Nginx mail proxy - ensure sender match authenticated user

Maxim Dounin mdounin at
Fri May 21 14:44:57 UTC 2021


On Thu, May 20, 2021 at 10:13:01PM -0400, mbrother wrote:

> Thank you for your answer. As you know, nginx does not send Auth command to
> backend server, so there's no way for the backend to know if the sender
> matches the authenticated account. I tried proxy_smtp_auth config but nginx
> send mail COMMAND to my server but it can not understand :(

By default, for SMTP nginx uses the XCLIENT command 
(  It allows nginx to pass all the 
relevant information about the client, including the login, IP 
address, and more.

Alternatively, starting with nginx 1.19.4 it can be configured 
to proxy SMTP authentication (  
While limited compared to XCLIENT, this still passes the client 
login to the backend server.

If neither of these work for you, you probably want to focus on 
your SMTP server configuration instead.  A good start would be to 
configure it to work properly without nginx in front of it.

Maxim Dounin

More information about the nginx mailing list