Nginx mail proxy - ensure sender match authenticated user
Maxim Dounin
mdounin at mdounin.ru
Fri May 21 14:44:57 UTC 2021
Hello!
On Thu, May 20, 2021 at 10:13:01PM -0400, mbrother wrote:
> Thank you for your answer. As you know, nginx does not send Auth command to
> backend server, so there's no way for the backend to know if the sender
> matches the authenticated account. I tried proxy_smtp_auth config but nginx
> send mail COMMAND to my server but it can not understand :(
By default, for SMTP nginx uses the XCLIENT command
(http://nginx.org/r/xclient). It allows nginx to pass all the
relevant information about the client, including the login, IP
address, and more.
Alternatively, starting with nginx 1.19.4 it can be configured
to proxy SMTP authentication (http://nginx.org/r/proxy_smtp_auth).
While limited compared to XCLIENT, this still passes the client
login to the backend server.
If neither of these work for you, you probably want to focus on
your SMTP server configuration instead. A good start would be to
configure it to work properly without nginx in front of it.
--
Maxim Dounin
http://mdounin.ru/
More information about the nginx
mailing list