SMTP without Auth can this be done
Maxim Dounin
mdounin at mdounin.ru
Wed Apr 22 22:51:07 MSD 2009
Hello!
On Wed, Apr 22, 2009 at 02:31:17PM -0400, blacktux wrote:
> Does anyone have a example config of SMTP without Auth? I am just trying to get going a SMTP Relay Proxy to a internal MTAs from external connections. Or could please point me in the correct direction.
mail {
proxy_pass_error_message on;
auth_http http://127.0.0.1:8080/mail/auth;
xclient off;
server {
listen 127.0.0.1:8025;
protocol smtp;
smtp_auth none;
}
}
Simple auth server based on nginx rewrite module will look like
the following:
http {
...
server {
listen 127.0.0.1:8080;
server_name localhost;
location = /mail/auth {
set $reply ERROR;
if ($http_auth_smtp_to ~ example.com) {
set $reply OK;
}
add_header Auth-Status $reply;
add_header Auth-Server 127.0.0.1;
add_header Auth-Port 8026;
add_header Auth-Wait 1;
return 204;
}
}
}
Some notes:
1. SMTP proxy code in current nginx doesn't support PIPELINING,
while some servers seen in wild use it even if not advertised.
Expect problems.
2. The auth server provided above isn't real one, it's taken from
relevant test script. Production use will probably require much
more strict checks.
3. Make sure that your MTA is NOT configured to relay all mail
from localhost, since it will see clients coming from nginx as
coming from localhost. Or use XCLIENT as appropriate if it's
available in your MTA.
Maxim Dounin
More information about the nginx
mailing list