Help setting up imap, pop3, smtp, and web proxy's

ski98033 nginx-forum at nginx.us
Tue Feb 9 23:30:18 MSK 2010 

Hi,

I have searched and was only able to get this partially to work (probably because I do not understand the difference between the NginxMailProxyModule and NginxMailCoreModule).  My goal is to proxy webmail, imap, and smtp to different servers based on an ldap lookup.  I currently have it working for imap and imaps by using Øyvind Kolbu's proxy_auth perl daemon.  My config is at the end of this post.   My questions are:

1. How do I get smtp proxying to work.  The authentication daemon returns:

      'auth-port' => 25
      'auth-server' => '10.1.2.50'
      'auth-status' => 'OK'
      'client-date' => 'Tue, 09 Feb 2010 19:55:10 GMT'
      'client-peer' => '10.1.2.49:9000'
      'client-response-num' => 1

on a smtp connection, but I still get authentication failed.  Do I need the NginxMailProxyModule?  What is the correct config for this?

2. How do I get smtps to work with ssl between the client and nginx?  

3. How do I proxy webmail to different servers based on an ldap lookup?

Any examples would be most appreciated.

Thanks in advance,

ski

#nginx.conf
worker_processes  1;

events {
  worker_connections  1024;
}

http {
  include       mime.types;
  default_type  application/octet-stream;

  sendfile        on;
  keepalive_timeout  65;

  # http server
  server {
    listen       80;
    server_name  mail.nsd.org;

    location / {
      root   /opt/nginx/html;
      index  index.html index.htm;
    }

    error_page   500 502 503 504  /50x.html;
    location = /50x.html {
      root   /opt/nginx/html;
    }
  }

  # https server
  server {
    listen       443;
    server_name  mail.nsd.org;
    ssl                  on;
    ssl_certificate      /etc/ssl/private/star_nsd_org.crt;
    ssl_certificate_key  /etc/ssl/private/star_nsd_org.key;
    ssl_session_timeout  5m;
    ssl_protocols  SSLv2 SSLv3 TLSv1;
    ssl_ciphers  ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
    ssl_prefer_server_ciphers   on;

    location / {
      root   /opt/nginx/html;
      index  index.html index.htm;
    }
  }
}

mail {
  auth_http 127.0.0.1:9000;

  imap_capabilities "IMAP4rev1" "UIDPLUS";

  server {
    listen 993;
    server_name mail.nsd.org;
    ssl      on;
    ssl_certificate      /etc/ssl/private/star_nsd_org.crt;
    ssl_certificate_key  /etc/ssl/private/star_nsd_org.key;
    ssl_session_timeout  5m;
    ssl_protocols  SSLv2 SSLv3 TLSv1;
    ssl_ciphers  ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
    ssl_prefer_server_ciphers   on;
    protocol imap;
    proxy on;
  }

  server {
    listen 25;
    server_name mail.nsd.org;
    protocol smtp;
    proxy on;
  }
}

nginx version: nginx/0.7.65
built by gcc 4.3.2 (Debian 4.3.2-1.1) 
TLS SNI support enabled
configure arguments: --prefix=/opt/nginx --conf-path=/opt/nginx/etc/nginx.conf --error-log-path=/opt/nginx/var/log/error.log --pid-path=/opt/nginx/var/run/nginx.pid --lock-path=/opt/nginx/var/lock/nginx.lock --http-log-path=/opt/nginx/var/log/access.log --http-client-body-temp-path=/opt/nginx/lib/body --http-proxy-temp-path=/opt/nginx/lib/proxy --with-debug --with-http_stub_status_module --with-http_ssl_module --with-mail --with-mail_ssl_module --with-http_perl_module

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,52788,52788#msg-52788

More information about the nginx mailing list