Welcome! Log In Create A New Profile

Advanced

Mail proxy the destination server by ssl (Postfix)

Posted by Azusa Taroura 
Azusa Taroura
Mail proxy the destination server by ssl (Postfix)
February 13, 2018 08:50AM
Hi everyone, 
I’m trying to mail-proxy by ssl connection from the nginx server to the
postfix server.
Please let me ask some question.

SMTPS(465)->| nginx |--SMTPS(465)->| Postfix |

Question1:
I found this issue. The mail module cannot proxy to the destination server
by ssl, right?
https://forum.nginx.org/read.php?2,232147,232466#msg-232466


Question2:
I tried the another way to use the stream server, but I could not proxy
(The connection timeout is occurred.)

How can i fix it?

SMTPS(465)->| mail -> upstream(20465)| --SMTPS(465)->| Postfix |

<nginx.conf>
load_module "modules/ngx_stream_module.so";

worker_processes auto;
error_log /var/log/nginx/error.log warn;

events {
worker_connections 1024;
}
stream {
upstream smtps_server {
server postfix_server:465;
}
server {
listen 20465;
proxy_pass smtps_server;
proxy_ssl on;

proxy_ssl_certificate /etc/nginx/ssl/server.crt;
proxy_ssl_certificate_key /etc/nginx/ssl/server.key;
error_log /var/log/nginx/mail-tcp-proxy.log info;
}
}

mail {
auth_http localhost:80/auth/smtp;
proxy_pass_error_message on;
proxy on;
smtp_auth login plain;
xclient on;
server_name nginx_server;

server {
listen 25;
protocol smtp;
}
server {
listen 465;
protocol smtp;
ssl on;
ssl_certificate /etc/nginx/ssl/server.crt;
ssl_certificate_key /etc/nginx/ssl/server.key;
}
}


Thank you for your time.
Azusa Taroura

Posted at Nginx Forum: https://forum.nginx.org/read.php?2,278532,278532#msg-278532

_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
Maxim Dounin
Re: Mail proxy the destination server by ssl (Postfix)
February 13, 2018 01:50PM
Hello!

On Tue, Feb 13, 2018 at 02:39:10AM -0500, Azusa Taroura wrote:

> Hi everyone, 
> I’m trying to mail-proxy by ssl connection from the nginx server to the
> postfix server.
> Please let me ask some question.
>
> SMTPS(465)->| nginx |--SMTPS(465)->| Postfix |
>
> Question1:
> I found this issue. The mail module cannot proxy to the destination server
> by ssl, right?
> https://forum.nginx.org/read.php?2,232147,232466#msg-232466

Yes, only non-SSL backends are supported.

> Question2:
> I tried the another way to use the stream server, but I could not proxy
> (The connection timeout is occurred.)
>
> How can i fix it?
>
> SMTPS(465)->| mail -> upstream(20465)| --SMTPS(465)->| Postfix |

[...]

The configuration provided looks fine, at least I see no obvious
errors. Try looking into more details on where the timeout
occurs.

--
Maxim Dounin
http://mdounin.ru/
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
Azusa Taroura
Re: Mail proxy the destination server by ssl (Postfix)
February 20, 2018 08:40AM
Thank you for your reply!

Posted at Nginx Forum: https://forum.nginx.org/read.php?2,278532,278655#msg-278655

_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
Sorry, only registered users may post in this forum.

Click here to login