Exchange ActiveSync и iPhone
aekv
nginx-forum на forum.nginx.org
Сб Сен 9 10:44:31 UTC 2017
Здравствуйте,
Опубликовал exchange 16 через Nginx, все работает корректно за исключением
ActiveSync и iPhone клиентов.
Проблема заключается в том, что не отправляются любые вложение размер
которых больше 1 килобайта.
При отправке почтовый клиент сообщает "Сбой отправки сообщения" "Это
сообщение было отклонено сервером"
ОС Ubuntu 16.04, nginx/1.13.5
Exchange.conf
server {
listen 443 ssl http2;
server_name mail.exchange.com autodiscover.exchange.com;
ssl_certificate
/etc/letsencrypt/live/mail.exchange.com/fullchain.pem;
ssl_certificate_key
/etc/letsencrypt/live/mail.exchange.com/privkey.pem;
ssl_trusted_certificate
/etc/letsencrypt/live/mail.exchange.com/fullchain.pem;
# add_header Strict-Transport-Security "max-age=15768000;
includeSubDomains; preload" always;
# add_header X-Content-Type-Options nosniff always;
include exchange_proxy.conf;
proxy_ssl_verify off;
location / {
return 301 https://mail.exchange.com/owa;
}
location = /favicon.ico {
empty_gif;
access_log off;
}
location ~* ^/owa {
proxy_pass https://exchange;
proxy_http_version 1.1;
proxy_set_header Connection "";
}
location ~* ^/Microsoft-Server-ActiveSync {
proxy_pass https://exchange;
proxy_http_version 1.1;
proxy_set_header Connection "";
}
location ~* ^/autodiscover {
proxy_pass https://exchange;
proxy_http_version 1.1;
proxy_set_header Connection "";
}
#########################################
exchange_proxy.conf
client_max_body_size 0;
client_body_buffer_size 128k;
proxy_read_timeout 3h;
proxy_send_timeout 3h;
proxy_connect_timeout 3h;
keepalive_timeout 3h;
proxy_buffers 16 32k;
proxy_buffer_size 64k;
proxy_busy_buffers_size 64k;
proxy_temp_file_write_size 64k;
proxy_pass_header Date;
proxy_pass_header Server;
proxy_pass_header Authorization;
proxy_pass_request_headers on;
large_client_header_buffers 8 32k;
# more_set_input_headers 'Authorization: $http_authorization';
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Accept-Encoding "";
proxy_set_header Connection "Keep-Alive";
# more_set_headers -s 401 'WWW-Authenticate: Basic realm="10.11.11.11"';
proxy_buffering off;
proxy_request_buffering off;
#########################################
ssl.conf
ssl_dhparam /etc/ssl/certs/dhparam.pem;
ssl_session_timeout 1d;
ssl_session_cache shared:SSL:50m;
ssl_session_tickets off;
ssl_protocols TLSv1.2;
ssl_ciphers
'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256';
ssl_prefer_server_ciphers on;
# ssl_ecdh_curve secp384r1;
ssl_stapling on;
ssl_stapling_verify on;
#########################################
upstream.conf
upstream exchange {
server 10.11.11.11:443;
}
В логах при отправке:
IP - user на exchange.com [09/Sep/2017:13:38:23 +0300] "POST
/Microsoft-Server-ActiveSync?User=user на exchange.com&DeviceId=FDBV17HMPH1VDDJDFRGIS0K8ES&DeviceType=iPhone&Cmd=SendMail
HTTP/2.0" 400 166 "-" "Apple-iPhone8C2/1501.537200001" "-"
Posted at Nginx Forum: https://forum.nginx.org/read.php?21,276310,276310#msg-276310
Подробная информация о списке рассылки nginx-ru