[PATCH] Add proxy_protocol option to mail listener

Wayde Nie niew at mcmaster.ca
Sun Aug 6 00:44:53 UTC 2017


Hi Kees, Maxim,

I'm very interested in proxy_protocol enabled nginx mail proxy as well.
Wondering if the feature might be more straightforward (initially?) if,
when enabled on the listen line, it simply set the appropriate
$proxy_protocol_* variables, similar to the http servers?

I was hoping that I could then include it as an http get param in the
url for my auth_http directive for the auth script to do a dns blacklist
lookup and/or logging (and possibly some other anti spambot efforts).

I'm working on it with your patch as a starting point, and I can get it
to compile cleanly.  Nginx keeps working as expected when I don't set
proxy_protocol on the listen directive, and when I do set proxy_protocol
on the listen directive I see the correct ip and port picked up and
logged in the error.log, however, then nginx stops sending the smtp
greeting... My mail client connects to my loadbalancer, the lb connects
to nginx:587 sending the PROXY line, nginx parses and logs the PROXY
fields,  then the client times out waiting for any return traffic from
nginx... I know it's something I'm doing :-)

I'm happy to keep poking away at it, but curious mostly, if you think
the approach is sound? (ie. use $proxy_protocol_addr, set by
proxy_protocol directive and pass in to auth_http script in auth url as
a get param?) and if an initial patch that starts by just setting
$proxy_protocol_* variables would be a useful first step in this type of
functionality?

Thanks! Wayde.




More information about the nginx-devel mailing list