Nginx - SMTP no authentication

Maxim Dounin mdounin at
Wed Nov 10 15:52:43 MSK 2010


On Wed, Nov 03, 2010 at 06:00:18PM +0100, blurp pasglop wrote:

> Hello
> I have an nginx proxy smtp and on backend an criticalpath servers.
> I want to configure nginx to do :
>    auth if if my client is configured to do auth
>    no auth if my client doesn't do this
> I want to redirect the clients to the good backend ( with an LDAP server ),
> and read in plain text the password.
> I configure first with :
> *1) smtp_auth* *login plain cram-md5 ;
> The authentication is OK but necessary ( the no authentication does no work
> )

That's expected.

> 2) **smtp_auth* *login plain;
> the authentication is not OK because the mail is delivered if the password
> is not the good password

This should behave the same as in (1), check your auth_http 

> The nginx proxy doesn't do the authentication with the backend server

Authentication is expected to be handled by auth_http, nginx 
doesn't try to pass authentication to backend smtp server.

> 3)**smtp_auth* *login plain cram-md5 none;
> the mail is always delivered ( godd password or not )
> **The nginx proxy doesn't do the authentication with the backend server*

See above.

If you want to mix submission service and inbound MX on the same 
host - you may want to pass information if client authenticated or 
not to smtp backend, it may be passed with xclient option (patches 
for various smtp servers are available out there[1][2]).

    (patch for Postfix, in Russian)
    (patch for Exim)

Note that [2] currently returns 404 for the patch itself.  I've 
pinged author, likely this will be fixed soon. 

Maxim Dounin

More information about the nginx mailing list