justin/new-site
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

infra(mail): remove 18 dormant snowshoe IPs from postfix + host

Browse source 
Consolidate the outbound mail footprint to match the SPF intent (already
trimmed to .94/.107 on 2026-06-19). A 20-IP sending footprint reads as
snowshoe spam to receivers and was contributing to domain-reputation
throttling (Microsoft 451 4.7.500, Gmail low-reputation).

Removed from /etc/postfix/master.cf: transports yahooslow, out02-04,
out06-20, rehab02-04, HC submission ports 2527/2528, hcout2/hcout3.
Removed from /etc/network/interfaces (+ live ip addr del): host bindings
.90-.93, .95-.106, .108-.109. Kept: .94 (trucking/out05), .107 (HC/hcout1),
.71/.72 (infra).

Verified live: postfix check OK, both streams still status=sent post-change,
SSH session on .71 unaffected, transport_maps still routes via out05.

Snapshots: infra/postfix/live-snapshots/master.cf, infra/network/interfaces.
Live backups on server: /root/{master.cf,interfaces}.bak_snowshoe_*.
This commit is contained in:
justin 2026-06-23 23:45:41 -05:00
parent 14357a0223
commit 9dd6f53eb2
3 changed files with 235 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

16
docs/deliverability.md
View file

@ -87,9 +87,19 @@ any UI/test send that doesn't set From explicitly.
| **Trucking** (listmonk) | **207.174.124.94** | mta05.performancewest.net | listmonk -> :25 -> `randmap:{out05:}` |
| **Healthcare** (listmonk-hc) | **207.174.124.107** | hcmta01.performancewest.net | listmonk-hc SMTP server 1 -> :2526 -> hcout1 |
| Transactional / verification | 207.174.124.71 + co.carrierone.com (.15) | perfwest | default `smtp_bind_address` (.71) + :587 relay (.15) |
| Yahoo/AOL trickle | 207.174.124.90 | mta01 | `yahooslow` transport (hash:transport) |
| Retired (torched May 30-31) | .91 / .92 / .93 | mta02-04 | rehab02-04 — **`pw-ip-rehab` cron DISABLED 2026-06-19** |
| Dormant (re-expand later) | .95-.105, .108-.109 | mta06-17, hcmta02-03 | disabled |
| Removed 2026-06-23 (snowshoe cleanup) | .90-.93, .95-.106, .108-.109 | mta01-04/06-17, hcmta02-03 | transports + host IP bindings DELETED |
**Snowshoe IP cleanup (2026-06-23):** the 18 dormant sending IPs (.90-.93,
.95-.106, .108-.109) were fully removed from BOTH postfix (`master.cf`
transports `yahooslow`/`out02-04`/`out06-20`/`rehab02-04`/`2527`/`2528`/
`hcout2`/`hcout3`) AND the host (`/etc/network/interfaces` + live `ip addr del`).
Only the two warm sending IPs (.94 trucking, .107 HC) plus infra (.71/.72)
remain bound. A 20-IP footprint reads as snowshoe spam and was hurting domain
reputation; the SPF was already trimmed to .94/.107 on 2026-06-19, so this just
makes the host/postfix match the SPF intent. Verified live: `postfix check` OK,
both streams still `status=sent` post-change, SSH unaffected. Reference snapshots
committed at `infra/postfix/live-snapshots/master.cf` + `infra/network/interfaces`
(live backups `/root/master.cf.bak_snowshoe_*` + `/root/interfaces.bak_snowshoe_*`).
**Root SPF (trimmed 2026-06-19):** `v=spf1 a mx ip4:207.174.124.15
ip4:207.174.124.94 ip4:207.174.124.107 -all` — `a`=.71, `mx`=co.carrierone.com(.15),