Request for some smtp example with and without auth

Atif Ghaffar atif.ghaffar at gmail.com
Sat Apr 4 23:59:10 MSD 2009 

Anton,

If I correctly undrestood,

1. nginx as smtp proxy is useful when using smtp auth. (to dispatch to
different backends)
2. nginx as smtp proxy is useful when not using smtp auth. (to do ip based
checks)

please confirm.
thanks and best regards
--
Atif




On Fri, Apr 3, 2009 at 11:51 PM, Anton Yuzhaninov <citrin at citrin.ru> wrote:

> Atif Ghaffar wrote:
>
>> Dear all,
>>
>> For pop and imap its pretty clear and I have documented on the wiki.
>>
>>
>> Can someone please state a short example on how nginx smtp proxy works
>> with a smtp server.
>> The documentation on this is very sparse, If you can forward me to the
>> right direction, I will write myself the documentation on the wiki.
>>
>>
>> Withougt authenticatin (MX)
>>
>> * Is it possible to mutiplex to different real smtp servers (If not, its
>> fine, LVS can do that job)
>>
>
> Nginx send request by http to defined in config server and this server can
> return ip of differend upstreams. So load balancing can be done by this
> "auth" server.
>
>
>> * Is is possible to do something with the header before forwarding the
>> request to the real smtp sever. (How can real smtp server do RBL checks if
>> the IP address is local)
>>
>
> Nginx can say to real smtp server about client's ip via XCLIENT command:
> http://www.postfix.org/XCLIENT_README.html
> xclient also can be used with patched exim:
> http://cebka.pp.ru/blog/patch-exim-xclient
>
> Also RBL check can be performed by nginx+http server.
> Example of such server is:
> http://cebka.pp.ru/hg/nginx-smtp-policy
> (works with pathed libevent: http://cebka.pp.ru/blog/libevent_txt.patch)
>
>
>> * What can nginx do before sending the connection the the smtp server (Can
>> it change/add some headers, can in pass the mail through a filter)?
>>
>
> No, nginx can't change message.
>
>
>>
>> With Authentication
>> Same questions as above. A short example (even in pseudo code) will be
>> very helpful.
>>
>
> Auth server works as for pop3/smtp. Additional header in response can be
> added for bad replays - Auth-Status - it used as smtp error code.
>
> May be the main reason to use nginx as smtp auth proxy - to share auth
> server with pop3/imap.
>
>
>> What to look out on the real  smtp server?
>> Does the actual IP goes to the real smtp server?
>>
>>
> MTA can know client's IP also from XCLIENT command.
>
> --
>  Anton Yuzhaninov
>
>


-- 
best regards
Atif Ghaffar
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://nginx.org/pipermail/nginx/attachments/20090404/b0b84842/attachment.html>

More information about the nginx mailing list