How to make nginx mail auth connection persistent?

Maxim Dounin mdounin at mdounin.ru
Tue May 16 18:26:09 UTC 2017


Hello!

On Tue, May 16, 2017 at 06:18:27PM +0000, Prabhash Rathore wrote:

> We are using nginx 1.7.3 as a reverse proxy for our Mail SMTP service. For
> authentication of each SMTP connection, we have configured nginx to connect
> with a http based service for authentication. Here is a snippet of our
> nginx config:
> 
> mail {
>     # auth_server
>     auth_http auth_host:auth_port/authserver;
> 
>     # mail server
>     server {
>         protocol                 smtp;
>         listen                   25;
>         proxy                    on;
>         xclient                  on;
>         timeout                  15;
>         starttls                 on;
>         ... other configs...
>     }
> }
> 
> With above config, we notice that nginx closes the connection after every
> auth request/response to Mail Authentication Server (auth_http
> auth_host:auth_port/authserver;) based on tcpdump analysis. We would like
> to make this connection persistent so that we could reuse connection for
> multiple auth requests.
> 
> I looked at nginx mail auth module documentation (
> http://nginx.org/en/docs/mail/ngx_mail_auth_http_module.html#auth_http_header
> ) but I don't see any directive to make mail auth connection persistent.

The auth_http module uses HTTP/1.0 and has no keepalive 
connections support.

If there are practical reasons why you want it to use keepalive, a 
simple http proxy within the same nginx server will likely help.

-- 
Maxim Dounin
http://nginx.org/


More information about the nginx-devel mailing list