Mail proxy the destination server by ssl (Postfix)

Azusa Taroura nginx-forum at forum.nginx.org
Tue Feb 13 07:39:10 UTC 2018


Hi everyone, 
I’m trying to mail-proxy by ssl connection from the nginx server to the
postfix server.
Please let me ask some question.

SMTPS(465)->| nginx |--SMTPS(465)->| Postfix |

Question1:
I found this issue. The mail module cannot proxy to the destination server
by ssl, right?
https://forum.nginx.org/read.php?2,232147,232466#msg-232466


Question2:
I tried the another way to use the stream server, but I could not proxy
(The connection timeout is occurred.)

How can i fix it?

SMTPS(465)->| mail -> upstream(20465)| --SMTPS(465)->| Postfix |

<nginx.conf>
load_module "modules/ngx_stream_module.so";
 
worker_processes auto;
error_log  /var/log/nginx/error.log warn;
 
events {
  worker_connections 1024;
}
stream {
  upstream smtps_server {
    server postfix_server:465;
  }
  server {
    listen 20465;
    proxy_pass smtps_server;
    proxy_ssl  on;
 
    proxy_ssl_certificate      /etc/nginx/ssl/server.crt;
    proxy_ssl_certificate_key  /etc/nginx/ssl/server.key;
    error_log   /var/log/nginx/mail-tcp-proxy.log info;
  }
}
 
mail {
  auth_http localhost:80/auth/smtp;
  proxy_pass_error_message on;
  proxy on;
  smtp_auth login plain;
  xclient   on;
  server_name nginx_server;
 
  server {
      listen    25;
      protocol  smtp;
  }
  server {
      listen    465;
      protocol  smtp;
      ssl       on;
      ssl_certificate      /etc/nginx/ssl/server.crt;
      ssl_certificate_key  /etc/nginx/ssl/server.key;
  }
}


Thank you for your time.
Azusa Taroura

Posted at Nginx Forum: https://forum.nginx.org/read.php?2,278532,278532#msg-278532



More information about the nginx mailing list