8
    Last Post: 10-13-2006, 10:39 AM
  2. Replies: 3
    Last Post: 03-15-2006, 04:24 AM
  3. Outgoing Email
    By treotan in forum Dedicated Server
    Replies: 3
    Last Post: 10-31-2005, 03:06 AM
  4. hiding email address in anchor tag on webpage
    By Ron in forum Programming Discussion
    Replies: 4
    Last Post: 06-19-2004, 12:06 AM
  5. Replies: 0
    Last Post: 05-28-2003, 02:46 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •