Forum: NGINX mail config auth_http

Announcement (2017-05-07): is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see and for other Rails- und Ruby-related community platforms.
Nginx L. (Guest)
on 2009-02-18 01:11

Is there a way to do the following

mail {

  auth_http auth.$HTTP_DOMAIN/auth/pop?;
        pop3_capabilities "TOP" "UIDL" "USER";

    listen 995;
    protocol pop3;
                proxy on;

    ssl on;
    ssl_certificate /dir/to/ssl.crt;
    ssl_certificate /dir/to/ssl.key;


were $HTTP_DOMAIN is parsed front the user ?

Maxim D. (Guest)
on 2009-02-18 02:34
(Received via mailing list)

On Wed, Feb 18, 2009 at 12:11:36AM +0100, Nginx L. wrote:

>     listen 995;
> }
> were $HTTP_DOMAIN is parsed front the user ?

No, auth_http doesn't support variables (and there are no plans).
You may try something like this though:

http {
    server {
        location = /auth/proxy {
            set $domain "default";

            if ($http_auth_user ~ "@(.*)$") {
                set $domain $1;

            # note: requires resolver defined or
            # upstream{} blocks for each possible hostname

            proxy_pass http://auth.$domain/auth/pop;

mail {

This will effectively introduce proxy authentication service
within nginx http module (at the cost of some extra sockets used).

BTW, in general the above method (delegating dirty work to http
module) is recommended one if you want something non-trivial.
E.g. auth backend load balancing and failover can be done easily this

Maxim D.
This topic is locked and can not be replied to.