So, I have a separate web server and mail server configured for the same domain (web.example.com & mail.example.com, each with different IPs). The reason I did this was so that I could use CloudFlare to deliver my web content while protecting my origin IP. I understand that my mail server's IP is exposed, this is alright for the time being.
The issue I am facing is that if an email originates from my web server (let's say for instance a user forgets their login details, and my web server triggers a recovery email to be sent)... this will expose my web server's origin IP in the headers of the email sent to the user.
What I need to be able to do, is either one of the following, I am also open to other suggestions:
1) Masquerade as the IP of web.example.com
2) Trigger an email to be sent from mail.example.com
Both servers have PostFix and Dovecot configured.
I am using PHP to trigger mails to be sent.