smtp proxy with postfix
mdounin at mdounin.ru
Wed Dec 30 15:04:27 UTC 2015
On Wed, Dec 30, 2015 at 08:20:27AM -0500, Cugar15 wrote:
> Well, here we go again... somehow, I'm not getting this smtp proxy to work
> with nginx.
> I moved to haproxy, and this combination works ok. Creating a tcp connection
> passes over to postfix
> and the postfix prompt is seen using a telnet connection - and all works
> just fine.
> However, I'd like to stick with nginx if possible....actually if possible at
If TCP proxying is enough in your case - you can consider
using stream proxy module instead, see here:
> Here are my findings - and maybe somebody can help to confirm or disagree:
> 1) Xclient = on will basically bypass sals authorithation in postfix.
> Postfix/Sasl will assume that the message is already authenticated.
> All the auth login commands are basically exectuted
Yes. All information obtained by nginx is passed via the XCLIENT
> 2) Xclient = off will not trigger any sals authentication in postfix.
> Somehow, it seems, that the credentials are not forwarded to postfix
Yes. Authentication is checked by auth_http script, and there is
no need to do additional authentication to SMTP backend. As long
as appropriate checks are done by auth_http, it's enough to allow
your nginx IP to submit mail.
If it's not enough in your particular setup (e.g., you want
correct "Received" headers to be added), enable XCLIENT.
> Is this really the expected behaviour?
> IMAP behaviour is completely different. Here the authentication works just
Yes, that's expected.
More information about the nginx