Nginx mail proxy

Maxim Dounin mdounin at mdounin.ru
Fri Mar 2 16:28:48 UTC 2018


Hello!

On Fri, Mar 02, 2018 at 09:54:31AM -0500, peanky wrote:

> > Bacause nginx smtp proxy is designed to protect / balance your own 
> > smtp backends. If you want to proxy to external smtp servers, 
> > consider using other solutions.
> 
> Thank you for answer!
> 1. what is the diff between "my smtp" and "3rd party smtp" from technical
> point of view?

The difference is assumptions made during development, and 
solutions implemented according to these assumptions.  Most 
obvious ones are, as already mentioned in this thread:

- you don't need to bother with authenticating to a backend, but 
  can use XCLIENT instead;

- you don't need to use SSL to your backends, and can assume 
  secure internal network instead.

Others include various protocol limitations when it comes to 
talking to backends (some exotic yet valid responses might not be 
recognized properly), and lack of various negotiations - e.g., 
SMTP pipelining must be supported by the backend if you list it in 
the smtp_capabilities.

> 2. which other solutions can you imagine? It's very interesting!

This depends on what you are trying to do.  In some basic cases a 
TCP proxy as provided by the nginx stream module might do the 
trick.  In some other - a properly configured SMTP server will be 
enough.

> 3. I've heared that "nginx mail module supports only non-ssl backeds". It's
> true?

Yes.

-- 
Maxim Dounin
http://mdounin.ru/


More information about the nginx mailing list