Help setting up imap, pop3, smtp, and web proxy's

[Maxim Dounin]

Hello!

On Tue, Feb 09, 2010 at 03:30:18PM -0500, ski98033 wrote:

> I have searched and was only able to get this partially to work 
> (probably because I do not understand the difference between the 
> NginxMailProxyModule and NginxMailCoreModule).  My goal is to 
> proxy webmail, imap, and smtp to different servers based on an 
> ldap lookup.  I currently have it working for imap and imaps by 
> using Øyvind Kolbu's proxy_auth perl daemon.  My config is at 
> the end of this post.   My questions are:
> 
> 1. How do I get smtp proxying to work.  The authentication 
> daemon returns:
> 
>       'auth-port' => 25
>       'auth-server' => '10.1.2.50'
>       'auth-status' => 'OK'
>       'client-date' => 'Tue, 09 Feb 2010 19:55:10 GMT'
>       'client-peer' => '10.1.2.49:9000'
>       'client-response-num' => 1
> 
> on a smtp connection, but I still get authentication failed.  Do 
> I need the NginxMailProxyModule?  What is the correct config for 
> this?

What's in error_log?  Most likely the reason is that backend 
rejects mail.

Note well: smtp proxy doesn't re-authenticate against backend.  It 
expects backend which trusts nginx by ip and only passes original 
user's login via XCLIENT command (if configured to).

> 2. How do I get smtps to work with ssl between the client and 
> nginx?  

Either by defining 'ssl on' and listen on smtps port (465), or by 
starttls with smtp listen.  Or both.

mail {
    ...

    ssl_certificate ...
    ssl_certificate_key ...

    server {
        listen 25;
        proto smtp;
        starttls;
    }

    server {
        listen 465;
        proto smtp;
        ssl on;
    }

    ...
}

> 3. How do I proxy webmail to different servers based on an ldap 
> lookup?

Most likely you want to set cookie in your login script and then 
select appropriate backend based on it.

Maxim Dounin