How to make sure outbound traffic is coming from a certain public IP address as source?

The image attached above is a reference for this discussion.

So I have a mail server hosted within the company corporate network. This server is hosting multiple mail domains using Hmail server mail server application running on a server @ as shown above.

A records of the following domains are pointing to respective public static IP address as shown.
Port forward for SMPT and POP3 are configured on the 3 public IP addresses towards mail server inside.
Each of the ISP have provided additional public static IP address .2 and .3.
Note that has an A Record pointing to that is additional static IP address on WAN2 interface.

MX Reverse PTR records are all done by respective ISPs. -> -> ->

What is the best approach of this case to make sure that;

mail traffic for will come in and go out on the same public static IP address

mail traffic for will come in and go out on the same public static IP address

mail traffic for will come in and go out on the same public static IP address

I am trying to explore the possibility using NAT and/or outbound policy and even firewall???

Peplink cannot route the traffic based on the context inside the SMTP packet. You can consider to bind multiple IP addresses on the mail server itself. For example,, And setup the mail server use specific IP for specific domain.

With NAT Mappings (both Inbound and Outbound Mappings) <-> <-> <->

Because, each domain will have its own private IP, and with proper Outbound Policy, you can route the mail traffic of different domain via different ISP

Thanks Lai.

OK, assuming I have 3 different private IP addresses for each of the mail server, how can I make sure that incoming and especially outgoing is passing through the same public IP addresss? Especially also for the that is only an additional public iP address. <-> <-> <->

  1. Outbound Policy: Use Enforce or Priority rule to ensure the traffic from to route across WAN2

  2. NAT Mappings: make sure you have configure “Outbound Mappings” which you need to select on WAN2 for the host

hmmm… looks it could work. however I am thinking this will also expose .101 from internet right? Firewall inbound can be used here to allow only relevant traffic??? i will test this one.

No, private IP will not be exposed after NAT. Outgoing traffic of will be NATed to

What I mean Lai is that all inbound types of traffic that will hit will be forwarded to private IP .101 right .101 and .3 are being NAT mapped.??? inbound policy will be over ridden and that all I can do to make sure that only TCP 25 and 110 are allowed to be forwarded to .101 is to implement inbound firewall???