Hi,
I have searched and was only able to get this partially to work
(probably because I do not understand the difference between the
NginxMailProxyModule and NginxMailCoreModule). My goal is to proxy
webmail, imap, and smtp to different servers based on an ldap lookup. I
currently have it working for imap and imaps by using Øyvind Kolbu’s
proxy_auth perl daemon. My config is at the end of this post. My
questions are:
-
How do I get smtp proxying to work. The authentication daemon
returns:‘auth-port’ => 25
‘auth-server’ => ‘10.1.2.50’
‘auth-status’ => ‘OK’
‘client-date’ => ‘Tue, 09 Feb 2010 19:55:10 GMT’
‘client-peer’ => ‘10.1.2.49:9000’
‘client-response-num’ => 1
on a smtp connection, but I still get authentication failed. Do I need
the NginxMailProxyModule? What is the correct config for this?
-
How do I get smtps to work with ssl between the client and nginx?
-
How do I proxy webmail to different servers based on an ldap lookup?
Any examples would be most appreciated.
Thanks in advance,
ski
nginx.conf
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
http server
server {
listen 80;
server_name mail.nsd.org;
location / {
root /opt/nginx/html;
index index.html index.htm;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /opt/nginx/html;
}
}
https server
server {
listen 443;
server_name mail.nsd.org;
ssl on;
ssl_certificate /etc/ssl/private/star_nsd_org.crt;
ssl_certificate_key /etc/ssl/private/star_nsd_org.key;
ssl_session_timeout 5m;
ssl_protocols SSLv2 SSLv3 TLSv1;
ssl_ciphers
ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
ssl_prefer_server_ciphers on;
location / {
root /opt/nginx/html;
index index.html index.htm;
}
}
}
mail {
auth_http 127.0.0.1:9000;
imap_capabilities “IMAP4rev1” “UIDPLUS”;
server {
listen 993;
server_name mail.nsd.org;
ssl on;
ssl_certificate /etc/ssl/private/star_nsd_org.crt;
ssl_certificate_key /etc/ssl/private/star_nsd_org.key;
ssl_session_timeout 5m;
ssl_protocols SSLv2 SSLv3 TLSv1;
ssl_ciphers
ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
ssl_prefer_server_ciphers on;
protocol imap;
proxy on;
}
server {
listen 25;
server_name mail.nsd.org;
protocol smtp;
proxy on;
}
}
nginx version: nginx/0.7.65
built by gcc 4.3.2 (Debian 4.3.2-1.1)
TLS SNI support enabled
configure arguments: --prefix=/opt/nginx
–conf-path=/opt/nginx/etc/nginx.conf
–error-log-path=/opt/nginx/var/log/error.log
–pid-path=/opt/nginx/var/run/nginx.pid
–lock-path=/opt/nginx/var/lock/nginx.lock
–http-log-path=/opt/nginx/var/log/access.log
–http-client-body-temp-path=/opt/nginx/lib/body
–http-proxy-temp-path=/opt/nginx/lib/proxy --with-debug
–with-http_stub_status_module --with-http_ssl_module --with-mail
–with-mail_ssl_module --with-http_perl_module
Posted at Nginx Forum: